v2.7.4
Free
14 Nov, 2025
Enhanced Security and Database Reliability
This release significantly strengthens platform security by patching critical LFI vulnerabilities and implementing robust input and path validation for template functions. We’ve also boosted database stability by resolving a critical deadlock issue through SQL normalization, alongside improvements to styling flexibility with CSS variables.
- Database deadlock issue caused by uppercase SQL column types in CREATE TABLE statements triggering unnecessary dbDelta operations on every request
- Local File Inclusion (LFI) vulnerability patched in template loading functions
- Resolved Advanced Accordion Block plugin installation issue in FAQ Builder
- Added input validation and path traversal protection to eazydocs_get_template_part() and eazydocs_get_template() functions
- Implemented whitelist validation for template file paths to prevent arbitrary file inclusion
- Normalized all SQL DDL statements to lowercase to ensure compatibility with WordPress dbDelta function
- Replaced hardcoded color values with CSS variables for the attached file accordion
- Sanitized URL hash on docs page load for enhanced security