Events Manager for WordPress http://wp-events-plugin.com Event Registration, Bookings, Calendars, Locations Sun, 10 Jun 2018 18:01:32 +0000 en-US hourly 1 https://wordpress.org/?v=4.9.6 17180428 Events Manager 5.9.4 & Pro 2.6.3.1 http://wp-events-plugin.com/blog/2018/06/10/events-manager-5-9-4-pro-2-6-3-1/ http://wp-events-plugin.com/blog/2018/06/10/events-manager-5-9-4-pro-2-6-3-1/#respond Sun, 10 Jun 2018 18:01:32 +0000 http://wp-events-plugin.com/?p=3240 Today’s release is a maintenance release following up last month’s release, which contained various privacy-related features for the European GDPR laws that came into force. Both updates fix a few issues that arose from consent boxes and different contexts where events, locations and bookings are submitted/edited. We’ve also ensured that

The post Events Manager 5.9.4 & Pro 2.6.3.1 appeared first on Events Manager for WordPress.

]]>
Today’s release is a maintenance release following up last month’s release, which contained various privacy-related features for the European GDPR laws that came into force.

Both updates fix a few issues that arose from consent boxes and different contexts where events, locations and bookings are submitted/edited. We’ve also ensured that anonymously submitted events that have attached locations will now store that information on both objects, allowing them to act independently from each other for exporting/erasing personal data.

Events Manager 5.9.4 Changelog

  • added em_rewrite_rules_array filter for final permalink rule manipulation
  • fixed privacy consent blocking certain actions such as single booking button and admin-side submissions
  • fixed fatal errors when showing the consent checkbox in WordPress 5.9.5 and earlier
  • fixed the quick booking button not working in ajax search results
  • fixed privacy policy consent form label not being translatable for multilingual sites
  • fixed inconsistent date headers in certain situations with UTC manual offset dates
  • fixed incorrect link to .eot dashicon file for IE11
  • added anonymous submitter data to locations for new event submissions and integrated this with GDPR export/erase tools
  • fixed location slug blanks when directly published from front-end via submitting an event
  • added default ical and rss feed limits to avoid overloading as number of events grow
  • corrected docs to include ‘recurrences’ search attribute
  • added timezone pre-formatting to functions that produced incorrect output for timezone date placeholders
  • fixed default categories not being applied for events with no categories
  • fixed locations being selectable for events in other blogs within a multisite global mode when locations don’t all reside on main blog

Events Manager Pro 2.6.3.1

  • fixed data privacy consent checkboxes showing on both individual event and checkout pages for multiple bookings

The post Events Manager 5.9.4 & Pro 2.6.3.1 appeared first on Events Manager for WordPress.

]]>
http://wp-events-plugin.com/blog/2018/06/10/events-manager-5-9-4-pro-2-6-3-1/feed/ 0 3240
Events Manager GDPR Releases (5.9.3 & Pro 2.6.3) http://wp-events-plugin.com/blog/2018/05/24/events-manager-gdpr-releases/ http://wp-events-plugin.com/blog/2018/05/24/events-manager-gdpr-releases/#respond Thu, 24 May 2018 04:01:39 +0000 http://wp-events-plugin.com/?p=3227 We have just released Events Manager 5.9.3 and Pro 2.6.3. The main aim of these releases is to integrate with the new privacy tools included in last weeks’ WordPress 4.9.6 release. As we announced a few weeks ago, we’ve been aware of the upcoming GDPR laws for some time now,

The post Events Manager GDPR Releases (5.9.3 & Pro 2.6.3) appeared first on Events Manager for WordPress.

]]>
We have just released Events Manager 5.9.3 and Pro 2.6.3. The main aim of these releases is to integrate with the new privacy tools included in last weeks’ WordPress 4.9.6 release.

As we announced a few weeks ago, we’ve been aware of the upcoming GDPR laws for some time now, as well as the work being done on WordPress in preparation for helping site owners become compliant in time before the law comes into effect. “In time” just so happens to be tomorrow (May 25th 2018)! We appreciate that this may be overwhelming for many, and we hope that these new tools make the process a little easier.

All of this will work out of the box when you update, the main part involving some work and consideration is the privacy policy which requires you to review our suggestions and amend if necessary.

