Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2023-3126: Changelog - B2BKing

The B2BKing plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the ‘b2bkingdownloadpricelist’ function in versions up to, and including, 4.6.00. This makes it possible for Authenticated attackers with subscriber or customer-level permissions to retrieve the full pricing list of all products on the site.

CVE
#vulnerability#web#ios#windows#google#js#wordpress#php#pdf#auth

Version 4.6.25 - May 30th, 2023

Enhancements:

  • When creating manual backend orders, the plugin now pulls the correct user group price, sale price or tiered price (based on qty selected). It also supports dynamic rules for fixed price and discount as sale price. May not fully support tax.

Fixes:

  • Updated translation template

  • Fixed cream order form number update issue

Version 4.6.20 - May 27th, 2023

New feature:

  • Added backend “Reports” page with reports by B2B group, by customer, and more.

Backend UI Improvements:

  • Implemented SweetAlerts for notifications, alerts, confirmations

  • Added Drag & Drop sort order for registration fields and roles

  • Post Types (registration roles, fields, dynamic rules etc) can now be enabled / disabled via AJAX toggle toolbar

  • Added visual preview for registration fields

  • Added registration form, bulk order shortcodes buttons for easy access

  • Design improvements to tables, notifications, dashboard and various other elements

  • Added “Refresh Data” button to trigger dashboard data update

  • Other UI improvements and fixes

Fixes:

  • Vulnerability fix - Authenticated Product Price Change: A logged in user may have been able to modify product prices using AJAX calls. Thank you to NinTechNet / Jerome Bruandet ( https://secure.nintechnet.com/ ) for reporting the issue and recommending solutions.

  • Fixed issue where Bulk Variation Actions no longer worked following a WooCommerce update.

  • Fixed pagination issue where clicking next/previous lost filters in the order form.

Version 4.6.00 - May 9th, 2023

Enhancements:

  • Added ‘go to offers’ link in offer emails

  • Added link to products in offer images

  • Post number added to conversation title for easier management

  • Added ‘Products loading…’ message to order form

Fixes:

  • Fixed issue with tax settings not being applied in bulk order form tiered pricing application

  • Division by zero error fix

  • Fixed registration login bug

  • Minor bugs and fixes

Version 4.5.85 - April 19th, 2023

Hotfix:

  • Bug fix for min quantity add to cart issue.

Version 4.5.80 - April 15th, 2023

Enhancements:

  • It’s now possible to add multiple order forms (Cream / Indigo) on the same page.

  • Added setting to disable the plugin’s coupon value feature in B2BKing → Settings → Other → Components. May help fix conflicts with coupon plugins.

  • Minimum order errors now show in checkout as well for added clarity

  • Bulk order form now compatible with “raise price” dynamic rules.

  • New “product_list” bulk order theme parameter

Fixes:

  • Issue where order form pagination was applied before sorting is resolved.

  • Fixed issue where subaccounts send order for approval email was sent twice.

  • Fixed min order ajax add to cart quantity bug

Version 4.5.40 - March 1st, 2023

Enhancements:

  • Added new “Automatic” sort order option for Cream Form. This uses the “default sorting” and you can change the sort order via Products → All Products → Sorting in the backend.

  • Cream order form: Main variable product is now highlighted with a gray background color when selected.

Fixes:

  • Fixed bug with dynamic rule discounts that caused critical checkout error.

Version 4.5.30 - February 24th, 2023

New Features:

  • Tiered pricing can now sum up the total quantity of variations for variable products. More info at: https://woocommerce-b2b-plugin.com/docs/b2bking-tiered-pricing-setup-auto-generated-tiered-pricing-table/#5-toc-title

Enhancements:

  • Added ‘rule priority’ system to some of the dynamic rules. You can now set a priority to determine which rule should apply first.

  • Added pagination to cream and indigo order forms.

  • Cream / Indigo order forms now check quantity before allowing it to be added to cart.

  • Variations are now sorted in the order form according to their chosen order in the backend

  • Added support for the Post Expirator plugin: https://woocommerce-b2b-plugin.com/docs/set-an-expiration-date-time-limit-for-discounts-offers/

Fixes:

  • Solved issue where clicking quickly on add to cart order form buttons resulted in some products occasionally being missed and not added to cart.

