Skip to main content

WP eCommerce Core Plugin - Changelog

[8.2.0] - 2026-03-20 — Shop Managers & Roles, Variant Management & ionCube

Added

  • Shop Managers & Roles System — WordPress native role/capability access control. 17 capabilities across 6 groups. 4 predefined roles (Head Manager, Sales Manager, Content Manager, Product Manager). Custom role creation with capability matrix. Full admin page with managers list, role assignment, capability matrix
  • ionCube encoding active — 6 plugin licensing files ionCube-encoded in production builds
  • Variant Re-generation Management — Smart merge vs Replace All, Delete All button, bulk DELETE endpoint
  • Admin sees disabled variants — context=edit param on getProductVariants() API

Updated

  • Database documentation — Complete rewrite: 14 → 51 tables

Fixed

  • Disabled variants in API — Filters via isEnabled() by default, admin uses context=edit

[8.1.0] - 2026-03-19 — Product Admin UX Improvements

Added

  • Duplicate Product — New REST endpoint POST /ec/v1/products/{id}/duplicate. Creates a copy as draft with unique SKU and slug. Copies all fields, categories, images, attributes. Duplicate icon button in product list row actions with quantity popup (1/2/3/5/10/20 copies)
  • Category Filter — Products list toolbar includes "All Categories" dropdown filter. Loads from /ec/v1/categories API. Backend category_id parameter already supported
  • Inline Status Toggle — Product status badge is now clickable with dropdown. Change between Active/Draft/Archived directly from the product list without opening the editor
  • Variant Drag-and-Drop Reorder — Product variants can now be reordered via drag-and-drop (@dnd-kit/sortable). Drag handle on each variant card. Order persists automatically via new POST /products/{id}/variants/reorder endpoint. New sort_order DB column (migration 060)

Updated

  • build-dist.php v1.3.0 — Version auto-detection from source files (style.css / wp-ec.php). Version argument now optional. Explicit version validated against source — build fails on mismatch
  • Component Version Trackingcomponent-registry.json now has component_version field. build-components.php and upload-components.php auto-read version from registry (CLI --version overrides)

Fixed

  • Attribute Terms Delete/Update — Frontend was sending DELETE/PUT to /attributes/{attribute_id}/terms/{term_id} but backend route is /attributes/terms/{id}. Fixed path in AttributesManager.js — term deletion and editing now work correctly
  • Variant enabled toggle had no effect — Disabled variants were still visible and purchasable on frontend. API now filters out disabled variants from product response
  • Variant sale_type=percent wrong price — Frontend showed raw sale_price instead of calculated effective price. Now API returns effective_price and is_on_sale computed fields. Price range calculation also fixed
  • Out-of-stock variants now greyed out — Frontend VariantSelector marks out-of-stock attribute options as disabled with "(Out of Stock)" suffix
  • Product Update redirected to list — "Update Product" now stays on the product form instead of navigating back to list. "Discard" renamed to "Discard / Exit". New "View" button opens product on frontend

[8.0.0] - 2026-03-15 — Pay-from-Day-1 Licensing, Server-Side Component Delivery & Code Protection

Breaking Changes

  • Licensing Model: Pay from Day 1 — Removed 14-day trial system entirely. All features require an active license (Starter or higher). 30-day money-back guarantee replaces trial
  • FEATURE_MANIFEST restructuredcore_ecommerce, products, basic_payments moved from free to starter tier. erp_invoicing moved from starter to business tier
  • FREE_PRODUCT_LIMIT removed — Without license: 0 products. With license: unlimited

Added

  • IntegrityVerifier — Runtime file tamper detection via SHA256 + Ed25519 signed manifest with severity escalation
  • Distributed Sentinels (10) — Anti-nulling license verification across 8 files using different methods
  • Server-Signed Feature Manifest — Ed25519-signed manifest from Hub, fetched via twicedaily cron, cached 24h
  • ComponentInstaller — Server-side component delivery: download, verify, extract, track. Bulk install on activation
  • Component Update System — Cron-based update detection, admin notices, AJAX handlers for single/bulk updates
  • Component Integrity Verification — Installed files checked against stored SHA256 hashes in twicedaily cron
  • Skeleton Architecture — Skeleton mode when core DDD layers are missing. Only licensing + infrastructure run
  • Auto-Reinstall After Upgrade — Fullscreen popup auto-downloads components when licensed user upgrades

