Submit Changelog
Track Changelogs

WonderTax Labs: Audita

Changelog

1.3.6 – 2026-05-29

  • Fixed: Additional WordPress.org plugin review compliance fixes

1.3.5 – 2026-05-29

  • Security: Added WordPress nonce verification to OAuth initiation flow to prevent CSRF attacks
  • Security: OAuth callback now requires verified token from user confirmation step
  • Security: Added confirmation UI requiring explicit user action before creating API credentials
  • Added: New OAuth confirmation page with clear description of requested permissions
  • Fixed: WordPress.org plugin review compliance for nonce and user permission checks

1.3.4 – 2026-05-27

  • Security: Added current_user_can() capability checks before processing OAuth initiation
  • Security: Added current_user_can() capability check at start of OAuth callback handler
  • Security: Removed admin_post_nopriv_wondertax_oauth hook (OAuth now requires authentication)
  • Fixed: Tested up to WordPress 7.0

1.3.3 – 2026-05-19

  • Changed: Renamed plugin folder and files to match WordPress.org slug (wondertax-labs-audita)
  • Fixed: Text domain changed to match WordPress.org plugin slug
  • Fixed: Inline CSS now uses wp_add_inline_style() instead of raw style tags
  • Fixed: PHP_VERSION output is now properly escaped

1.3.2 – 2026-05-18

  • Removed: Hidden .gitkeep file from languages folder
  • Removed: Domain Path header (not needed for WordPress.org)

1.3.1 – 2026-05-18

  • Removed: Custom plugin updater (now uses WordPress.org update system)
  • Ready for WordPress.org plugin directory submission

1.3.0 – 2026-05-18

  • Fixed: WordPress Plugin Check compliance issues
  • Fixed: Added proper output escaping in test files
  • Fixed: Added wp_unslash() before sanitization for $_GET/$_POST data
  • Fixed: Added PHPCS ignore comments for intentional direct database queries
  • Fixed: Variable prefixing in uninstall.php
  • Fixed: Created languages folder for i18n support
  • Fixed: Reduced tags to 5 in readme.txt

1.2.9 – 2026-05-10

  • Removed: Vercel deployment protection bypass code (no longer needed)
  • Fixed: Existing users now receive authenticated session during WooCommerce connect flow
  • Improved: Simplified server-to-server API calls

1.2.8 – 2026-05-09

  • Fixed: Status endpoint URL corrected to /api/integrations/woocommerce/status
  • Fixed: Uninstall script now reads option values before deleting them
  • Fixed: Transient token expiry extended to 1 hour to match HMAC window

1.2.7 – 2026-05-09

  • Added: Extended HMAC authentication window from 10 minutes to 1 hour

1.2.6 – 2026-05-08

  • Added: Open WonderTax Labs dashboard button with HMAC-signed authentication
  • Added: Dual-key mode support for live/test API key switching
  • Added: Mode selector UI in WordPress admin for dual-key installations

1.2.5 – 2025-05-07

  • Fixed: Removed debug logging (error_log) calls for WooCommerce marketplace compliance
  • Fixed: Added proper output escaping for transaction count display
  • Fixed: Added phpcs ignore comment for REST API permission callback

1.2.4 – 2025-05-07

  • Changed: Plugin title changed to “WonderTax Labs: Audita” throughout admin UI
  • Changed: Menu item and page title updated to “WonderTax Labs: Audita”

1.2.3 – 2025-05-07

  • Changed: Renamed plugin from wondertax-woocommerce to wondertaxlabs-audita

1.2.2 – 2025-05-07

  • Added: changelog.txt for WooCommerce marketplace compliance

1.2.1 – 2025-05-07

  • Fixed: Minor bug fixes and stability improvements

1.2.0 – 2025-05-01

  • New: Enhanced admin dashboard UI
  • Improved: Better error handling for API connections

1.1.0 – 2025-04-25

  • New: Improved connection status indicators
  • Improved: Enhanced security for credential storage

1.0.17 – 2025-04-23

  • Fixed: API credential storage now matches WooCommerce format (consumer_secret stored as-is, not hashed)
  • Fixed: Activation redirect now user-scoped to prevent affecting other admins in multi-user sites
  • Fixed: Removed non-functional tax toggle form (audit only mode)
  • Changed: Plugin subtitle updated to reflect zero-cost and zero-risk sales tax auditing
  • Changed: Settings page now clearly indicates audit-only mode status

1.0.12 – 2025-04-23

  • New: Automatically redirect to settings page after plugin activation

1.0.11 – 2025-04-23

  • Fixed: API credential creation (admin and OAuth flows) now properly cleans up orphaned keys before insert
  • Fixed: API credential creation validates WooCommerce API functions availability
  • Fixed: API credential creation checks for API keys table existence before operations
  • Fixed: Improved SQL safety with proper escaping for SHOW TABLES LIKE queries
  • Added: User permission verification for manage_woocommerce capability
  • Security: Database error details logged server-side only, not exposed to users

1.0.10 – 2025-04-22

  • Security: Use wp_safe_redirect() instead of wp_redirect() for external redirects
  • Security: Added DNS rebinding protection to prevent SSRF via hostname resolution
  • Security: Disabled following redirects in credential exchange fetch
  • Added: Unit tests for HMAC validation, URL validation, and DNS resolution

1.0.9 – 2025-04-22

  • Security: Credentials now exchanged server-to-server (never in URL or browser history)
  • Security: Per-install secrets replace shared app secret (each store has unique secret)
  • Security: One-time tokens with 5-minute expiry for credential exchange
  • New: REST API endpoint for secure credential exchange
  • Fixed: Plaintext credentials no longer stored in pending integration state

1.0.8 – 2025-04-22

  • New: WordPress-initiated OAuth flow with HMAC-signed requests
  • New: Automatic user creation from WordPress admin email
  • New: Entity selection support for users with multiple businesses
  • Improved: More secure credential exchange
  • Improved: Better integration with WonderTax Labs entity management

1.0.7 – 2025-04-22

  • Added WooCommerce Block Checkout (Store API) compatibility
  • Added Cart and Checkout Blocks feature declaration
  • Tax calculation now works with both Classic and Block Checkout
  • Added Store API hooks for real-time tax updates during address changes

1.0.4 – 2025-02-07

  • Fixed OAuth callback redirect field mismatch with SvelteKit backend
  • Improved integration reconnection handling for disconnected stores
  • Updated backend API to properly handle re-authorization of existing connections

1.0.3 – 2025-02-04

  • Fixed plugin icon display by bundling PNG logo locally
  • Improved compatibility with WordPress.com hosting environment

1.0.2 – 2025-02-04

  • Fixed WooCommerce feature compatibility declaration with safer error handling
  • Added plugin icon display in WordPress plugins list
  • Improved stability with try-catch blocks for compatibility checks

1.0.1 – 2025-02-04

  • Added Live/Test Mode status indicator in WordPress admin
  • Display recent transaction activity stats (last 30 days)
  • Show API key status badge (Test/Live/Disabled)
  • Link to comprehensive WooCommerce setup documentation
  • Enhanced error handling and user guidance
  • Improved UI with Material Design 3 styling

1.0.0 – 2025-01-24

  • Initial release
  • OAuth connection flow
  • Real-time tax calculation
  • Automatic order webhooks
  • Admin settings interface

Plugin Website
Visit website

Author
wondertaxlabs
Version:
1.3.6
Last Updated
June 1, 2026
Requires
WordPress 6.0
Tested Up To
WordPress 7.0
Requires PHP
8.0

Share Post

Join our newsletter.

Get insights into what’s happening at ChangelogWP right in your inbox. We don’t believe in spam.