  • Update for Min / Max / Step quantities needed for WooCommerce 7.4.0

  • Fixed bug where variations would show separated in the bulk order form (Cream / indigo)

  • Fixed performance bug related to monthly and yearly rules calculation

Version 4.5.01 - February 9th, 2023

New features:

  • Quantity Rules on Product Page

  • Added Yearly and Monthly group rules (move users between groups based on the previous month / year total spent)

Enhancements:

  • Cream order form design enhancement: Added clickable cart icon to top right corner. It is also possible to change the cart icon to a “checkout” button via B2BKing → Settings → Bulk Order Form.

A “Cream form top button” setting is visible if the selected theme is “cream”.

  • “Rename Purchase Order Method” has now been changed to “Rename Payment Method” and can be used for any payment method.

  • Offers are now no longer purchasable if one of the products in an offer is out of stock. Behaviour can be disabled via add_filter(‘b2bking_offers_items_use_stock’,’__return_false’);

  • When using category product visibility, price fields for hidden groups are now hidden as well in the product backend.

  • Added company column on Orders and Users page, as well as in Conversations

  • Subaccounts now inherit parent user roles (except administrator and shop_manager roles)

  • Company order approval feature now supports entering a ‘Rejection reason’. When entered, an email is sent to the subaccount informing them of why the order was rejected.

Fixes:

  • Fixed offers tax calculation issue when tax was not enabled in shop settings.

  • Fixed bug where notices showed twice on the cart page

  • Fix for price display of grouped products when using discount dynamic rules

  • Fixed ‘company order approval’ bug where paid orders were still showing the ‘pay now’ button.

Version 4.4.55 - January 14th, 2023

New features:

  • New dynamic rule: "Quotes on Specific Products". It is now possible to enable quotes on specific products / categories only.

  • Added feature to allow existing B2C users to submit the B2B account registration form in order to upgrade their accounts. Disabled by default, can be enabled in B2BKing -> Settings -> Registration.

Enhancements:

  • Subaccounts can now also pay for orders themselves after orders have been approved.

Fixes:

  • Fixed bug where all dynamic rules were not showing under a group’s ‘dynamic rules that apply to this group’ panel.
  • Fixed translation issue where ‘account approved’ email was not being sent in customer’s language
  • Fixed for potential ‘headers already sent’ error.

Version 4.4.33 - December 26th, 2022

- Fixes: Customers panel AJAX bug fix

Version 4.4.30 - December 26th, 2022

Enhancements:

  • Custom fields (e.g. VAT) can now show in attached invoice PDFs Fixes:
  • Fixed issue with incorrect price rounding when applying tiered pricing in the order form
  • Performance improvements, may be significant for sites with large amounts of data
  • Added ability to show total price for tiered table (Beta) - enable with code snippet: add_filter(‘b2bking_show_total_price_tiered_table’,’__return_true’);
  • Added ‘b2bking_user_type’ cookie with values b2b, b2c, logged_out. Can be used for example to exclude caching for logged in b2b users.

Version 4.4.10 - December 4th, 2022

Enhancements:

  • Product notification now displayed when users cannot add products to cart because of an existing cart offer.

Fixes:

  • Fix for potential issue where a non-approved user could login through exploits.
  • Fixed bug where dynamic rules would not apply correctly
  • Fixed license activation issues

Version 4.4.00 - November 30th, 2022

Enhancements:

  • Added built-in auto-updates and license verification system
  • Added min and step quantity rules support to Classic Order form
  • When there is a group sale price and group tiered price, the lowest of them will now be given to customers

Fixes:

  • Fix for BOGO rules applying for first quantity
  • Fixed VAT validation issue for checkout validation
  • Fixed cart free shipping rules bug

Version 4.3.64 - November 12th, 2022

New features:

  • Offers can now be purchased only once per user (optional). Controlled through setting at B2BKing -> Settings -> Other-> “Offers can only be purchased once”
  • New setting: Hide prices in quote-only mode. With this, prices can now be shown even if quote-only mode is used.