Updated

  • PaymentGatewayManager — Dynamic loading for 8 premium gateways (file_exists + dynamic instantiation)
  • CourierApiController — Dynamic courier loading with COURIER_MAP registry
  • MarketplaceFeedService — Dynamic feed generator loading with FEED_GENERATORS registry
  • LicenseGate — Removed all trial logic, "License Required" messaging
  • LicenseManager — "No License" badge, feature table checks is_licensed flag explicitly
  • ERP license page — Requires Business tier (was Starter)
  • Bootstrap — Skeleton/full mode split with isCoreInstalled() detection
  • AdminController — Menu locked to License page only when unlicensed
  • License Activation Progress UI — Fullscreen modal with per-component download progress

Fixed

  • Migration idempotency (15 files) — Migrations 003-058 now check information_schema before ADD COLUMN/INDEX/CONSTRAINT. Prevents errors on re-activation
  • FK type mismatches (migrations 052-057) — Column types aligned to bigint(20) to match referenced PKs
  • Sentinel getCurrentTier() bug — Fixed to getEffectiveTier()
  • Duplicate License menu — Eliminated duplicate entries between AdminController and LicenseManager
  • LicenseFingerprint NULL insertset_option(key, null)delete_option() for NOT NULL column

[7.12.0] - 2026-03-12 — Search Optimization & Bug Reporter Enhancements

Updated

  • Bug Reporter Widget — "My Issues" filter — Widget now shows only issues reported by the current WP user (filtered by email). Added Bug Tracker account creation link.
  • Bug Reporter Widget — Project selector — When connected to a multi-project API key, widget shows a project dropdown so users can choose which product their report concerns.
  • Search API — Multi-word matching — Search endpoint now supports multi-word queries with AND logic ("red shirt" finds products with both words). Cumulative relevance scoring replaces single-tier CASE.
  • Search API — N+1 fix — Category names for search results loaded in single batch query instead of one query per product.

[7.11.0] - 2026-03-11 — Review Hooks & Checkout Cleanup

Added

  • Review hooks — Added wpec_review_created and wpec_review_approved hooks to ReviewsApiController for extensibility (Points & Rewards, notifications, etc.)

Updated

  • Legacy coupon endpoints removed — Removed unused POST /cart/coupons and DELETE /cart/coupons/{code} routes + stub methods from CartApiController and CartService. All coupon operations use CouponApiController exclusively.
  • Checkout sanitizeAddress() whitelist — Added vat_number field so VAT numbers persist through checkout → order flow.

[7.10.0] - 2026-03-10 — Fingerprint Verification, Fulfillment Emails & Dynamic Currency

Added

  • License Fingerprint Verification — Ed25519 signed fingerprint file (.wpec-license.dat) for triple-verification (license_key + domain + fingerprint). Prevents file cloning across domains. Filesystem storage with DB fallback for managed hosting.
  • Fulfillment Status Emails — Automatic customer emails for shipped and delivered fulfillment statuses. New templates order_shipped and order_delivered with Greek defaults. Triggered by wpec_order_fulfillment_status_changed hook.
  • ACS Courier Integration (partially complete — awaiting real API key) — REST API client, voucher CRUD, label printing (thermal/laser), tracking, pickup list management, price calculation, address validation. Admin UI with credentials, test connection, print format. Shipping method acs_courier with table rate + surcharges.

Updated

  • Dynamic currency/locale infrastructureAdminController passes full currency config via wpecAdmin localized data. erp-app.php passes same via __ERP_CONFIG__. Admin formatUtils.js rewritten to read from settings instead of hardcoded EUR/el-GR. New erp/src/utils/format.js shared utility for ERP SPA.

Fixed

  • License badge priority — Trial badge showing instead of licensed tier badge
  • Welcome email stubonCustomerCreated() now sends actual welcome email using new_account template
  • Email resend endpoint — Resend now uses full order data for all email types
  • Hardcoded currency/tax values (PHP) — Replaced /EUR/24 tax rate with dynamic values in 10+ files
  • Hardcoded currency values (JS/React) — Replaced /EUR in 17 Admin/ERP React files with getCurrencySymbol()/formatCurrency()
  • Hardcoded 'GR' country codes — Replaced with dynamic store_country in 8 files
Full Version History

For the complete changelog including all previous versions, contact our support team.

Last updated on