I’ve posted Email Users v4.8.5-beta-1 for testing purposes. This is a minor update which restores functionality which was removed in 4.7.1. See this recent thread and this old 4.7.1 thread on the WordPress Support Forum for more details on the change in 4.7.1.
The change in 4.8.5 introduces a new option (Send User Exclude Role) on the Settings page which is enabled by default to retain the current functionality. When turned off, the user’s current role is also included in the list of roles presented as potential recipients.
Please provide any feedback ASAP as my window to fix this over the holiday break at work is small.
A week ago (July 19th) I was contacted by WordPress regarding a potential security flaw in Email Users. Email Users was “closed” (which is why it doesn’t show up at WordPress.org) until the security flaw was addressed and a new version of the plugin was tagged and release.
Due to some work issues, I did not have a chance to work on the plugin until this past weekend. I have resolved the security concerns, committed all of the changes, and tagged a new release. On July 26th (Sunday) I notified WordPress.org that everything (I know of) has been addressed. At this point, I am waiting for the plugin to be opened again or notified that I’ve missed something.
I’ve uploaded v4.84. to my web site in the event anyone wants to download the update before WordPress.org makes it live again.
Last night I released Email Users 4.8.2. This version addresses the use of several WordPress deprecated function messages, support for custom email headers and footers, and adds a feature to allow the admin to hide the Email Users menus from non-admin users. Full details can be found in the Change Log.
About a week ago I got a notice from WordPress.org letting me know Email Users had been de-listed from the plugin repository due to potential security exploit. While the odds were low, it was still a vulnerability which required fixing. This came at a time I was heading to Taiwan for work so my ability to fix it quickly was limited.
This morning I had some cycles to work on it while traveling home. I made the necessary fixes, committed them to Subversion, and informed WordPress.org. I just received a notice from WordPress that Email Users has been listed again. It may take a day or two to propagate through their cache.
Look for the version update notice on your Dashboard and I highly recommend installing this update. There is one other fix for users who use the Ithinx Groups plugin which had a bug in it.
Earlier today I received a report of a security bug in wp-SwimTeam. While the security flaw is true, I believe the ability to take advantage of the exploit is pretty hard is it would require knowing the value of a WordPress site’s ABSPATH value. It is certainly possible to guess the value in some cases but without knowing the proper value, the exploit simply fails.
This morning I released a minor update to wp-SwimTeam. Unless you are running under WordPress multi-site, you will not see a difference. Under Multi-Site there was a bug in the database query that pulls the list of users from the WordPress database. Because not all users stored in the user table should be visible to a particular site, the list of users needs to be filtered and limited to just those who have access to the site. It was this filter portion of the query which was wrong.
Yesterday afternoon I released v4.6.11 of Email Users. In addition to the additions to Dashboard to report the status of various filters, this release contains a fix to address a problem with using the Post Excerpt as the email content instead of the post itself and more importantly, a duplicate mail header problem.
While looking into a Support request I discovered a bug in the generation of the jQuery validation script which caused a syntax error. This syntax error could potentially cause problems with redirection upon form submission.
While fixing the above bug I also added support for embedded images which had been requested recently. When you design your form Google now allows the insertion of images and now Google Forms will display them properly.
You can find this update on your Dashboard or in the WordPress plugin repository.
This evening I released v0.66 of Google Forms. This version fixes two major issues:
The conflict with WordPress SEO has been resolved. The implemented solution will likely be replaced with something which runs less frequently. However, the solution implemented in v0.66 should make sites running both Google Forms and WordPress SEO a little happier.
Due to a bug, all form submissions have been logged regardless of the plugin setting.
You can find the update on the WordPress plugin repository or on your Dashboard.