Version 3.10.0

• Fix: Improve PHP 8.1 compatibility by updating filter_*() calls referencing FILTER_SANITIZE_STRING (issue #1422).
• Fix: prevent PHP deprecation warning when checking for the Stream settings page requests (issue #1440).
• Fix: Add the associated post title to comment events (issue #1430).
• Fix: Use the user associated with a comment instead of the current logged-in user when logging comments (issue #1429).
• Fix: Prevent PHP warnings when no Lead ID present for a Gravity Forms submission (issue #1447).
• Fix: Remove support for legacy WordPress VIP user attribute helpers get_user_attributes(), delete_user_attributes() and update_user_attributes() (issue #1425).
• Development: Document the process for reporting security vulnerabilities (issue #1433).
• Development: Mark as tested with WordPress version 6.3.

Full change log 3.9.3...3.10.0

Version 3.9.3

What's Changed

• Fix: [Security] CVE-2022-43450: Check for capabilities in 'wp_ajax_load_alerts_settings' AJAX action before loading alert settings, props @Lucisu via Patchstack. 1432
• Fix: [Security] CVE-2022-43490: Temporarily remove uninstall flow to avoid inadvertent uninstallation of the plugin, props @Lucisu via Patchstack. #1435
• Development: Mark as tested with the latest version 6.2 of WordPress. #1436

Full Changelog: 3.9.2...3.9.3

Version 3.9.2

• Fix: Check authorization on 'save_new_alert' AJAX action #1391, props marcS0H (WPScan)
• Development: Mark as tested with the latest version 6.1 of WordPress.
• Development: Update development dependencies.

Version 3.9.1

• Fix: PHP 8 compatibility for widget connector #1294, props @ParhamG
• Development: Mark as tested with the latest version 6.0 of WordPress.
• Development: Update development dependencies.

Version 3.9.0

• Fix: Track changes to posts when using the block editor by making the Posts connector to run on both frontend and backend requests since block editor changes happen over the REST API #1264, props @coreymckrill.
• Fix: Don't store empty log event parameters #1307, props @lkraav.
• Development: Adjust the local development environment to use MariaDB containers for ARM processor compatabilty.

Version 3.8.2

This release contains an important security fix for authenticated users when viewing the Stream records.

• Security: Ensure the value of order query parameter forwarded to the database query when viewing the Stream records in the WordPress admin is either ASC or DESC. Previously it passes the whole value of order filtered through esc_sql().

Version 3.8.1

• Fix: Ensure Stream database tables are present on all WP admin requests to help with installations where the plugin activate hook never runs #1286, props @tomjn.

Version 3.8.0

• Fix: PHP 8.0 compatibility #1272, props @cjhaas.
• Development: Update development dependencies and introduce PHPCompatibility checker as part of the automated checks.

Version 3.7.0

• Fix: Exclude records when all conditions match instead of just one #1242, props @kidunot89 and @esausaravia
• Fix: Store the correct blog ID on the network admin exclude screen #1259, props @dd32
• Fix: Ensure all blogs on the network are listed instead of just the top 100 #1258, props @dd32
• Fix: Add highlight color in list table #1246, props @ocean90
• Fix: Settings page defaults repatched #1236, props @kidunot89
• Development: Added unit tests for BuddyPress #1211, WooCommerce #1199, Media #1154, Jetpack #1153, Gravity Forms #1139 abd bbPress connector classes #1120, props @kidunot89

Version 3.6.2

• Fix: revert #1159 which caused a PHP error in the previous release.