Whilst this release is very close to the deadline (although if you check your inbox, it seems the whole world is too!), we do believe it was worth waiting to integrate as much as possible with WordPress’ tools rather than implementing our own GDPR tools. The overall experience for site owners will be a lot smoother with regards to EM and WP, as you only need to look in one place when required to export and erase personal data.

We recommend you check out our settings page documentation, we will also be putting together additional information and guidelines regarding considerations you want to make whilst planning your overall privacy strategy in relation to Events Manager.

Privacy Features

Today’s release provides control over exactly what personal data from Events Manager will get exported and erased by WordPress’ Privacy Tools in our settings page. When exporting someone’s personal data, it can also include Event, Location and Booking information. Moreover, this will also include all the information gathered by Pro features including:

  • payment transactions
  • attendee fields
  • custom booking form fields
  • custom user fields
  • multiple booking information
  • custom event emails within the user-owned events

We’ve additionally provided an easy way to add consent checkboxes to our forms that obtain user information.

Aside from that, Events Manager also integrates with WordPress’ privacy policy generator, so you can use the sample text we provide within your policy.

That’s it for now! As more features get added and there’s further clarification about some of the GDPR ambiguities, we’ll certainly adapt and provide more options to help you create GDPR rules that fit your requirements. We wish you luck with your GDPR preparations!

The post Events Manager GDPR Releases (5.9.3 & Pro 2.6.3) appeared first on Events Manager for WordPress.

]]>
http://wp-events-plugin.com/blog/2018/05/24/events-manager-gdpr-releases/feed/ 0 3227
Upcoming GDPR Compliance Laws http://wp-events-plugin.com/blog/2018/05/03/upcoming-gdpr-compliance-laws/ Thu, 03 May 2018 12:01:08 +0000 http://wp-events-plugin.com/?p=3221 We’d like to make an announcement regarding the upcoming GDPR deadlines and how we’re preparing for it. Update May 22nd 2018:  We expect to release an update today tomorrow, and whilst we’re cutting it pretty close, as it’s now taking its final shape the work involved to get ‘compliant’ will

The post Upcoming GDPR Compliance Laws appeared first on Events Manager for WordPress.

]]>
We’d like to make an announcement regarding the upcoming GDPR deadlines and how we’re preparing for it.

Update May 22nd 2018: 

We expect to release an update today tomorrow, and whilst we’re cutting it pretty close, as it’s now taking its final shape the work involved to get ‘compliant’ will likely be minimal. We’ll be hooking into WP’s export/erasure tools and insert checkboxes to the booking/event forms automatically.

The only initial action on your part is just revising your privacy policy which we’ll already generated text for if you’ve not created one yet. If you already have a policy, we’ll also add a sample of text on our release blog post.

In short, Events Manager (and Pro) is currently not  GDPR compliant, but it will be, and in time for the deadline.

What is the GDPR?

The internet is abuzz with a new acronym – GDPR. This is a new EU Regulation that will come into force on May 25th 2018, which expands on the previous EU Data Protection laws and imposes further responsibilities upon any website owner that interacts with EU users in any way where personal data is collected.

Whilst this doesn’t affect everyone in the world, it will affect the vast majority of websites that are open to the international public. This is particularly true for Events Manager, since information is collected from users any time an event is submitted or a booking is made. Unless you close your site to the whole of Europe, it’s likely you’ll need to be prepared for compliance.

Is WordPress GDPR compliant?

Well, the answer is the same as ours… not yet. The WP GDPR compliance team is made of some brave volunteers who have been hard at work discussing, planning and implementing these features for many months now. Today, a beta is scheduled for the 4.9.6 release with the focus on GDPR with an expected release date near the GDPR deadline.

Additionally, it’s worth noting that WordPress will never be ‘Compliant’ out-the-box. No plugin will automatically make your site GDPR compliant, as the burden lies on the website owner to ensure they meet the GDPR requirements. However, it will provide you with additional tools to allow you to comply with the GDPR requirements.

So… how is Events Manager preparing for GDPR compliance?

Like WordPress, we need to provide you with tools and information that’ll allow you to be GDPR compliant.

We are well aware of the upcoming WP GDPR implementation guideline and have been for some time now, following their progress. However, we have held back from implementing anything just yet as we’re keen to integrate with the upcoming GDPR compliance tools currently being produced for WordPress in general, rather than creating our own separate tools. We feel that the more we integrate with the core GDPR tools, the less confusing it’ll be for everyone.

