WishList Member

WishList Member 3.34.0

No permission to download
Features

Keep accepting webhooks from payment integrations (Stripe, Recurly, Authorize.net, Plug&Paid, PayPal Express Checkout/Pro) that were already active before this update but haven’t finished webhook verification setup, with an admin reminder to finish setup — newly activated integrations still require verification before their webhooks are accepted

Bug Fixes

Restore API authentication for named keys (ThriveCart, Digistore24, SamCart), fixing a 3.33.0 regression that only accepted the master key
Require a confirmed click before unsubscribe/resubscribe links take effect, so email security scanners and link previews can no longer unsubscribe members automatically
Fix a white screen on every admin page caused by a corrupted license retry count on PHP 8
Prevent large page-builder pages (e.g. Bricks) from loading blank when PayPal Express Checkout is active
Fix Stripe Connect webhooks being rejected after connecting or refreshing credentials, which could leave canceled subscriptions active; the Refresh Stripe Credentials button is now available for all connected accounts
Hardened the random secret generator used by some payment integrations to improve secret strength
Features

Add PayPal Complete Payments (PPCP) as a new payment gateway
Jump to any WishList Member admin screen straight from the WordPress command palette
Add membership protection support for the Divi 5 builder
Show refund and coupon details on Stripe invoice views

Bug Fixes

Reactivate expired members when they are re-added through Zapier
Keap: honor your level cancellation settings when recovering subscription status, and restore recurring status for inactive orders
Restore the WishList Member protection box on LearnDash courses, lessons, and other LearnDash content
Stop protecting media attachments when file protection is unavailable on your server, so downloads and images are not broken
Honor cancel-at-end-of-subscription for PayPal after a sequential level upgrade
Keep membership level data current immediately after a change, preventing stale access
Prevent errors when processing 1ShoppingCart notifications that have no tags
Keep a team invitation in place until the member is successfully added

Security

Strengthen payment notification handling against forged and replayed requests
Tighten team account and API access controls
Harden file protection, login, and profile handling against tampering

Other

Update the built-in membership blocks (login, profile, profile photo, member levels, pay-per-post) to the latest WordPress block format for WordPress 7.0 compatibility
PHP 8.1 compatibility improvements

Features​

  • Add webhook support alongside Silent Post to Authorize.net ARB. Silent post will be hidden for new installs.

Bug Fixes​

  • Prevent critical error when curl is not enabled and PayPal integration is enabled.
  • Invalidate per-user txn-id cache on transaction updates

Security​

  • CVE-2026-25445
  • CVE-2026-25446
  • CVE-2026-24575
Bug Fixes

Skip ob_start callback on PayPal Express Checkout during REST, AJAX, and cron requests
Fixed issue where the Shortcode inserter’s modal when adding/editing posts/pages stopped working
Prevent empty members list on strict database configurations
Fixed registration form and sequential upgrade PHP notices
Features
Updated Pay Per Post settings to include auto-creation of accounts

Bug Fixes
Remove deprecated IE conditional script loading
Fix incorrect registration date when importing members with registration date specified

Other
Update renewal link in Dashboard to point to my.wishlistmember.com
Disabled file consistency check in selfcheck
Bug Fixes

MailChimp subscribe/unsubscribe
MailChimp empty Interest Groups
Bug Fixes

Ensure only_show_content_for_level skips only main singular queries
eWAY credential test
Bug Fixes

* Edge case infinite loop when setting script translations on sites that may have symlinked folders that recurses onto itself (#2557) ([0270c9](https://github.com/caseproof/wishlist-member/commit/0270c9d76064bb8c3052f43cab3891e36556e1ff))
* Menu protection returning incorrect menu items if `wp_nav_menu_objects` filter is called multiple times due to incorrect caching (#2559) [#2558](https://github.com/caseproof/wishlist-member/issues/2558) ([f70569](https://github.com/caseproof/wishlist-member/commit/f705695da69a5fb4066444f469f61fa273f7ca7a))
* Respect per-page non-member redirects (#2548) ([93f8cc](https://github.com/caseproof/wishlist-member/commit/93f8cc3fbcd7f76e308daa55b3d0a4f805439537))
* Translation functions called to early (#2556) ([d4d3e5](https://github.com/caseproof/wishlist-member/commit/d4d3e5cc36c59306ab851d9284ded2429bb749f3))
* Use strict string comparisons in admin/ui selections (#2551) ([5bd7d2](https://github.com/caseproof/wishlist-member/commit/5bd7d2e4fe741f9193d88af425f50817a674fb9c))
### Features


