iThemes Security Pro

WP iThemes Security Pro 7.3.0 Nulled

No permission to download
New Feature: Add support for CloudFlare Turnstile and hCaptcha. Learn More: New Turnstile and hCaptcha Support in Security Pro 7.3
Enhancement: Add support for logging in with Discoverable Passkeys.
Bug Fix: Update Password Strength library to the latest version. This fixes discrepancies between the realtime password strength estimation and the enforced password strength.
Bug Fix: Upgrade the iThemes Updater to 1.7.2 to fix PHP 8 issues.
Note: Remove Grade Report.
New: Passwordless Login can now be setup from the frontend of your website. Use the new iThemes Security block in the Block Editor or the [itsec_passwordless_login_settings] shortcode.
Tweak: Don't show "Ban" buttons in Security Dashboard if the user won't be able to create a ban.
Bug Fix: Prevent Headers Already Sent warning when a lockout occurs during a WP Cron request on some server setups.
Bug Fix: Manually load Sodium Polyfill for servers that have an older version of libsodium installed.
Bug Fix: Error when saving the File Change settings when the "notify_admin" setting was set.
Security: Add support for encrypting Two-Factor Mobile App secrets. Enable via Tools -> Set Encryption Key.
Security: Deprecate Automatic Proxy Detection. Instead, manually configure Proxy Detection or use Security Check. Fix IP spoofing attacks.
Enhancement: Add "Ban Lockout" button to the Active Lockouts card.
Tweak: Delete passkeys that have been in the "trash" for seven days.
Bug Fix: File Logs not rotating.
Bug Fix: MaxMind DB Lite not being automatically refreshed.
Bug Fix: PHP warning when loading Icon Fonts in certain configurations.
7.2.1 - 2022-09-16 - Timothy Jacobs, Lisa Canini, Jared Hill
Bug Fix: Fatal error when running on a site with an unprefixed version of Pimple or Psr/Container that was loaded before iThemes Security.
Important: iThemes Security now requires PHP 7.3 and WordPress 5.9 or later.
New: Introducing passkeys for Passwordless Login! Users can log into their site using biometrics like Face ID, Touch ID, or Windows Hello. Enable the new "Passkeys" module to add it as a Passwordless Login method.
Bug Fix: Preliminary PHP 8.1 compatibility.
Tweak: Schedule the Automatic Updater to run 5 minutes after a Site Scan finds Vulnerable Software.
Bug Fix: Help styling on WordPress 5.9.
Bug Fix: Compatibility with plugins that expected a logged-in user during lockouts.
Bug Fix: Error when visiting the Notifications page after activating a module with notifications for the first time.
Bug Fix: Update deprecated withState usages to useState.
Bug Fix: Set a default value for the Notification User Roles control.
Important: iThemes Security now requires WordPress 5.8 or later.
New Feature: Introduce a new Import Export feature that allows for greater customization and flexibility.
Bug Fix: Scroll to top of window when navigating.
Bug Fix: Allow searching for Password Requirements.
Bug Fix: Login page would be blank when Passwordless Login was configured to use the "Username First" flow.
Bug Fix: Don't load WordPress and System Tweaks modules when the `ITSEC_DISABLE_MODULES` constant is enabled.
Bug Fix: Prevent incidentally loading the Two-Factor module when it is unregistered.
Bug Fix: Conditionally display the NGINX File Path setting.
Bug Fix: Allow saving Notifications when "default recipients must contain at least 1 item" error is present.
Bug Fix: Prevent Password Requirements being re-enabled if they were disabled before upgrading to iThemes Security 7.0, but had a group selected for them.
Bug Fix: Arguments to the implode function were reversed, causing a Fatal Error on PHP 8.
Bug Fix: Allow installing on WordPress 5.7.0, not just 5.7.1+.
Bug Fix: Ensure values passed to the TextareaListControl is an array.
Bug Fix: Don't run the dashboard migration if unneeded.
Bug Fix: Labels for Disable PHP Execution in Plugins and Themes were reversed.
Bug Fix: Activate the Geolocation module if Trusted Devices provided Geolocation API keys.
Enhancement: Add support for updating a plugin/theme directly from the Site Scanner vulnerability details page.
Tweak: Update site scanner notification language to be less alarming.
Tweak: Change insensitive language to be more inclusive.
Enhancement: Add super admins as a selectable role for User Groups.
Enhancement: Add reCAPTCHA to the Reset Password form.
Enhancement: Add support for resending a Two-Factor Email code.
Enhancement: Add support for resending a Passwordless Login email.
Enhancement: Allow selecting users across all sites in a network for User Groups, Security Profile cards, and User Security Check.
Enhancement: Include all super admins by default in the Security Profile card, even if they are not a member of the network's main site.
Enhancement: Display all of a user's roles in the Security Profile card.
Enhancement: When logging in with Passwordless Login, skip Two-Factor if the primary Two-Factor method is Email.
Enhancement: Force a space after each Two-Factor Backup Code to assist with copying and pasting.
Enhancement: Include the website URL in the download file for Two-Factor Backup Codes.
Enhancement: Add a warning if a WordPress Salt is set to an invalid value.
Enhancement: Allow re-entering the Two-Factor Onboard flow even after Two-Factor is setup by visiting /wp-login.php?itsec_after_interstitial=2fa-on-board directly.
Enhancement: Add a new WP CLI command for managing user Two-Factor enrollment.
Enhancement: Add a new WP CLI command for retrieving logs.
Enhancement: Include child log items in the logs list table. These are helpful for debugging issues.
Enhancement: Improve performance of the logs page on sites with large number of log items.
Tweak: Only show Lockout Bypass Magic Link for valid users.
Tweak: When logging $_SERVER, only log a snapshot of available properties.
Bug Fix: New Password Requirements for already created accounts were not enforced until the second login.
Bug Fix: User Security Check would not display in Multisite.
Bug Fix: Prevent fatal error if invalid user IDs are encountered by User Groups.
Bug Fix: Infinite loop when trying to use Application Passwords on Multisite.
Bug Fix: User Logging did not correctly capture the user id of the logged-out user on WordPress 5.3.
Bug Fix: Warnings when doing a settings import.
Deprecated: The "getlockouts", "releaselockout", and "getrecent" WP CLI commands. Use the "lockout" and "log" commands instead. They will be removed in a future release.
732Threads
2,288Messages
64,115Members
milonxLatest member
Back