Release Date – 24 Jun, 2026
* Critical: Security architecture upgrade. Due to foundational cryptographic hardening, all files encrypted with version 3.0.2 or earlier are no longer compatible and cannot be decrypted by this version (3.0.3>).
* Fix: Resolved a calculation error in the rolling daily storage quota tracker where the user usage transient computed incorrect totals.
* Tweak: Cleaned up chunk-index loop evaluations to ensure storage limits are applied accurately across all upload sizes.
* Fix: Activate the storage view drawer elements only when required.
* Files: /js/w3mypq.js and /js/worker.js
* Fix: Standardized FIPS-204 signature context structures to an explicit domain separation text layout string, introducing a strict policy gatekeeper to drop signed payloads if sender public validation keys are omitted.
* Fix: Restored true thread-safe cryptographic verification on the Web Worker pipeline, converting signature evaluations into explicit async object payload handshakes ({ buffer, isAuthentic }) to pass verified identity states cleanly to the frontend interface.
* Fix: As 3.0.2 – implemented absolute AEAD integrity protection across the envelope header, binding the recipient index metadata parameters directly into the AES-GCM Additional Authenticated Data (AAD) block via zero-copy views to permanently block unauthorized file-tampering or slot-swapping attacks.
* Fix: Hardened multi-recipient encryption arrays by wrapping the decapsulated ML-KEM-1024 shared secrets inside a secure SHA-256 digest layer to eliminate master-key linear relationship vulnerabilities.
* Note: As of version 3.0.3, files encrypted in Guest mode (with no recipients) should NOT be signed, or the “Personal” decryption will fail.
Release Date – 07 Jun, 2026
* Fix – Style: Added notices for custom styles.
* Fix: Removed accidental <style> and </style> HTML tags from the external w3mypq.css stylesheet.
* Note: you should remove <style> and </style> HTML tags from the custom w3mypq.css if using it.
* Tweak: Moved CSS selector #w3_wrap_link-decrypt-form from JS (w3mypg.js) into the stylesheet (w3mypq.css).
* Fix: Performed initial style cleanup and removed unused selectors from w3mypq.css to optimize file size.
* Add: Admin dashboard info panel displaying “Total Encrypted Vault Space Used”.
* Add: Added maximum file size display to the frontend “Upload Dynamic Quota & Countdown Info Panel”.
* Fix: Addressed minor codebase and styling bugs.
Release Date – 07 Jun, 2026
* Fix: Fix the new added 2.2.0 Vault Module Maintenance Tools, Administrator buttons to execute targeted storage vault and transient purges (preserving user keys) or full resets.
* Add: Dynamic Quota & Countdown Info Panel directly onto the front-end vault interface, utilizing a high-efficiency client-side background ticker that updates every minute to display remaining storage capacity (MB/KB) and a precise live hours/minutes countdown until the rolling 24-hour limit resets.
* Fix: Core uninstall execution mapping loops to automate immediate, complete cleanup of all user meta data records, file tokens, background transient timeout parameters, upload folders, upon plugin removal.
* Fix: Reinforced server-side User Quota Gatekeeper on the REST API endpoint, embedding an absolute hard-stop guard that validates complete file dimensions on Chunk 0 and terminates unauthorized transmission frames instantly.
* Fix: Patched fractional mathematical chunk leaks on the REST API gateway, enforcing a strict zero-tolerance hard stop block when daily bandwidth thresholds are maxed out.
* Fix: Discarded legacy un-sanitized profile meta save routines to ensure wrong key inputs trigger an immediate native red warning alert banner.
* Fix: Post-Quantum key check. Fully automates Public key extraction directly from pasted text, stripping out headers, whitespaces, and PEM boundaries.
Release Date – 06 Jun, 2026
* Add: Vault Module Maintenance Tools -into the Admin panel settings page to execute targeted administrative cleanup routines on the server vault storage footprint or for testing purpose.
* Fix: Uninstall immediate complete transients cleanup.
* Add: A real-time, visual display placed right on the dashboard to keep registered users informed of their remaining daily secure upload capacity and the exact hour/minute countdown until their 24-hour quota limit resets. It auto update each minute if the page is not reloaded.
* Fix: user’s quota check.
* Minor fixes
Release Date – 04 Jun, 2026
* Add: ‘Rolling Daily User Quota’ option to prevent disk space exhaustion via fast WordPress transients.
* Fix: Resolved an issue where the ‘link expired’ button would repeatedly reload the same page.
* Fix: Minor bug fixes and performance improvements.
Release Date – 02 Jun, 2026
Release Date – 02 Jun, 2026
Plugin Website
Visit website
Share Post
Get insights into what’s happening at ChangelogWP right in your inbox. We don’t believe in spam.