iThemes Security Pro was updated to version 5.1.3, from version 5.0.2. Changelogs:
- Bug Fix: iThemes Licensing: Fixed fatal error that could occur when clicking the “View details” link for an available plugin update.
- Tweak: Two-Factor Flow: Allow the user to proceed after downloading or copying the backup codes without dismissing the notice.
- Tweak: File Change: Only scan a maximum of 10 plugins in a single chunk.
- Tweak: File Change: Move “latest_changes” entry to a separate storage bucket to improve performance on large sites.
- Bug Fix: Fix error on Multisite settings page when Two-Factor is not enabled.
- Bug Fix: Properly enforce strong passwords when on the WP Login Reset Password page.
- Bug Fix: Fix clearing or previous file scans results.
- Bug Fix: iThemes Licensing: Fixed the “View details” link failing to work properly after updating.
- Bug Fix: iThemes Licensing: Fixed an issue that could cause data changes to not save properly on specific background page requests.
- Bug Fix: iThemes Licensing: Added a compatibility fix to avoid conflicts with plugins that change the plugin_action_links filter value from an array to a string.
- Compatibility Fix: iThemes Licensing: Updated handing of wp_remote_get() response due to changes documented in https://core.trac.wordpress.org/ticket/33055.
- Enhancement: iThemes Licensing: Added ability to manage licensing from WP-CLI.
- Enhancement: Allow for customizing access to the Application Passwords feature.
- Misc: Added comment to prevent Tide from marking the plugin as not compatible with PHP 5.3.
- Tweak: Differentiate between “Enforced Two-Factor” and “Configured Two-Factor” in User Security Check.
- Bug Fix: Improve clearing of previous File Change file hashes.
- Bug Fix: Internal links to a filtered logs page.
- Bug Fix: Prevent duplicate “user-logged-in” log items when logging-in with Two Factor.
- Bug Fix: Prevent multiple session tokens from being created when logging-in with Two Factor.
- Bug Fix: Prevent missing provider information when logging a successful Two Factor authentication.
- Bug Fix: Fixed incorrect detail text for Local Brute Force Protection on the Grade Report.
New Feature: Add Two-Factor On-Board flow.
Enhancement: Support disabling enforced Two-Factor the first time a user logs-in.
Enhancement: Introduced Login Interstitial framework to consolidate code between Password Requirements & Two Factor.
Bug Fix: Resolve warnings when upgrading file change settings.
Bug Fix: Allow read-only Application Passwords to make HEAD requests.