We’re looking forward to exploring the upcoming betas and RC’s as we integrate and implement our own compliance measures to ensure you, our users, can meet your compliance requires as smoothly and painlessly as possible.

How is everyone else preparing for GDPR compliance?

You may be thinking that we’re all leaving this pretty close to the deadline. Well, we’re not alone here, and neither are you!

Take a look at your inbox for proof… You’re probably receiving an unusually high number of emails over the past and upcoming weeks from the various online services  you’re signed up to regarding updated privacy policies(including the big guys like Google, Twitter, Facebook et. al). Some do and some don’t mention the GDPR, but generally speaking, everyone is dotting their i’s and crossing their t’s weeks before the deadline arrives.

Stay tuned…

Over the coming weeks, we’ll be reviewing our plugin features and doing everything possible to ensure that you can use Events Manager and adhere to the new laws. We’ll be following up once this is ready.

 

The post Upcoming GDPR Compliance Laws appeared first on Events Manager for WordPress.

]]>
3221
Pro 2.6.2.1 fixes (more) authorize.net errors http://wp-events-plugin.com/blog/2018/05/02/pro-2-6-2-1-fixes-more-authorize-net-errors/ Wed, 02 May 2018 20:32:00 +0000 http://wp-events-plugin.com/?p=3217 We have made some additional fixes to 2.6.2 which was released a few hours ago, due to further unannounced changes by authorize.net to their platform which is causing online payments to fail when using their gateway with Events Manager Pro. We’ve reached out to authorize.net in the hopes that they

The post Pro 2.6.2.1 fixes (more) authorize.net errors appeared first on Events Manager for WordPress.

]]>
We have made some additional fixes to 2.6.2 which was released a few hours ago, due to further unannounced changes by authorize.net to their platform which is causing online payments to fail when using their gateway with Events Manager Pro.

We’ve reached out to authorize.net in the hopes that they will provide some sort of announcement to clarify why these changes were made and why developers (including ourselves) were not given prior warning, assuming this wasn’t simply an error on their part.

We apologize for any inconvenience caused, unfortunately this was out of our hands and we’ve remedied the situation as quickly as possible.

As mentioned in our earlier post, we don’t want to force customers with expired licenses to renew just for a trivial fix of this nature, so here’s the updated instructions to fix previous versions of Events Manager Pro:

  1. Visit this page, and save it to your computer (which should save as file cert.pem)
  2. Upload the file to your site within the Events Manager Pro plugin folder, replacing the file /add-ons/gateways/anet_php_sdk/lib/ssl/cert.pem
  3. Change line 45 in /add-ons/gateways/anet_php_sdk/lib/AuthorizeNetAIM.php so the URL on that line becomes https://secure2.authorize.net/gateway/transact.dll
  4. Change lines 20 and 21 on/add-ons/gateways/anet_php_sdk/lib/AuthorizeNetSOAP.php so that the URLS become https://api2.authorize.net/soap/v1/Service.asmx?WSDL and https://api2.authorize.net/soap/v1/Service.asmx respectively.

 

The post Pro 2.6.2.1 fixes (more) authorize.net errors appeared first on Events Manager for WordPress.

]]>
3217
Pro 2.6.2 Release fixes authorize.net errors http://wp-events-plugin.com/blog/2018/05/02/pro-2-6-2-release-fixes-authorize-net-errors/ Wed, 02 May 2018 14:21:31 +0000 http://wp-events-plugin.com/?p=3215 We’ve pushed out an urgent update today for the Pro plugin, which specifically updates an SSL certificate within our plugin that is causing issues with booking events and paying with Authorize.net. This is a required update for anyone using Authorize.net for payments. However, for those with expired licenses who do

The post Pro 2.6.2 Release fixes authorize.net errors appeared first on Events Manager for WordPress.

]]>
We’ve pushed out an urgent update today for the Pro plugin, which specifically updates an SSL certificate within our plugin that is causing issues with booking events and paying with Authorize.net.