Enhancements:

  • Order form products now open in new tab

Fixes:

  • Fixed issue where price was not hidden in quote mode in cart.
  • Error fix related to REST API
  • Fixed issue with B2BKing ‘always in stock for b2b’ feature.
  • Fixed WPML translation issue

Version 4.3.4 - Octomber 25th, 2022

New features:

  • Coupon functionality can now be completely disabled for B2B users. More info at https://woocommerce-b2b-plugin.com/docs/restrict-coupons-for-b2b-b2c-users/

Enhancements:

  • Added WPML compatibility to the ‘Separate B2B Stock’ feature.
  • Items hidden with ‘catalog visibility’ feature are now excluded from order form results
  • Bypasses captcha for subaccount creation for ‘Advanced Google Recaptcha’ plugin.
  • New custom field option field for registration: radio buttons

Fixes:

  • Fixed issue with variable prices being displayed without accounting for VAT on the cream order form,
  • Fixed internal tax exemption cache issue.

Version 4.3.28 - Octomber 7th, 2022

New features:

  • New ‘tiered price rules’ allow you to create tiered price tables for multiple products at once https://woocommerce-b2b-plugin.com/docs/tiered-price-rules/
  • Added setting to allow entering tiered prices as percentages instead of final prices.

Fixes:

  • Price display bug fix

Version 4.3.17 - October 2nd, 2022

Enhancements:

Major Improvements to Cream Order Form:

  • Improved display on mobile

  • Added + - qty buttons

  • Added ability to show SKU and Stock levels via shortcode parameters

  • Improved display of variable products: variations are now hidden and expandable, for a cleaner form

  • Improved theme compatibility

  • Added clear button

  • Added cart quantity icons

  • Handles long product names better

  • Added ‘allvariations=yes’ parameter to the b2bking_tiered_pricing_table shortcode, to automatically show all variation tables for variable products.

Fixes:

  • Bug fix for dynamic rules connected to pricing and price display

Version 4.3.05 - September 29th, 2022

New features:

  • New shortcode for login form only: [b2bking_login_only]

Enhancements:

  • Order form shortcode now supports excluding categories. More info at: https://woocommerce-b2b-plugin.com/docs/wholesale-bulk-order-form/#2-toc-title
  • Order form shortcode can now be modified on the my account page via filters (see above link)
  • Improvements to order form UI when items are sold individually or out of stock
  • Added extra options to allow setting tiered prices in bulk for variations.

Fixes:

  • Fixed issue where sale price was showing incorrectly on the cart page.
  • Fixed issue where regular and sale price would be identical, but both were shown.
  • Fixed issue with creating new purchase lists
  • Fixed issue related to decimals input while editing prices
  • Fixes settings panel issue

Version 4.2.85 - September 21st, 2022

New Features:

  • Tiered price table can now be clicked to set the range / choose quantity. New setting controls this in B2BKing -> Settings -> Tiered Pricing & Table

Enhancements:

  • Added option to control inc. / ex. VAT suffix in B2BKing -> Settings -> Language
  • Improvements to settings page UI

Version 4.2.80 - September 16th, 2022

Enhancements:

  • Multiple file uploads can now be enabled through a snippet: add_filter('b2bking_allow_file_upload_multiple’, ‘__return_true’);

Fixes:

  • Fixed issue with offer download PDF button
  • Fixed bug with free shipping rules application
  • Minor bug fixes

Version 4.2.70 - September 5th, 2022

Major Performance Improvements:

  • Improvements to dynamic rule selection algorithm
  • Improved search algorithm for the order form
  • Added caching to algorithm that calculates product categories

Enhancements:

  • Improvements to how the Cream and Indigo order form handle stock quantity
  • Improvement to integration between B2BKing Dynamic Rules and WPML (for easier product selection when creating rules)
  • Improvements to quote button in cart
  • You can now set the ‘sort order’ to -1 for a registration role, which will force the customer to choose an option from the dropdown (user type dropdown)
  • Dynamic rules now support REQUIRED MULTIPLE STEP QUANTITY for individual variations (plugin’s own JS script).
  • Added image setting for offers with 2+ products. For offers with a single product, that product’s image will now show.

