The development of this version has cost 1,100 euros. The accumulated cost for this year is 25,660 euros. The accumulated cost since the first version is 189,030 euros, but the cost for you is only the license of 79€.
New branch 26.2.x of the Redsys plugin for WooCommerce from WooCommerce.com.
Branch Versions
26.2.0
Improved:
- The integration with IMAP and the reliability of email parsing for Redsys email processing has been improved, with a more robust logging system.
- To ensure compatibility with Advanced Tokenization that Redsys releases on July 7, the function get_last_four() now supports card numbers with masked characters (e.g., *****1234) or shortened versions (e.g., 2345).
Fixed:
- Apple Pay now correctly recognizes the province from Apple shipping data, allowing WooCommerce to load the corresponding shipping methods.
26.2.1
Improved:
- Desktop widgets are now disabled by default, and their loading has been optimized.
Fixed:
- Undefined variable $imap_enabled
26.2.2
Fixed:
- Avoided fatal error with SimplePie storing only simple feed data instead of serializing objects in the Desktop widgets.
26.2.3
Improved:
- Fixed the automatic user login flow after account creation by replacing
wp_set_current_user()andwp_set_auth_cookie()withwp_signon(). - Added username existence check to avoid conflicts when generating usernames from email addresses.
- Sanitized the input variable
$_POST['apple-token-redsys']. - Secured wp_remote_*() calls with host validation to prevent SSRF vulnerabilities.
- Added permission_callback checks for REST endpoints using referer validation to prevent public access.
- Enabled
CURLOPT_SSL_VERIFYHOST = 2andCURLOPT_SSL_VERIFYPEER = 1in the Redsys API library to strengthen SSL certificate validation and prevent MITM attacks. - Justified the use of
wp_redirect()for external OAuth flows with the corresponding comment. - Escaped dynamic CSS output for secure rendering.