This is a required update for anyone using Authorize.net for payments. However, for those with expired licenses who do not wish to renew, for whatever reason, we do not consider this update as a ‘reason to renew’ (whilst we’d love it if you do!) and we’d like to share how to fix this yourself with some easy steps:

[edit: 2018-05-02 22:32PM CET – please update to 2.6.2.1 and view our follow-up post for updated instructions]

  1. Visit this page, and save it to your computer (which should save as file cert.pem)
  2. Upload the file to your site within the Events Manager Pro plugin folder, replacing the file /add-ons/gateways/anet_php_sdk/lib/ssl/cert.pem

These two steps will fix connection issues to the Authorize.net service.

We apologize for the inconvenience caused. Upon further investigation, this seems to be a change that Authorize.net implemented on May 1st 2018 yet failed to announce it (they usually announce breaking changes of this kind months ahead of time), and has caught a lot of their customers by surprise.

The post Pro 2.6.2 Release fixes authorize.net errors appeared first on Events Manager for WordPress.

]]>
3215
Events Manager 5.9.2 and Pro 2.6.1 Released http://wp-events-plugin.com/blog/2018/04/02/events-manager-5-9-2-and-pro-2-6-1-released/ Mon, 02 Apr 2018 11:57:37 +0000 http://wp-events-plugin.com/?p=3211 This is a maintenance release that mainly fixes some timezone issues revolving around PHP 5.2 and also manual offsets. Events Manager 5.9.2 Changelog fixed some instances where PHP 5.2 outputs incorrect times due to other plugins changing server timezones fixed scope issues with PHP 5.2 when calculating start/end of month

The post Events Manager 5.9.2 and Pro 2.6.1 Released appeared first on Events Manager for WordPress.

]]>
This is a maintenance release that mainly fixes some timezone issues revolving around PHP 5.2 and also manual offsets.

Events Manager 5.9.2 Changelog

  • fixed some instances where PHP 5.2 outputs incorrect times due to other plugins changing server timezones
  • fixed scope issues with PHP 5.2 when calculating start/end of month dates
  • fixed potential issues with manual offsets when other plugins change server timezones whilst saving events, particularly in PHP 5.2
  • added EM_CACHE constant which if defined as false will disable caching
  • fixed issues when changing times of an EM_DateTime object with large manual offset timezones may cause incorrect dates (fixes some weekly recurrence pattern issues)
  • added notice when viewing bookings made in another language
  • added booking admin table column for language used in booking
  • fixed some minor PHP notices preventing event submissions/edits with a new location if display_errors are enabled
  • updated EM_Notices to use new class names for notices output in WP Dashboard
  • added filters for all post type and custom taxonomy arrays used in initial post type and custom taxonomy registration functions (see em-posts.php)

Events Manager Pro 2.6.1 Changelog

  • fixed manual bookings not adding correct new user information when name/email/profile fields are set to not be displayed or editable
  • fixed reminder emails not getting translated into booked language
  • fixed minor PHP warning on transactions table when no transactions to display

The post Events Manager 5.9.2 and Pro 2.6.1 Released appeared first on Events Manager for WordPress.

]]>
3211
Events Manager 5.9.1 http://wp-events-plugin.com/blog/2018/03/25/events-manager-5-9-1/ Sun, 25 Mar 2018 18:33:13 +0000 http://wp-events-plugin.com/?p=3208 We released Events Manager 5.9 three days ago, which introduced Timezone support as a new feature. This was a pretty big shift under the hood with regards to how we calculate times. Whilst we’ve had beta versions of this new feature since late last year, it’s pretty much impossible to

The post Events Manager 5.9.1 appeared first on Events Manager for WordPress.

]]>
We released Events Manager 5.9 three days ago, which introduced Timezone support as a new feature. This was a pretty big shift under the hood with regards to how we calculate times.

Whilst we’ve had beta versions of this new feature since late last year, it’s pretty much impossible to test every server setting, plugin/theme and EM settings combination and consequently once released to the general public we started experiencing various issues with regards to the new features when running under specific settings/servers.

Thankfully, those experiencing issues are in the minority and none of these are issues we’ve come across so far can’t be resolved. We’ve been hard at work this weekend collaborating with various users who reported these issues to make the necessary tweaks.

The two major areas causing problems have been:

  • Users running plugins that change the server default timezone and not switching it back, resulting in event times being displayed (but not saved) as a few hours off. WordPress switches the timezone to UTC by default.
  • Multisite admins that update the plugin and directly proceed to visit the ‘Update Blogs’ page experienced ‘missing’ events. Visiting subsite admin pages after updating the plugin does not cause this.

