Security: fix CVE-2024-52500 (Broken Access Control). Add capability check (manage_options) to admin callbacks and AJAX endpoints so unauthenticated requests and low-privileged users cannot tamper with plugin settings.
Security: add WP nonce verification to AJAX handlers and publisher-logout link for CSRF defense in depth.
Security: add OAuth-style state parameter to the SSP connect URL and verify it in auto_save_publisher_token so a crafted link cannot poison the publisher token of an authenticated admin.
Fix: clear_plugin_options() now also removes the publisher_site_verified option on logout and uninstall.
1.1.3
Minor enhancements to ensure compatibility with future updates
1.1.2
Fix session closing before making any HTTP requests
1.1.1
Site verification improvements
1.1.0
Fix site verification via plugin
Implement plugin uninstall options cleanup
Refactoring plugin specified options
Fix footer links
1.0.6
Fix verification screen behavior
1.0.4
Add Check verification button on verification page
