Submit Changelog
Track Changelogs

Clicksora Click Fraud Protection

Changelog

1.8.0

  • Removed: Deprecated load_plugin_textdomain() call — WordPress.org auto-loads translations since WP 4.6
  • Improved: Plugin Check passes clean with zero errors

1.7.0

  • Added: load_plugin_textdomain() for proper translation loading
  • Added: Security index.php files to prevent directory listing
  • Fixed: Translation template .pot file updated with all translatable strings
  • Fixed: Readme “free trial” corrected to “14-day money-back guarantee”
  • Improved: Full WordPress Plugin Check compliance

1.6.0

  • Fixed: Constants now wrapped in defined() checks to prevent fatal errors
  • Fixed: Removed unnecessary escaping in wp_enqueue_script() and wp_enqueue_style() parameters
  • Fixed: Settings section callback now uses a proper named function
  • Fixed: Added wp_unslash() before sanitizing form input
  • Fixed: Noscript pixel moved from wp_head to wp_body_open with wp_footer fallback
  • Fixed: Uninstall cleanup now uses uninstall.php instead of register_uninstall_hook()
  • Fixed: CSS version synced with plugin version, removed duplicate header comments
  • Fixed: Removed frontend CSS class from admin-only stylesheet
  • Improved: Added @package PHPDoc tag to all files

1.5.0

  • CRITICAL FIX: Removed defer script loading strategy — deferred scripts execute AFTER HTML parsing, causing fast-bouncing ad visitors to leave before tracking activates (ghost clicks). Script now loads in <head> for immediate execution.
  • Fixed: Tracking script URL reference updated to app.clicksora.com/t.js
  • Fixed: Pixel URL updated to app.clicksora.com/api/track/pixel

1.3.0

  • Fixed: Text domain now correctly uses clicksora-click-fraud-protection throughout
  • Fixed: All output is properly escaped using esc_html(), esc_attr(), and esc_url()
  • Fixed: Script injection now uses wp_enqueue_script() instead of direct HTML output
  • Fixed: Inline styles replaced with external CSS file (css/admin.css)
  • Fixed: Added rel=”noopener noreferrer” to all external links
  • Fixed: PHPDoc blocks added to all functions
  • Fixed: register_setting() now uses array configuration format
  • Improved: Sanitization uses sanitize_text_field() in addition to regex
  • Improved: Added proper width and height attributes to noscript pixel image

1.2.0

  • Added: Admin tracking skip — logged-in administrators are excluded from tracking
  • Added: defer attribute for non-blocking script loading
  • Added: Settings link on the Plugins page for quick access
  • Added: How-it-works guide panel on settings page
  • Added: Privacy policy link and version footer
  • Added: Uninstall cleanup — removes all options when plugin is deleted
  • Improved: Better input sanitization for Tracking ID

1.1.0

  • Added: Noscript pixel fallback for visitors with JavaScript disabled
  • Improved: Settings page UI with status indicator

1.0.0

  • Initial release
  • Tracking script injection via data-id attribute
  • Settings page with Tracking ID input

Plugin Website
Visit website

Author
clicksora
Version:
1.8.0
Last Updated
April 3, 2026
Requires
WordPress 5.0
Tested Up To
WordPress 6.9.4
Requires PHP
7.4

Share Post

Join our newsletter.

Get insights into what’s happening at ChangelogWP right in your inbox. We don’t believe in spam.