In both cases, we’ve fixed the problem by mitigating the possibility of other plugins interfering and by adding some tools for network admins to set things right.

For those who upgraded to 5.9 and experienced the MultiSite issue, you’ll be asked to run the timezone reset feature from Network Admin > Events Manager  > Admin Tools. Simply choose ‘All Blogs’ to apply the reset to, and click the ‘Reset Timezones’ button, and all events should reappear on all your sites. If you have lots of sites (we tested on an install with 98 sites) this may take a while and if your server times out, don’t worry, you can visit the reset function again and you can choose to resume where it left off.

We’d like to thank all the users on the support forums that worked with us to help us reproduce the problem ourselves, and hope that now everyone can enjoy the use of timezones on Events Manager!

Project Gutenberg

Whilst we were at it, we snuck in a little side-feature among other fixes/tweaks… support for Gutenberg! If you are testing out the new editor that’ll soon be part of WordPress, try adding this line to your wp-config.php file:

define('EM_GUTENBERG', true);

As the time draws nearer to release, we’ll look at making the meta boxes look more inline with the editor styling, but for now, all the EM features are at least available in the Gutenberg editor.

Changelog

As usual, here’s the changelog breakdown:

  • fixed the & operator in category search attribute not working correctly in MultiSite Global Tables mode
  • added fix/workaround for any code that changes the timezone from WP’s UTC timezone during runtime
  • fixed multisite upgrade issues with timezones
  • added option to reset timezones for all blogs on multisite and also reset each blog to its individual WP timezone
  • changed default subscriber capabilities so they can’t submit events by default
  • added option to resume failed timezone resets on multisite blogs
  • added upgrade warning for multisite users who upgraded to 5.9 and had timezone update errors
  • fixed (deprecated with backward compatibility) shorthand EM_Booking object properties such as ‘status’ not having values after 5.9 update
  • fixed recurrence pattern date miscalculations on sites where a plugin/theme changes the default server timezone after WP sets it to UTC
  • added gutenberg support with define(‘EM_GUTENBERG’, true); defined in wp-config.php
  • fixed new tickets not being added to previously created recurring event where bookings were previously disabled
  • added tweaked EM_DateTime functionality so functions that might return false in DateTime set valid property to false before returning object for chaining

The post Events Manager 5.9.1 appeared first on Events Manager for WordPress.

]]>
3208
Events Manager 5.9, Pro 2.6 Released http://wp-events-plugin.com/blog/2018/03/23/events-manager-5-9-pro-2-6-released/ Fri, 23 Mar 2018 07:47:57 +0000 http://wp-events-plugin.com/?p=3205 We’re happy to announce the arrival of our new updates, which finally introduces timezone support as an official feature! We’ve been working on and refining this new feature since late last year. Given that it’s a big shift on how we handle dates and times internally it’s a big change

The post Events Manager 5.9, Pro 2.6 Released appeared first on Events Manager for WordPress.

]]>
We’re happy to announce the arrival of our new updates, which finally introduces timezone support as an official feature! We’ve been working on and refining this new feature since late last year. Given that it’s a big shift on how we handle dates and times internally it’s a big change under the hood. See our new documentation page for more information about timezone support.

We’ve had a working dev version out for everyone to test with for the past few months and we’ve had the chance to see it in action on many websites, we’re pretty confident that this new update will go smoothly for the vast majority. For those that do experience any update issues, particularly about how event times are displayed on your event pages, we’re keeping a close eye on both the free and Pro support forums for update-related issues including over the weekend.

Whilst a seemingly trivial feature, this opens up some powerful possibilities, and one thing we’re working on already (and in fact nearing final stages of releasing a beta) is an importer/exporter plugin, which currently imports events from FaceBook, Meetup.com, CSV and iCal imports from multiple sources. One nagging issue blocking progress when importing events from around the world was… timezones! Now that’s out the way, we expect to polish up this new add-on and we’ll release it as a closed beta to Pro customers in the coming weeks.

