Code quality: in ajax_media_upload() removed the unused require_once wp-admin/includes/media.php and moved require_once wp-admin/includes/image.php immediately before wp_generate_attachment_metadata(), so each core admin file is loaded right before the function from it is used
Security: added an explicit wp_verify_nonce( ‘woocommerce-process_checkout’ ) check at the start of validate_phone(), sanitize_phone_on_save() and save_checkout_data() in the WooCommerce checkout integration, so the nonce verification is visible inline (it was already enforced upstream by WooCommerce)
Security: added a besked_media_filters nonce to the Besked Media admin page sort/filter links and form, with wp_verify_nonce on incoming requests; filter and sort query args are now ignored unless accompanied by a valid nonce
1.5.3
Code quality: replaced all inline <script> and <style> tags with wp_enqueue_script(), wp_enqueue_style(), wp_add_inline_script(), and wp_localize_script() per WordPress coding standards
Security: added nonce verification to the checkout cart-tracking AJAX endpoint (besked_track_billing)
Security: input fields of the abandoned-cart automation save handler are now individually sanitised with the appropriate WordPress functions (sanitize_text_field, wp_kses_post, absint, whitelist checks)
Security: replaced direct SQL interpolation with $wpdb->prepare() and placeholders across campaigns, messages, contacts, abandoned-carts and lists queries
Docs: added the == External services == section describing the Besked API usage, data sent and links to the provider’s Terms of Service and Privacy Policy
1.4.0
Added “Import from WordPress users” feature with phone field mapping
Added “Custom field mapping” settings tab for non-WooCommerce phone fields
Added media attachments (image/document) to broadcast campaigns
Added Besked Media library page with bulk delete
Added CSV import with auto-detected delimiter and column mapping
Improved bulk action confirmation prompts
1.3.0
Added broadcast campaigns with per-recipient variable substitution
Added live WhatsApp preview editor with formatting toolbar
Added campaign scheduling and per-contact delivery logs
1.2.0
Added contact list segmentation
Added GDPR unsubscribe tokens
Added My Account “Notification preferences” endpoint
1.1.0
Added abandoned cart tracking and automated recovery messages
