Admin and Site Enhancements (ASE) Pro 8.7.1 NULLED

### 8.7.1 (2026.04.27) - ASE Free and Pro

* **[IMPROVED in Free and Pro] Disable Components >> Disable Smaller Components**: added an option to disable user email notification after password change.

* **[IMPROVED in Pro] Utilities >> Site Backup and Migration**:
* Added "Upload a Backup Archive" and "Transfer a Backup Archive from URL" actions in the emergency restore script.
* Added checks in the "Restore" tab and emergency restore's "Upload a Backup Archive" and "Transfer a Backup Archive from URL" actions so archive for another site with different domain will be rejected. Props to David M.C. for prompting this improvement.
* Improved the robustness and reliability of sync operation. Props to David M.C. for prompting this improvement.
* Scoped media sync: when syncing "Selected post types only", the "Media Library" component now will auto-select a new option "Only files used by selected posts", so there is no need to sync the whole media library for this scenario. Props to David M.C. for prompting this improvement.
* Scoped terms sync: when selecting to sync only certain post type posts, it's now possible to also sync only taxonomy terms in use / related to those posts.
* Scoped custom field values sync: when selecting to sync only certain post type posts (whose CPT is configured by ASE), it's now possible to also sync only custom field values related to those posts.
* Add option to sync all or some custom post type configurations created via ASE's Custom Content Types module in the "Settings >> Custom Post Types" admin page.
* Add option to sync all or some custom taxonomy configurations created via ASE's Custom Content Types module in the "Settings >> Custom Taxonomies" admin page.
* Add option to sync all or some custom field group configurations created via ASE's Custom Content Types module in the "Settings >> Custom Field Groups" admin page.

* **[IMPROVED in Pro] Content Management >> Custom Content Types >> Custom Field Groups**: when no specific placement rules have been selected for a custom field group, the associated meta box will no longer show up in unrelated locations, e.g. all post types post edit screen.

* **[TRANSLATION in Free and Pro]** ASE is now being translated into [38 languages](https://translate.wpase.com/):
* **Added new/improved translation** for:
* ASE Free: Updated Portuguese (Brazil), Polish, Norwegian, Indonesian.
* ASE Pro: Updated Arabic, Indonesian, Danish.

8.7.0 (2026.04.20) - ASE Free and Pro​

• [ADDED in Pro] Utilities >> Site Backup and Migration: Backup site files and database, restore from backups, and migrate or sync to another server. Find out more >>.
• [FIXED in Free and Pro] Log In/Out | Register >> Change Login URL: fixed a regression that exposes the custom login URL when a certain URL pattern is loaded by a public visitor. Props to @dariobros for reporting the issue.
• [IMPROVED in Pro] Utilities >> File Manager: add option to put the folder tree on the left side, and another option to add the File Manager as a top-level menu item instead of submenu under Tools. Props to Christian S. for prompting these improvements.
• [FIXED and IMPROVED in Pro] Custom Code >> Code Snippets Manager:
  • default snippets storage folder to the /wp-content/ root for when there are no snippets created yet.
  • prevent stripping valid backslashes on saving a snippet and restoring from revision. Props to Martin S. for reporting the issue in detail.
• [IMPROVED in Pro] Utilities >> Form Builder:
  • Enable "Tags" for email notification's "From Name" field, which can be useful if you want to use the "Name" field in a form as the "From Name" of the email notification. Props to Duncan H. for prompting this improvement.
  • Field labels in "Tags" selector in email notification and auto-responder settings pages now are properly stripped from raw HTML tags.
  • Hidden fields are no longer included in auto-responder emails.
  • Add option to customize placeholder for dropdowns in matrix fields (the default is "Choose one"). Props to Uli L. for prompting this improvement.
• [FIXED in Pro] Admin Interface >> Admin Menu Organizer: fixed an issue where the "Options" toggle is not working for submenu items when the site language is set to 简体中文 (zh_CN) or 繁體中文 (zh_TW). Props to John Y. for reporting this and for facilitating the troubleshooting process.
• [TRANSLATION in Free and Pro] ASE is now being translated into 38 languages:
  • Added new/improved translationfor:
    • ASE Free: Updated Portuguese (Brazil), Polish, Norwegian.