We hope you enjoy this new feature, and look forward to your feedback! Here’s a list of changes made to both plugins in the latest releases:

Events Manager 5.9 Changelog

  • added timezone support
  • added new admin notice interface objects
  • added new EM_Options option storage class
  • fixed some PHP strict warnings regarding parent/child class method signatures
  • fixed taxonomy pagination issues in AJAX (affecting tags specifically)
  • fixed shortcode not getting parsed properly due to fix in 5.8.1.1 attempting to parse shortcode with supplied formats
  • fixed non-standard YYYY-M-D date formats not being accepted in scope arguments
  • improved multisite blog update interface
  • added modular update logic to admin pages for future features
  • further hardening against sanitizing potential XSS strings
  • fixed non-standard YYYY-M-D date formats not being accepted in scope arguments
  • fixed duplicate slug issues when duplicating events
  • removed all references of create_function for php 7.2 compatibility
  • fixed documented ‘postcode’ search attribute not filtering results by that value
  • fixed event duplication not copying other plugin meta data, such as ACF
  • fixed EM_Bookings::get() producing SQL error if passing an array of booking IDs
  • added em_event_post_scope_meta_query filter for admin-side custom scopes
  • fixed bug where blank start/end times of tickets and booking cut-offs default to 12AM instead of event start time
  • fixed preview mode not reflecting new event description
  • fixed broken ical permalinks for individual subcategories
  • changed recurrence warning strips from green to orange/blue at top of admin pages
  • added ‘ticket total’ column to bookings export and split ‘ticket price’ from ‘total’ booking price when exporting split by ticket type
  • fixed issues with caching not getting updated other plugins data such as ACF and possibly others
  • fixed issue where logged out user didn’t see login feedback message on booking form under certain setting combinations
  • added EM_ML::restore_current_lang and EM_ML::switch_to_lang functions
  • fixed language detection of bookings not being done early enough

Events Manager Pro 2.6 Changelog

  • reduced number of redundant booking form SQL calls on booking admin pages
  • optimized pending counts of bookings for gateways by avoiding loading/looping through all bookings and using SQL queries instead
  • made adjustments for timezone changes in EM
  • fixed custom event emails of a translation getting deleted in WPML when saving the original translation
  • fixed various PHP warnings/notices and PHP 7.2 compatibility issues
  • fixed partial refunds in paypal sending a ‘pending’ email
  • fixed ‘resume payment’ button for paypal in MB mode not including all events booked at once
  • changed all recaptcha on booking forms to v2 without the need for a SDK requiring higher PHP versions than WP minimum
  • fixed minor coupon rounding issue in description text
  • fixed attendee emails not getting sent to logged in users when booking forms have non-editable user fields
  • fixed duplicate custom email and coupon records in recurrences resulting in incorrectly saved data
  • renamed recaptcha form editor private/public key labels to match site/secret key labels on recaptcha admin site
  • optimized transactions lookup for bookings with a specific ticket
  • fixed some inconsistencies when saving checkboxes and other multiple choice attendee form fields with HTML entities
  • fixed multiple selection user fields not being saved to user account during a booking and only to booking object
  • added option to reserve bookings pending payment on PayPal
  • fixed anonymous@ emails being cc’d in admin emails when Multiple Bookings mode is active
  • fixed custom emails for offline gateway not defaulting to the custom ‘pending’ template if a custom ‘awaiting payment’ template not defined
  • fixed unexpected behaviour when pressing back button from paypal and attempting to submit a second time
  • fixed coupon code issues derived from duplicate codes by preventing creation of non-unique coupon codes
  • fixed coupons and gateway options appearing in certain instances when an event is free
  • added price adjustment calculation functions for single bookings within a multiple booking instance to allow calculation of proportional totals after discounts/surcharges applied to overall booking
  • fixed ‘Total Paid’ booking table field showing 0 when in Multiple Bookings mode
  • fixed various multilingual and cascading/precedence issues with custom emails
  • removed EM_Custom_Emails_Admin get_gateway_default_values()/get_gateway_mb_default_values() and unified in get_default_email_values(),
  • tweaked custom emails so offline gateway ‘pending’ custom email will be used if no gateway ‘awaiting offline’ template is defined,
  • added pending Multiple Booking email template,
  • changed option dbem_multiple_bookings_contact_email_subject/body to dbem_multiple_bookings_contact_email_confirmed_subject/body,
  • fixed potential WPML multilingual issues with saving certain setting pages when in another language

The post Events Manager 5.9, Pro 2.6 Released appeared first on Events Manager for WordPress.

