Version: 7.11.6 NULLED
* Improvement: The vulnerability severity score (CVSS) is now shown with any vulnerability findings from the scanner
* Improvement: Changed several links during initial setup to open in a new window/tab so it doesn't interrupt installation
* Change: Removed the non-https callback test to the Wordfence servers
* Fix: Fixed an error on PHP 8 that could occur when checking for plugin updates and another plugin has a broken hook
* Fix: Added a check for disabled functions when generating support diagnostics to avoid an error on PHP 8
* Fix: Prevent double-clicking when activating 2FA to avoid an "already set up" error
* Improvement: Added feedback when login form is submitted with 2FA
* Fix: Restored click support on login button when using 2FA with WooCommerce
* Fix: Corrected display issue with reCAPTCHA score history graph
* Fix: Prevented errors on PHP caused by corrupted login timestamps
* Fix: Prevented deprecation notices on PHP 8.2 related to dynamic properties
* Change: Updated Wordfence registration workflow
Fix: Prevented scan resume attempts from repeating indefinitely when the initial scan stage fails
* Improvement: Added configurable scan resume functionality to prevent scan failures on sites with intermittent connectivity issues
* Improvement: Added new scan result for vulnerabilities found in plugins that do not have patched versions available via WordPress.org
* Improvement: Implemented stand-alone MMDB reader for IP address lookups to prevent plugin conflicts and support additional PHP versions
* Improvement: Added option to disable looking up IP address locations via the Wordfence API
* Improvement: Prevented successful logins from resetting brute force counters
* Improvement: Clarified IPv6 diagnostic
* Improvement: Included maximum number of days in live traffic option text
* Fix: Made timezones consistent on firewall page
* Fix: Added "Use only IPv4 to start scans" option to search
* Fix: Prevented deprecation notices on PHP 8.1 when emailing the activity log
* Fix: Prevented warning on PHP 8 related to process owner diagnostic
* Fix: Prevented PHP Code Sniffer false positive related to T_BAD_CHARACTER
* Fix: Removed unsupported beta feed option
Fix: Prevented XSS that would have required admin privileges to exploit (CVE-2022-3144)
* Improvement: Added option to start scans using only IPv4
* Improvement: Added diagnostic for internal IPv6 connectivity to site
* Improvement: Added AUTOMATIC_UPDATER_DISABLED diagnostic
* Improvement: Updated password strength check
* Improvement: Added support for scanning plugin/theme files in when using the WP_CONTENT_DIR/WP_PLUGIN_DIR constants
* Improvement: Updated GeoIP database
* Improvement: Made DISABLE_WP_CRON diagnostic more clear
* Improvement: Added "Hostname" to Live Traffic message displayed for hostname blocking
* Improvement: Improved compatibility with Flywheel hosting
* Improvement: Adopted semantic versioning
* Improvement: Added support for dynamic cookie redaction patterns when logging requests
* Fix: Prevented scanned paths from being displayed as skipped in rare cases
* Fix: Corrected indexed files count in scan messages
* Fix: Prevented overlapping AJAX requests when viewing Live Traffic on slower servers
* Fix: Corrected WP_DEBUG_DISPLAY diagnostic
* Fix: Prevented extraneous warnings caused by DNS resolution failures
* Fix: Corrected display issue with Save/Cancel buttons on All Options page
* Fix: Prevented errors caused by WHOIS searches for invalid values
* Improvement: Added option to toggle display of last login column on WP Users page
* Improvement: Improved autocomplete support for 2FA code on Apple devices
* Improvement: Prevented Batcache from caching block pages
* Improvement: Updated GeoIP database
* Fix: Prevented extraneous scan results when non-existent paths are configured using UPLOADS and related constants
* Fix: Corrected issue that prevented reCAPTCHA scores from being recorded
* Fix: Prevented invalid JSON setting values from triggering fatal errors
* Fix: Made text domains consistent for translation support
* Fix: Clarified that allowlisted IP addresses also bypass reCAPTCHA
* Improvement: Improved scan support for sites with non-standard directory structures
* Improvement: Increased accuracy of executable PHP upload detection
* Improvement: Addressed various deprecation notices with PHP 8.1
* Improvement: Improved handling of invalidated license keys
* Fix: Corrected lost password redirect URL when used with WooCommerce
* Fix: Prevented errors when live traffic data exceeds database column length
* Fix: Prevented bulk password resets from locking out admins
* Fix: Corrected issue that prevented saving country blocking settings in certain cases
* Change: Updated copyright information
* Improvement: Updated GeoIP database
* Improvement: Removed blocking data update logic in order to reduce timeouts
* Improvement: Increased timeout value for API calls in order to reduce timeouts
* Improvement: Clarified notification count on Wordfence menu
* Improvement: Improved scan compatibility with WooCommerce
* Improvement: Added messaging when application passwords are disabled
* Fix: Prevented warnings and errors when constants are defined based on the value of other constants in wp-config.php
* Fix: Corrected redundant escaping that prevented viewing or repairing files in scan results
Launch of Wordfence Care and Wordfence Response
* Improvement: Made preliminary changes for compatibility with PHP 8.1
* Change: Added GPLv3 license and updated EULA
* Fix: Prevented login errors with WooCommerce integration when manual username entry is enabled on the WooCommerce registration form
* Fix: Corrected theme incompatibilities with WooCommerce integration
* Improvement: Enhanced accessibility
* Improvement: Replaced regex in scan log with signature ID
* Improvement: Updated Knockout JS dependency to version 3.5.1
* Improvement: Removed PHP 8 compatibility notice
* Improvement: Added NTP status for Login Security to Diagnostics
* Improvement: Updated plugin headers for compatibility with WordPress 5.8
* Improvement: Updated Nginx documentation links to HTTPS
* Improvement: Updated IP address geolocation database
* Improvement: Expanded WAF SQL syntax support
* Improvement: Added optional constants to configure WAF database connection
* Improvement: Added support for matching punycode domain names
* Improvement: Updated Wordfence install count
* Improvement: Deprecated support for WordPress versions older than 4.4.0
* Improvement: Added warning messages when blocking U.S.
* Improvement: Added MYSQLI_CLIENT_SSL support to WAF database connection
* Improvement: Added 2FA and reCAPTCHA support for WooCommerce login and registration forms
* Improvement: Added option to require 2FA for any role
* Improvement: Added logic to automatically disable NTP after repeated failures and option to manually disable NTP
* Improvement: Updated reCAPTCHA setup note
* Fix: Prevented issue where country blocking changes are not saved
* Fix: Corrected string placeholder
* Fix: Added missing text domain to translation calls
* Fix: Corrected warning about sprintf arguments on Central setup page
* Fix: Prevented lost password functionality from revealing valid logins