Fix – (i18n) Resolve translation / text-domain Plugin Check findings
Fix – (Security) Add direct file access protection to 31 PHP files
Fix – (Security) Replace discouraged functions with WP wrappers
Fix – (readme) Correct Tested-up-to and Stable-tag headers
Fix – (datetime) use gmdate() instead of date()
Fix – (pcp) Document non-enqueued scripts/styles in standalone render & email
Fix – (copy) Drop specific “50% discount” claim from Lite upgrade prompts
Fix – (security) Escape translated output with esc_html_e()
Fix – (security) Escape unescaped output
Fix – (links): repoint inline-help upgrade CTA from the now auth-gated app.rafflepress.com/downloads to the public rafflepress.com/lite-upgrade/?discount=LITEUPGRADE (discount + UTM preserved)
Fixed – Unauthenticated XSS bug on Social Media Actions(Pinterest, TikTok, LinkedIn, WhatsApp & Twitch)
Fixed – Duplicate Weekly Email Notifications with Incorrect Data
Fixed – Debug Section CSRF Issue & Improved Design
Added: WhatsApp Entries
Fix: CSRF & Broken Access Control Vulnerabilities in Giveaway Creation
Added – Disable notification toggle
Fix – Patched bug reported by Dmitrii Ignatyev of Cleantalk
Fix – Added token to verify an action is from the correct contestant
Fix – Readme file text updates
Added – Ability to exclude X-Forward headers
Added – Image URL to exports
Fixed – Image entry pagination