! Changes: Dynamic rules required multiple for variable products no longer force qty in product pages (for that, you must select individual variations). To use old behaviour, add: “add_filter(‘b2bking_required_multiple_variation_use_parent’,’__return_true’);”

Fixes:

  • Fixed min / max qty issue in Indigo Order Form
  • Fixed issue where tiered table would not show when variations were loaded with AJAX.
  • Fixed issue where purchase lists would not apply tiered pricing after loading
  • Fixed critical error - function typo
  • Deprecated PHP function error fixed

Version 4.2.41 - August 16th, 2022

Enhancements:

  • Enhanced the Cream Order Form: Search by category + sort by features added + design improvements
  • Rule selection algorithm improvement for many dynamic rules: May result in performance improvements.

Version 4.2.3 - August 11th, 2022

Enhancements:

  • Added option to enter individual user IDs as text in rule details
  • Added setting (In Settings -> Other -> Components) to disable frontend registration scripts.
  • Added 'Select all products’, 'Select all categories’, and ‘Clear all’ buttons to dynamic rule configuration for easier management.

Version 4.2.21 - July 18th, 2022

New Features:

  • Company Order Approval feature for subaccounts. Accounts can now enable and require order approval for their subaccounts’ orders.

Enhancements: -> Added min qty and max qty options to Payment Method Min / Max Order rules -> Backend offer creation now sets the default price automatically for products -> When users are deleted, any dynamic rules assigned to them specifically will also be deleted now.

Fixes: -> Fixed incompatibility between some shortcodes and elementor -> Fixed issue where backorders products were not available in the order form -> Fixed issue with importing products with meta data -> Fixed issue with required multiple rules on categories / all products, applying to individual items -> Fixed product visibility in bulk order search bug

Version 4.1.97 - June 14th, 2022

New features:

  • added ‘Taxable’ option to ‘Add Tax’ dynamic rules.
  • added exclude parameter to order form
  • added [b2bking_tiered_pricing_table] shortcode

Enhancements:

  • better enforcing on min / max values in order form
  • Added ‘price tiers’ import to woocommerce price importer

Fixes:

  • styles fixes for order form on Windows
  • fixed min order inconsistency in bulk order form
  • fixed several issues with VAT validation
  • performance fix for dynamic rules and fixed price rules in particular
  • fixed error with woocommerce price importer b2bking price fields
  • fixed issue with subaccount product visibility

Version 4.1.8 - May 21st, 2022

New features:

  • Added [b2bking_product_information_table] shortcode Fixes:
  • Backend performance fixes

Version 4.1.7 - May 16th, 2022

New features:

  • Added new option: ‘Always in stock for B2B’ Fixes:
  • Performance / loading fix
  • Minor bug fixes and improvements

Version 4.1.6 - May 1st, 2022

New Features:

  • New Wholesale Order Form Themes & Styles: Indigo & Cream
  • New dynamic rule: Non-purchasable products
  • New dynamic rule: Raise price (percentage)
  • Added AJAX loading to backend pages for faster and easier management
  • Added ‘Change group’ bulk action in Users panel

Enhancements:

  • Added basic limited WPML multicurrency integration
  • UI, Design and Loading improvements
  • Stability improvements to ‘Show both prices’ feature

Fixes:

  • Fixed stock status bug for separate b2b/b2c stock

Version 4.1.0 - April 16th, 2022

New Features:

  • Added separate stock for B2B and B2C
  • Added ability to hide stock for B2C or hide precise stock quantities Enhancements:
  • Added cache clearing tool

Version 4.0.9 - April 10th, 2022

Enhancements:

  • Added a product visibility check to regular wordpress posts search
  • Updated required multiple modulo function for better float checks
  • Subaccounts name now uses wordpress first / last name
  • Added limited compatibility with ‘All Products for WooCommerce Subscriptions’

Fixes:

  • Fixed minor issue with pdf generation for offers
  • Fixed product visibility issue for subaccounts
  • Fixed integration issue with Dokan and WCFM

Version 4.0.6 - March 7th, 2022

Enhancements:

  • Various improvements and fixes
  • Added “time” field type to custom fields
  • Improved separate my account page behaviour
  • Improved extra options / addons compatibility features
  • Integrated order form search with Relevanssi - courtesy of Jon from https://divint.no

Fixes:

  • Fixed issue with tax exemption cache for logged out users.
  • Fixed plugin activation issue.
  • Fixed visibility bug where all items would appear visible

Version 4.0.4 - February 17th, 2022

New Features:

  • Added new “id” parameter for [b2bking_offers] shortcode.