]]>
3205
Events Manager 5.8.1.2 Security Release http://wp-events-plugin.com/blog/2018/01/15/events-manager-5-8-1-2-security-release/ Mon, 15 Jan 2018 01:00:29 +0000 http://wp-events-plugin.com/?p=3195 Edit: 5.8.1.3 was released fixing a minor display bug that arose from the latest update, but has no relation to this security fix. Our latest 5.8.1.2 release is a security update (along with some minor bugfixes) due to a potential Stored XSS vulnerability which was discovered over the course of

The post Events Manager 5.8.1.2 Security Release appeared first on Events Manager for WordPress.

]]>
Edit: 5.8.1.3 was released fixing a minor display bug that arose from the latest update, but has no relation to this security fix.

Our latest 5.8.1.2 release is a security update (along with some minor bugfixes) due to a potential Stored XSS vulnerability which was discovered over the course of this weekend. This can considered a medium to high severity under certain circumstances, although there are no known cases of this exploit being used.

Any sites that allow guests or non-trusted users to submit events and locations should consider upgrading as soon as possible. Those that do not accept user event and location submissions should not be affected.

The latest update does not include any of the planned timezone features we have posted about recently, as this is still undergoing testing and debugging and is not yet ready for stable release. Those who may be running our latest dev version with timezones should upgrade to dev version 5.8.1.22 as well, which has also been patched.

We would like to thank Luigi Gubello for responsibly disclosing the vulnerability, who will follow-up with an official disclosure in four weeks.

Whilst this isn’t an exploitable vulnerability in WordPress itself, there are potential scenarios where this same vulnerability could be used (we aren’t aware of any, this is hypothetical). We are also liasing with the WordPress Security team to understand whether there are other potential implications for other plugins and/or theme and will also follow-up accordingly if necessary.

For security reasons, we’re not disclosing further information at this time, so that we can give time for the WordPress Security team to investigate the underlying causes as well as to minimize the potential exploitation of this vulnerability, giving time for everyone to update as soon as possible.

We apologize for any inconvenience caused, we take security and every security report very seriously. We will give any discovered vulnerability our full attention and priority all else with prompt updates to ensure your safety.

The post Events Manager 5.8.1.2 Security Release appeared first on Events Manager for WordPress.

]]>
3195
Timezone support now available! http://wp-events-plugin.com/blog/2017/12/13/timezone-support-now-available/ http://wp-events-plugin.com/blog/2017/12/13/timezone-support-now-available/#comments Wed, 13 Dec 2017 17:52:17 +0000 http://wp-events-plugin.com/?p=3185 We’ve just released our latest beta/dev version for the upcoming release of 5.8.2, which includes the much-anticipated timezone support, allowing different events to have different timezones! We ask that anyone that has a staging server, or a local install to please try it out and let us know if you

The post Timezone support now available! appeared first on Events Manager for WordPress.

]]>
We’ve just released our latest beta/dev version for the upcoming release of 5.8.2, which includes the much-anticipated timezone support, allowing different events to have different timezones!

We ask that anyone that has a staging server, or a local install to please try it out and let us know if you experience any issues. Since we’re adding new fields to the database and UTC-based start/end times for previous events, we’d be interested to know of any issues experienced during the upgrade. We also certainly recommend backing up before upgrading, although any database modifications are completely backwards compatible with older versions.

You can install dev versions directly from your WordPress site, much like a regular update.

Timezone support will seem like a relatively subtle change from the outside (and it should just ‘work’), but from coding/architecture standpoint, it is another important building block to the foundation of the plugin that opens doors to other possibilities. We have already written a somewhat lengthy documentation article describing the changes for developers.

One major improvement out-the-gate is within event lists and displaying future/past events. Previous versions of Events Manager have always shown future events only taking dates into consideration, whereas now events that started a minute earlier (wherever in the world it may be) will now automatically be removed from that list and would appear on lists showing past events. Another important feature that will be coming soon (and is already in alpha stages – lack of timezone awareness was a blocker) is an importer/exporter which will be able to take timezones into consideration as well.

We’re really excited to get this feature out the gate and move onto even cooler features! Given the subtle yet fundamental changes to the plugin in this release, whilst this has already gone through extensive testing, we’re going to hold off until right after Christmas holidays before releasing an update.

Happy Holidays!

The post Timezone support now available! appeared first on Events Manager for WordPress.

]]>
http://wp-events-plugin.com/blog/2017/12/13/timezone-support-now-available/feed/ 7 3185