8.6.1 (2026.04.06) - ASE Free and Pro​

• [IMPROVED in Free and Pro] Log In/Out | Register >> Change Login URL: update module description to clarify compatibility with 2FA plugin / module.
• [FIXED in Free and Pro] Utilities >> Email Delivery: fixed PHP Deprecation issue in PHP 8.4.
• [IMPROVED in Pro] Admin Interface >> Admin Bar Custom Elements:
  • It's now possible to drag a parent element between the left and right side.
  • It's now possible to drag a child element from one parent element to another parent element. The "Parent" field has also been removed in favor of this drag and drop approach.
  • Add an option to set which user roles an element should be shown for. A child element can inherit the parent element settings or has its own settings.
  • The read-only "ID" field is now hidden so the "Options" panel is cleaner and simpler.
• [IMPROVED in Pro] Custom Code >> Code Snippets Manager: Improved handling of errors triggered by PHP snippets. Added a mechanism to prevent misattribution. Add a dedicated Error Log page (and submenu item) to display errors without clearly identifiable source snippets, which should help diagnose which PHP snippet an error originates from without mistakenly attributing it to a potentially wrong snippet. This also impoves the reliability of safe mode being auto-enabled on fatal errors. Props to David K. for prompting this improvement.
• [IMPROVED in Pro] Content Management >> Public Preview for Drafts add an option to also allow public preview for scheduled posts. Props to B. Adams for prompting this improvement.
• [IMPROVED in Pro] Content Management >> Custom Content Types >> Custom Field Group: add a new 'notify' parameter for frontend submission form's shortcode [ post_cf_form ] which can contain comma-separated email addresses and/or usernames. Once a submission has been made email notification containing form submission data will be sent to those email addresses and/or user emails. Props to Henry R. for prompting this improvement.
• [FIXED in Pro] Content Management >> Media Categories: fix heading misalignment / cut-off on screen <= 1300px. Props to Henry R. for reporting the issue.
• [TRANSLATION in Free and Pro] ASE is now being translated into 38 languages:
  • Added new/improved translationfor:
    • ASE Free: Update Portuguese (Brazil), Polish, Norwegian, Hungarian, Dutch.
    • ASE Pro: Update Czech, Hungarian, Portuguese (Brazil), Polish

