Improvement: Added list of known malicious usernames to suspicious administrator scan.
Improvement: Added ability for the WAF to determine if a given plugin/theme/core version is installed.
Improvement: Added a feature to export a diagnostics report.
Improvement: Add php_errorlog to the list of downloadable logs in diagnostics.
Improvement: Added a prompt to allow user to download a backup prior to repairing files.
Improvement: Prevent scan from failing when the home URL has changed and the key is no longer valid.
Improvement: Deprecated PHP 5.3, and ended PHP 5.2 support by prevent auto-update from running on older versions.
Fix: Fixed issue where WAF mysqli storage engine cannot find credentials if wflogs/ does not exist.
Fix: Changed capability checked to read WP REST API users endpoint when “Prevent discovery of usernames through …” is enabled.
Fix: Prevented duplicate queries for wordfenceCentralConnected wfconfig value.
Fix: Prevented custom wp-content or other directories from appearing in “skipped paths” scan result, even when scanned.
Fix: Login Attempts dashboard widget “Show more” link is not visible when long usernames and IPs cause wrapping.
Fix: Fix typo in the readme.
