0ef93f8: Add WordPress 7.0 to the CI test matrix and update the plugin “Tested up to” header to 7.0.
1.8.10
Patch Changes
81a854f: Maintenance release for WordPress.org. No functional changes. Sites still on 1.8.0 remain affected by GHSA-q6pm-r77q-qcv3 / CVE-2026-54239 and should update.
1.8.9
Patch Changes
139479d: Remove the Update URI: false header from faustwp.php so WordPress checks wordpress.org for plugin updates. This restores wordpress.org as the canonical update channel for new installs. The 1.8.8 security fix (GHSA-q6pm-r77q-qcv3) — include the IV in the token envelope HMAC to prevent authentication bypass — was reported by ParkHyunWoo (@hwpark6804-gif) via Patchstack.