8.6.0 (2026.03.30) - ASE Free and Pro​

• [ADDED in Pro] Admin Interface >> Admin Bar Custom Elements: New module to add custom menu and submenu items to the admin bar. Props to Todd, Jake H. and Lee B. for prompting this addition.
• [SECURITY FIX in Free and Pro] Log In/Out & Register >> Change Login URL: fix vulnerability that exposes the hidden login URL/form when a certain URL pattern is loaded on the frontend while logged-out. Props to Dan for responsibly disclosing this.
• [IMPROVED in Free] Security >> Email Address Obfuscator: The "high-compatibility" mode option is now available in ASE Free as well.
• [FIXED and IMPROVED in Free and Pro] Admin Interface >> Admin Menu Organizer:
  • [ASE Free and Pro] Remove description text at the top of the Admin Menu Organizer page.
  • [ASE Free] Fixed missing green checkmark icon after clicking "Save Changes"
  • [ASE Pro] Add the ability to always allow eligible users to view and access a menu item even if it's been hidden for all user roles or a particular user role. Props to Gary M., Gergo F.. Lee, SPARKS!, Tim C. and Tyler S. for prompting this imprvement.
  • [ASE Pro] Fix custom submenu title corruption when a unicode character is present, e.g. Serviço. Props to Jayron C. for reporting the issue in detail.
  • [ASE Pro] Change "Add Menu" to "Add Menu or Separator" and "Add Separator" to "Add Spacer" for better clarity since the addition of the "Add Menu" feature. Pros to Tanja K. for prompting this improvement.
• [IMPROVED in Pro] Security >> Two-Factor Authentication (2FA):
  • add an option to apply different 2FA settings for each user role. This allows you to choose which 2FA methods to activate and the grace period to apply for each role. Props to Justin T. for prompting this improvement.
  • add an option to enable the email method by default for the selected user role(s). Props to Justin T. for prompting this improvement.
• [IMPROVED in Free and Pro] Disable Components >> Disable REST API: two-factor authentication routes by default are now excluded from being disabled.
• [Improved in Pro] Utilities >> File Manager: "Last Modified" column will now properly reflect the timezone set in "Settings >> General".
• [FIXED and IMPROVED in Pro] Content Management >> Custom Content Types >> Custom Field Group:
  • Fixed out-of-memory bug that occurs in a certain scenario when using the Array shortcode with a WYSIWYG field in a page builder context. Props to Lynette C. for reporting the issue and facilitating the troubleshooting process.
  • Added new option for WYSIWYG field to force paragraph output to use double line breaks instead of paragraph tags. This is useful when used in certain page builder context so that styling from the page builder UI applies correctly and not being rendered mute / ineffective by the paragraph tags.
• [TRANSLATION in Free and Pro] ASE is now being translated into 38 languages:
  • Added new/improved translationfor:
    • ASE Free: Updated Portuguese (Brazil), Polish, Norwegian, Dutch, Chinese (Taiwan)
    • ASE Pro: Updated Spanish (Spain).

### 8.5.2 (2026.03.23) - ASE Free and Pro

* **[IMPROVED in Free and Pro] Disable Components >> Disable Comments**: Kadence galleries (kt_gallery) will no longer be shown as an option to disable comments on, as it can prevent adding new images to a gallery. In ASE Pro, when "Disable on all post types" is selected, kt_gallery will automatically be excluded from processing to prevent the issue. Props to [@totallyminimad](https://wordpress.org/support/users/totallyminimad/) for [reporting the issue](https://wordpress.org/support/topic/possible-conflict-with-new-gallery-image-insert-in-block-editor/) in detail.

* **[IMPROVED and FIXED in Pro] Utilities >> Form Builder**:
* hidden field can now be used to capture the value of URL parameters from the page the form is displayed on. Props to Wilbert S. for prompting this improvement.
* fixed PHP warning related to missing `webhook_key`.
* add a 'Trash' action button in the entry view page. Props to Jaroslaw K. for prompting this improvement.

* **[IMPROVED in Pro] Optimization >> Revisions Control**: added an option to apply revisions control "only for", "except for" or "for all" post types. Props to Stijn V. for prompting this improvement.

* **[IMPROVED in Pro] Admin Interface >> Admin Menu Organizer**:
* new menu items with target set to "None", i.e. a separator, will now have their sortable highlighted in a different color for easier visual distinctions in the Admin Menu Organizer settings page.
* new menu items added via "Add Menu" now renders their icon without FOUC (flash of unstyled content).

* **[IMPROVED in Pro] Admin Interface >> Hide Admin Notices**: warning notice from the File Manager module is now excluded from hiding.

* **[IMPROVED in Pro] Content Management >> Post Type Switcher**:
* add post type name/slug in the list of post types to switch to.
* remove certain WP core and ASE post types that are not relevant as post types to switch to.

* **[IMPROVED in Pro] Custom Code >> Code Snippets Manager**: added 'Trash' link in the snippet edit screen. Props to Jim R. for prompting this improvement.

* **[IMPROVED in Pro] Security >> Two-Factor Authentication (2FA)**: Added a notice inside the Two-Factor Authentication Options section in user profile edit screen when grace period has passed, or, is set to be non-existent. This notice provides some context as to why users are redirected to that section and is asked to setup 2FA method(s).

