UpdraftPlus Premium 2.24.11.26

2.23.14.26

FIX: An issue that prevented incremental backups from running via WP-CLI or Cron when the option to backup mu-plugins was enabled but no mu-plugins existed
FIX: OneDrive remote storage authentication was giving the error "Invalid input."
FIX: The option to back up additional, user-chosen files (i.e. the morefiles entity) was no longer present in the UI
TWEAK: Remove unused "migrator-lite.php" string during search and replace operations
TWEAK: Replace remaining hardcoded text domain with UPDRAFTCENTRAL_TEXT_DOMAIN placeholder within the central folder
TWEAK: LiteSpeed admin dashboard warning is now displayed upon completion of migration on the destination site, even after dismissing the message on the source site.
TWEAK: Do not show UpdraftPlus news in the WordPress events and news widget section without first gaining user consent
TWEAK: Change order of checks when seeing if cPanel is present/accessible for asking about disk quota in order to prevent unwanted an PHP notice when safe_mode is active
TWEAK: Prevent potential fatal error if something has modified an updates check's 'translation' property to be invalid before passing on to UpdraftPlus
TWEAK: Update bundled cacert.pem file

SECURITY: Fix a vulnerability which could, if you had Google Drive storage enabled, and if an attacker targetted a logged-in administrator on your site and persuaded them to access a specific URL that the attacker creates, add the attacker's own Google Drive account to the saved storage methods. Thanks to Nicolas Decayeux of Patrowl for finding and disclosing this issue.
FEATURE: Add JSTree for Google Drive to select existing folder
FEATURE: The "Must-use plugins" backup entity can be backed up and restored separately in a normal WordPress site
FIX: OneDrive folder case sensitivity issue (successfully uploaded backup files to the remote storage but failed in pruning old backup files due to different letter capitalisation; also happened in manual deletions)
FIX: When two instances of WebDav remote storage were sequentially added in the Premium version, filling some fields of the latest instance would break the WebDav URL of the previous instance
TWEAK: Update phpseclib library from version 1 to 2. As previously advised, this also means that these features (Database Encryption, Dropbox & SFTP/SCP remote storage, and UpdraftCentral key creations) will no longer be available and can cause a fatal error when running on PHP 5.2
TWEAK: Add a link to Trustpilot in the review prompt
TWEAK: Added a warning message when the WPHTTPBLOCK_EXTERNAL is defined and set to true
TWEAK: Added the "Copy to clipboard" button under the self-hosted central option
TWEAK: File size is shown when pressing on the backup entity
TWEAK: Fix the restore dialog to not display "plugins" checkbox when only there's "mu-plugins" entity
TWEAK: Fixed PHP 8.2 deprecation messages caused by a null value being passed to the rtrim() function
TWEAK: Resolve PHP deprecations for the dynamic property access by declaring the variables in the class
TWEAK: Includes the plugin.php file path if "getmuplugins" function does not exist.
TWEAK: Provide default options for function UpdraftPlus::backup_all()
TWEAK: Add and call the litespeed_finish_request() function to ensure the HTTP connection made from the browser gets closed immediately without having to wait the process to complete thus leaving it run in the background
TWEAK: Ensure no PHP "Class not found" is showing up during credentials testing
TWEAK: Add type checking in UpdraftPlus::handleurlactions() to prevent plugin conflicts causing PHP errors on PHP 8+