Native B2B: RFQ Product Catalog & Inquiry Form

1.1.9

• SECURITY: Replaced client-generated math captcha token with server-side UUID, eliminating IP collision and token forgery vectors.
• SECURITY: Added IP-based rate limiting to the math challenge AJAX endpoint (max 30 requests / 5 min per IP).
• SECURITY: CSV export now checks total row count before loading; exports over 10,000 rows prompt the admin to filter first.
• FIX: Inquiry code is now generated before INSERT, removing the two-step PENDING-placeholder + UPDATE patten that could leave orphaned codes.
• FIX: Plugin deactivation now properly clears all scheduled cron hooks including the daily cleanup event.
• FIX: Janitor cron now cleans all plugin transient types in a unified query, covering math rate-limit counters and gallery caches.
• FIX: Math challenge transient key no longer depends on client IP + client token, preventing NAT collision between concurrent users.
• FIX: Reduced false-positive PHPCS warnings flagged by Plugin Check (variable prefixes, prepare() usage, direct query annotations).
• I18N: Regenerated .pot file for version 1.1.9.

1.1.8

• FIX: Hardened a database query in the admin dashboard to be fully compliant with wpdb::prepare() standards, resolving a security warning.
• DOCS: Added disclosure for the Bark notification service to the “External Services” section in readme.txt, as required by plugin guidelines.

1.1.7

• FIX: Corrected a PHP syntax error in the archive template file.
• FIX: Ensured all setting fields registered via register_setting are properly sanitized before encryption or saving.
• DOCS: Expanded the “External Services” section in the readme.txt with detailed descriptions of data sent.

1.1.6

• Initial submission with fixes based on automated review feedback.

1.1.5

• Initial stable release.