* **[FIXED in Pro] Admin Interface >> Admin Columns Manager**: fixed a PHP warning that occurs in the posts list table.

### 8.5.1 (2026.03.16) - ASE Free and Pro

* **[IMPROVED in Free and Pro] Utilities >> Email Delivery**: SMTP password is now securely encrypted at rest (in wp_options). Props to Bekee G. for prompting this improvement.

* **[IMPROVED in Pro] Admin Interface >> Admin Menu Organizer**: Implement an option to add custom menu and submenu items. The custom menu item can use custom icon, title, link and capability required, or can be used as a separator or section header in the admin menu with no linking. Props to Kai, Leslie, Ken R., @27pixel, @firstandlast, Jarosław K., Mike D. @oxygen, Jacob N., Ramit I., Bent F. and Yaser for prompting this improvement.

* **[IMPROVED in Pro] Custom Code >> Code Snippets Manager**: add status filter (active vs inactive) in snippets listing page.

* **[IMPROVED in Pro] Utilities >> Maintenance Mode**: allow wildcard use in excluding URLs from maintenance mode. Props to Tony S. for prompting this improvement.

* **[FIXED in Pro] Content Management >> Media Categories**: fix broken CSS in categories tree context menu causing the menu to look squished.

* **[TRANSLATION in Free and Pro]** ASE is now being translated into [38 languages](https://translate.wpase.com/):
* **Added new/improved translation** for:
* ASE Free: Updated Ukrainian, Portuguese (Brazil), Polish, Dutch, Norwegian, Spanish, Danish.
* ASE Pro: Updated Portuguese (Brazil), Polish, Norwegian, Hungarian, Spanish, Catalan.

8.4.2 (2026.03.02) - ASE Free and Pro

* **[FIXED in Free] Content Management >> Content Duplication**: fixed missing 'Duplicate' link in post actions row in the post listing screen since v8.4.1 introduced a security fix for this module. Props to st@n, @ilanaw, @michoscopic, @lineadiconfine, @dannyfoo and @webkatdesign for [reporting](https://wordpress.org/support/topic/duplicate-post-page-7-4-1-bug/) the bug.

* **[IMPROVED in Pro] Security >> Two-Factor Authentication (2FA)**: Grace period notice that urges users with the relevant roles to set up 2FA is now excluded from being hidden by the Hide Admin Notices module. This ensures that those users see it when they log in.

* **[FIXED in Pro] Plugin Activation**: fixed a fatal error that occurs in a certain scenario during plugin activation. Props to Alistair W. for reporting the issue and facilitating the troubleshooting process.

* **[FIXED in Pro] Content Management >> Media Categories**: fixed a PHP warning that occurs in a certain scenario.

* **[FIXED in Pro] Content Management >> Custom Content Types >> Custom Field Groups**: fixed a fatal error that occurs when trying to edit a Bricks template for a taxonomy archive when a custom field group is attached to that taxonomy and no specific taxonomy term has been selected to preview the archive in the builder. Props to David W. for reporting the issue in detail (with error stack trace) and facilitating the troubleshooting process.

* **[FIXED in Pro] Content Management >> Content Order**: Fixed a bug that affects non-hierarchical post types causing duplicating menu_order in pairs of posts, posts occasionally / randomly being nested as child post during drag and dropping, and drag-and-dropping not working reliably when dragging a bit too far to the right hand side in the 'Order' page. Props to Christian S. for reporting the issue in detail, with screen recordings, and facilitating the troubleshooting process further.

* **[FIXED in Pro] Utilities >> File Manager**: fixed a fatal error that occurs in a scenario where mime_content_type() is not available in PHP because magic module is disabled. Props to Bill J. for reporting the issue in detail.

