User Role Editor Pro 4.64.4

* Core version: 4.51.1
* Fix: Post/Pages/Custom post types (CPT) edit restrictions add-on:
* - When CPT excluded from restrictions via 'ure_restrict_edit_post_type' filter, its categories list is not restricted for selection too.
* Update: Meta boxes access add-on: It's possible to automatically block Gutenberg components (right sidebar) - just block corresponding meta boxes: Categories, Tags, Featured Image, Excerpt, Discussion, Slug (Permalink).
* Core version was updated to 4.51.1
* Fix: Superadmin could not revoke capabilities from 'administrator' role under WordPress multisite.

New: Posts edit access add-on:
– Custom filter ‘ure_edit_posts_access_add_orders_by_customer’ was added. It returns FALSE by default. If switch it to TRUE and turn ON “Own data only” option for role or user, add-on will make available for current user WooCommerce orders for which he is a customer. It may be useful for scenario, when order customer is allowed to edit his own orders. It will prevent current user from seeing orders from other customers.
– Custom filter ‘ure_edit_access_posts_list’ was added. It allows programmatically set/change the list of posts ID which will be used to allow/prohibit editing for current user.
Fix: Content view restrictions add-on:
– PHP notice was fixed: Undefined index: ure_prohibit_allow_flag in /wp-content/plugins/user-role-editor-pro/pro/includes/classes/content-view-restrictions-posts-list.php on lines 398, 406.
– If restriction is not set for a post or page, use default values from URE settings or hard-coded value if other is not available.
Core version was updated to 4.51:
New: Bulk actions were added to the Users page: “Add Role”, “Revoke Role”. Select role from the related drop-down menu and add/revoke it to/from the list of pre-selected users.
Update: Bulk grant roles feature (“Grant roles” button at the “Users” page) and Bulk grant role to users without role (“Without role” button at the “Users” page) are protected by ‘promote_users’ capability instead of ‘edit_users’, exactly the same way as WordPress itself does for its “Change role to”.
Update: ‘load-users.php’ action is used instead of ‘admin_init’ to load support code for “Without role” and “Grant roles” button at the “Users” page.
Update: URE ignores now a capability without ID in case it was added to the database somehow (other plugin bug, etc.). Such incorrect empty capability is removed from the capabilities list as a result after any role update.

• Fix: Posts/pages edit restrictions add-on: PHP “Notice: Undefined index: HTTP_REFERER in /wp-content/plugins/user-role-editor-pro/pro/includes/classes/posts-edit-access.php on line 514” was fixed.

• Fix: Content view restrictions add-on: Option “Redirection to URL” does not work correctly for page containing GravityView shortcode, like “[gravityview id=’43’]”. Redirection code is hooked to the ‘template_redirect’ action with priority 9 now in order to be executed earlier than related code from Gravity View.
• Fix: Admin menu access add-on: Endless redirection loop could took place in rare cases. If current URL is blocked URE selected automatically the 1st available admin menu item and redirects to it. Automatically selected menu item is checked against blocked URLs list to exclude such issue.
• Fix: WordPress multisite: add-ons data from the main site was not copied to a new subsite in case new subsite was created from front-end.
• Core version was updated to 4.50.2:
• Fix: WordPress multisite: PHP Notice “wpmu_new_blog is deprecated since version 5.1.0! Use wp_insert_site instead.” was removed. URE uses ‘wp_initialize_site’ action now instead of deprecated ‘wpmu_new_blog’. This fix provides correct roles replication from the main blog/site to a new created blog/site.