Full Changelog: v1.1.0...v1.1.1

Security: Fix SQL injection in search - v1.1.1

• Replaced esc_sql() with $wpdb->prepare() in submissions search
• Implemented $wpdb->esc_like() for LIKE query wildcards
• WordPress.org security compliance achieved
• Ready for plugin directory submission

Full Changelog: v1.0.2...v1.1.0

🔐 Major Security Enhancements:

• ✅ Secure File Vault - Files now upload to protected /pwp-secured/ directory
• ✅ Access Control - .htaccess blocks all direct file access (403 Forbidden)
• ✅ Role-Based Viewers - Admins can view all files, users only their own
• ✅ Ownership Verification - Critical security checks prevent unauthorized access
• ✅ Output Buffer Protection - Prevents file corruption from stray output
• ✅ Proper MIME Types - Ensures correct file type headers for downloads

🔒 Additional Security Improvements:

• Fixed PII leak on cached pages
• Fixed nonce expiry issues
• Added IP-based rate limiting (10/hour)
• Safe file deletion with usage checks
• Admin replies use HTML templates

⚡ Performance:

• Full caching compatibility (CDN, page cache)
• Dynamic data loading via JavaScript
• Reduced server processing

🆕 New Features:

• Client-side user data population
• Fresh nonce fetching on page load
• Customizable rate limits via filter
• Nginx configuration support for file protection

Full Changelog: v1.0.0...v1.0.2

Full Changelog: v1.0.0...v1.0.1

Full Changelog: https://github.com/dhanushrs1/PWP-Forms-By-ProWPKit/commits/v1.0.0