* **[FIXED in Pro] Utilities >> Local User Avatar**: fixed an issue with `get_avatar_url()` override always returning URL for the `thumbnail` size of the avatar and ignoring size parameter. This for example, can break Bricks builder's `{author_avatar:512}` dynamic tag. Props to Martin Ž. for reporting the issue in detail.

8.4.1 (2026.02.23) - ASE Free and Pro​

• [SECURITY FIX in Free] Content Management >> Content Duplication: fixed "Broken Access Control" vulnerability with CVSS severity "Medium (5.4)"" that could cause "Information Disclosure" as responsiblly disclosed by security researcher Jakub Herman via Pathstack. In practical terms, this for example, can allow a logged-in user with contributor role to duplicate (and then view) password-protected content created by an administrator via the admin bar duplication link of the password-protected post in the frontend.
• [IMPROVED and FIXED in Pro] Utilities >> Form Builder:
  • Added bulk export / import for forms via an "Export / Import Forms" button in the forms listing page, which links to the Form Builder section in ASE settings "Export | Import" section. You can choose to export all forms, or manually select which forms to export.
  • Added bulk export / import for style templates via an "Export / Import Style Templates" button in the forms listing page, which links to the Form Builder section in ASE settings "Export | Import" section. You can choose to export all style templates, or manually select which style templates to export.
  • Added bulk export for form entries via an "Export Entries" button in the forms listing page, which links to the Form Builder section in ASE settings "Export | Import" section. You can choose to export entries from a particular form, and customize what entry data will be exported, set the output format (CSV, Excel or JSON) and set a data range to filter by. Props to Uli L., Richard L. and Dave P. for prompting this improvement.
  • Security hardening for the upload field by removing trust in client-sent constraints and enforcing server-side file policy.
  • Stop recording IP address during form submissions.
  • Fixed custom CSS classes not being output for "Display" field types, e.g. HTML field. Props to Yan for reporting the issue.
• [FIXED in Free and Pro] Content Management >> Content Order: fixed layout issue in the content order page caused by CSS being overridden by the MetForm Pro plugin's CSS. Props to @once-master for prompting this fix.
• [FIXED in Pro] Security >> CAPTCHA Protectino >> ALTCHA: fixed a JS error in Firefox browser related to @Wordpress/interactivity when an ALTCHA field is included in a form via the Form Builder module. Props to Yan for reporting the issue.
• [TRANSLATION in Free and Pro] ASE is now being translated into 38 languages:
  • Added new/improved translationfor:
    • ASE Free: Updated Serbian, Turkish, Spanish (Spain), Portuguese (Brazil), Polish, Persian, Norwegian, Dutch, Danish, Azerbaijani, Albanian
    • ASE Pro: Updated Norwegian. Completed Serbian (special props to Igor E.).

v8.4.0 (2026.02.16) - ASE Free and Pro
* **[ADDED in Pro] Security >> Two-Factor Authentication**: Add an extra verification step during login for some or all user roles with grace period settings. Supported methods are authenticator app (TOTP), recovery codes and email. Compatible with the Change Login URL module. Props to Sebastian, Laurent F., Jonathan, Carlos d.A. Silvan L., Luethi, Ramyt I., Ammar, Marcel S., Drijen S., Stefan B., Timothy L. and Cory V. for prompting this addition.

* **[FIXED in Free and Pro] Disable Components >> Disable Gutenberg**: fixed a PHP fatal error that occurs in a certain scenario. Props to [@d79](https://wordpress.org/support/users/d79/) for [reporting](https://wordpress.org/support/topic/bug-disable-gutenberg-%e2%86%92-fatal-error/) this in detail with the error entry log.

* **[TRANSLATION in Free and Pro]** ASE is now being translated into [38 languages](https://translate.wpase.com/):
* **Added new/improved translation** for:
* ASE Free: updated Danish, Spanish (Chile), Russian, Portuguese (Brazil), Polish, Persian, German, Dutch (Netherlands), Dutch (Belgium)
* ASE Pro: updated Danish, Portuguese (Brazil)