Now you can add individual offers to specific pages by specifying the id. Usage: [b2bking_offers id=1234]. For example you could use this method to advertise an offer or bundle in a product description.

  • Added “Product Options / Addons” compatibility setting in B2BKing -> Settings -> Other -> Compatibility.

This is an early feature that aims to add basic compatibility with pricing with most addons plugins. We are not aiming for / it would be impossible to achieve perfect compatibility under all scenarios with these kind of plugins. But hopefully this setting can be a step in the right direction to enhance this. We advise you to test with your specific plugin.

We have tested this with: -> WooCommerce TM Extra Product Options -> Acowebs WooCommerce Custom Product Addons

Enhancements:

  • Offer downloads as PDF now compatible with lazy loading

Fixes:

  • Fixed issue with tax exemption cache for logged out users.
  • Fixed plugin activation issue.
  • Fixed visibility bug where all items would appear visible

Version 4.0.2 - February 2nd, 2022

Enhancements:

  • Implemented “all products except” selector for add tax rules
  • Payment method discount rules now support negative values (surcharge)
  • Shipping / payment methods now enabled by default

Fixes:

  • Fixed Required Multiple Rule Selection bug
  • Fixed BOGO error with variable products
  • Fixed issue where Sales Agent Approval emails were not sent
  • Fixed Max Order rule input value bug
  • Fixed bug with multiple add tax rules
  • Fixed integration bug with SalesKing - admin customers panel

Version 4.0.0 - January 3rd, 2022

Enhancements:

  • Product Visibility Cache now compatible with WPML. Now each language has its own cache. This will help speed up sites with WPML that also use B2BKing visibility.
  • Added Russian translation, courtesy of Almaz.
  • View account order subaccounts permission now also shows addresses.

Fixes:

  • Fixed WPML Checkbox translation issue
  • Fixed issue where product page tables would also show in “related items” or other smaller type displays where they’re not supposed to show

-> Other minor enhancements and fixes

Version 3.9.8 - December 7th, 2021

New Features:

  • Added salesking agent to customers panel
  • Added filter by group in the users panel

Enhancements:

  • Compatibility update for WooCommerce 5.9.0 for Price Import/Export
  • Improved compatibility with Uncode theme
  • Improved visibility cache targeting: for example should minimize conflicts where visibility incorrectly targets blog posts.
  • Subaccount parents can now pay for child orders
  • Added option to change retail price / wholesale price text via settings

Fixes:

  • Fixed issue with custom billing data not saving when creating new orders
  • Fixed issue in account approved email template
  • Fixed error when category visibility would be lost on quick/bulk edits
  • Fixed registration redirect bug
  • Fixed display issue in tax exemption country dropdowns
  • Fixed bug with users search in the admin panel

Version 3.9.7 - November 25th, 2021

Enhancements:

  • B2BKing content shortcode now works better with other shortcodes inside (should support VisualBakery shortcodes inside for instance)
  • Saving B2BKing settings now clears plugin caches.
  • Added pending registrations no. to B2BKing Dashboard menu Fixes:
  • Fixed issue with tax exemption not applying initially after country changes
  • Fixed bug where purchase list price would load initially as rounded
  • Fixed bug where bulk order form images appeared as null/error/blank
  • Fixed bug related to customers panel loading wrong customers when using the AJAX feature
  • Fixed vendor issue with WCFM addon
  • Fixed checkout validation bug

Version 3.9.5 - November 12th, 2021

Enhancements:

  • Improved theme compatibility with Porto and others.
  • Bulk order form improvements.
  • Logged out users are now sent quote request details via email once they make the request
  • Improvements to required fields in checkout
  • Payment method discounts will only show in the checkout page now

Fixes:

  • Fixed issue where registration data would not fill in billing details when using WPML.
  • Fixed issue with purchase lists shortcode
  • Fixed issue where credit did not have the correct price in cart
  • Fixed user shipping and payment method manual override issue for b2c users

Version 3.9.0 - October 24th, 2021

Changes:

  • B2BKing Pro (CodeCanyon version) now requires the free B2BKing Core plugin from WordPress.org to be installed.

