Internal version alignment (header and constant now both report 1.5.0)
No functional changes from 1.4.0
1.4.0
Security: Permission callbacks now require manage_network (super admin) on multisite, instead of manage_options which subsite admins may have
Security: File concat (/files/concat) output restricted to plugin temp directory only
Security: File search-replace (/files/search-replace) restricted to uploads directory only
Security: File upload (/files/upload) destination restricted to uploads directory only
Security: File search-replace now uses WP_Filesystem for reads and writes instead of direct PHP file functions
Change: Temp directory moved from wp-content/insta-migrate-tmp/ to wp-content/uploads/insta-migrate-tmp/ per wp.org guidelines
1.3.0
Removed all exec()/shell_exec() calls per wp.org plugin guidelines
Removed /wp-cli REST endpoint (required exec)
Archive creation and extraction now use PharData/ZipArchive exclusively
Binary detection (has_wp_cli) now uses hardcoded path checks only
1.2.0
New: /db/fix-prefix endpoint — fixes usermeta meta_key and options option_name values after a migration where the table prefix changed. Prevents users losing roles/capabilities when the sed prefix-rewrite missed single-quoted values.
1.1.0
New: /files/concat endpoint — concatenate chunked file uploads on the server (for large archives exceeding PHP upload limit)
New: /files/search-replace endpoint — search-replace strings within static files on disk (CSS/JS/JSON), used for Elementor CSS domain replacement after DB search-replace
Fix: Numeric columns (INT, BIGINT, DECIMAL, etc.) now exported as plain numbers, not hex-encoded. Prevents MySQL from misinterpreting hex literals as integers.