##### internal

* Upgraded growth tools to ~1.5.0 ([a06881](https://github.com/caseproof/wishlist-member/commit/a06881dbc762ca897a3f48850eb97c03bd2aa3d7))

### Bug Fixes

* Add exec function check before wget fallback [#2471](https://github.com/caseproof/wishlist-member/issues/2471) ([09b569](https://github.com/caseproof/wishlist-member/commit/09b569233a5847d4f22bb0704c993eabb9f73c91))
* Avoid WP 6.8.3 placeholder mismatch in API2 (#2540) ([aa7e46](https://github.com/caseproof/wishlist-member/commit/aa7e4667951ad628a792e681c9e02921ba1dbeeb))
* Custom registration fields with spaces in names not properly displayed in WP User profile page [#2501](https://github.com/caseproof/wishlist-member/issues/2501) ([79ed6a](https://github.com/caseproof/wishlist-member/commit/79ed6a8db030115e9194e06dc761b24e732fcd34))
* Duplicate queries from Issue #2523 (#2525) [#2523](https://github.com/caseproof/wishlist-member/issues/2523) ([b5141f](https://github.com/caseproof/wishlist-member/commit/b5141f514ebb71338c6409ed1878bfe15307fa8e))
* Fetch legacy rollback download url via licenses api (#2538) ([2bde9e](https://github.com/caseproof/wishlist-member/commit/2bde9e1c4210dc9637dde678e33c95b81bac5f66))
* Fixed fatal error when trying to access/edit a member via admin. (#2532) [#2530](https://github.com/caseproof/wishlist-member/issues/2530) ([6700eb](https://github.com/caseproof/wishlist-member/commit/6700eb77251ee927953d8263673e6e1f95d6566d))
* Possible bug when sending an integer $level_id value to Get_UserLevelIndex() method ([14f3b2](https://github.com/caseproof/wishlist-member/commit/14f3b2a2585492df06d86077b6119802128138ba))
* Removed wishlistactivation.com in selfcheck as it's no longer active (#2524) [#2520](https://github.com/caseproof/wishlist-member/issues/2520) ([2a68a5](https://github.com/caseproof/wishlist-member/commit/2a68a503d39cb650b776bcff749ce8da39f36976))
* Stripe integration unable to load due to the number of payperposts (#2534) [#2531](https://github.com/caseproof/wishlist-member/issues/2531) ([2b87ce](https://github.com/caseproof/wishlist-member/commit/2b87ce9882c68b2a48a6cfd8062f9cfb03a7412f))
* Textarea custom field not showing in WP profile [#2494](https://github.com/caseproof/wishlist-member/issues/2494) ([8b428f](https://github.com/caseproof/wishlist-member/commit/8b428f3e59ed1e98c5cb8a2635585bc447acb6f9))
* Unable to open page builders when WLM is active (#2546) [#2537](https://github.com/caseproof/wishlist-member/issues/2537) ([0ec63b](https://github.com/caseproof/wishlist-member/commit/0ec63b930b730abea80722228c8ba3f68ba754b9))
* Undefined variable $valule ([30073b](https://github.com/caseproof/wishlist-member/commit/30073bf496779f4f343310959d74823f839a6dc1))

##### deprecated

* Replaced `wp_get_user_request_data()` with `wp_get_user_request()` ([0cfd30](https://github.com/caseproof/wishlist-member/commit/0cfd30c7d2ad1d8ca163efa21a51d86c91e55dd9))
Fixes

Constant Contact disconnecting after flushing object cache
Scheduled actions no longer showing in the manage user section
Translations called too early
iDevAffiliate Fatal Error
Keap integrations not connecting via oAuth
Cancellations in Keap not synced properly
Reload confirmation popup shows when importing members
Folder protection giving incorrect access.
ClickBank order bump levels are not added when flow contains an upsell
API
/levels/xxx/members not returning members
Broken wlmapi_create_level()
Broken management of Attachments and Custom Post Types
Incorrect error handling for invalid API request return formats
Added generic content helper functions:
wlmapi_get_protected_content()
wlmapi_protect_content()
wlmapi_unprotect_content()
wlmapi_manage_content()
wlmapi_unmanage_content()
Back
Top