Fixes:

  • Fixed tiered price table bug

Version 3.8.9 - October 19th, 2021

Enhancements:

  • Minimum / Maximum / Multiple rules: Added checkbox to select each individual product within the rule
  • Integration with SalesKing: SalesKing agents get their own product visibility when shopping as customers. This way agents can view additional products that regular customers cannot.
  • Added ability to add additional content to emails.
  • Improved support for prices with high nr. of decimals

Fixes:

  • Fixed error related to required multiple rules

Version 3.8.7 - October 13th, 2021

Enhancements:

  • Bulk order form speed improvements
  • Bulk order form better image handling
  • Improvements to subaccount password requirements
  • Added compatibility (for product visibility) with AJAX Search Lite plugin

Changes:

  • Regular tiered pricing no longer applies for b2b users if they have a special group price

Version 3.8.6 - October 1st, 2021

Enhancements:

  • Added the ability to use the older shipping control mechanism (non-zone based) via a code snippet.
  • Improved vat suffix function: now works for excl. shop incl. cart vat situations
  • Auto clean subaccounts that no longer exist
  • Added support for the B2BKing for WCFM addon

Fixes:

  • Fixed bulk order form variations search visibility bug
  • Fixed error related to ajax actions

Version 3.8.5.3 - September 26th, 2021

Enhancements:

  • Improved asset loading: pdfmake only loads in offers pages now. Fixes:
  • Fixed WPML conflict with discounts

Version 3.8.5 - September 25th, 2021

Enhancements:

  • Bulk order form and purchase lists are now usable in quote request mode
  • Quotes now start with the item’s regular / sale price instead of 0
  • Enhanced UI in Orders backend for hybrid mode
  • Improved dynamic rules UI
  • Added compatibility with Hide Shop + Products with Elementor Pro

Fixes:

  • Fixed admin bug, missing function
  • Fixed bulk category set issue where cache would not flush

Version 3.8.0 - September 20th, 2021

New Feature:

  • Automatic group changes You can now change groups based on thresholds. Example: Move users from the “B2B Group” to the “VIP” group when they reach $200,000 spent. Functionality is accessed from the Business Groups page (new button next to “new group”)

  • Added the ability to add and manage custom quote fields (text, number, file, etc)

  • Offers can now be downloaded as PDFs in both backend and frontend

  • Offers can now be emailed

  • Better integration between quotes and offers. You can now reply with an offer directly from a quote request conversation. The fields will be preopulated for easy replies. A message and email is also generated as a response.

  • Offers can now be purchased in quote request mode.

Enhancements:

  • Improvements to quotes and conversations display.
  • Simplified settings.

Fixes:

  • Fixed bug related to checkboxes in registration

Version 3.7.1 - September 5th, 2021

Enhancements:

  • Added setting to display prices with “inc. VAT / ex. VAT” based on the user’s VAT exempt or not exempt status
  • Improvements to minimum order dynamic rules. Now input quantity is force based on minimum, adjusted for cart quantity. Example: if the minimum is 100 and there are 40 pieces of the item in cart, now the product page will force the input to have a minimum of 60.

Version 3.7.0 - September 1st, 2021

Enhancements:

  • Better display of custom fields in emails and pages
  • Checkboxes can now be made required
  • B2BKing interface improvements
  • Improvements to price list import and export: — SKU now supported — Regular prices can now be imported — Tiered pricing can now be imported — Display improvements
  • Improvements to bulk order form: — Form now accounts for stock quantity limits — Form now adjusts for tiered pricing — Form now supports images in searches

Modifications:

  • Rules that apply to categories, now also apply to all subcategories of that category (previously rules only applied to direct categories). Old behaviour can be set with a code snippet - contact us for details.

Fixes:

  • Fixed issue where dynamic rules would not apply in the case of multiple rules for the same user
  • Fixed issue with fields display during checkout registration

Version 3.6.5 - August 13th, 2021

Enhancements:

  • Improved compatibility with WOOCS
  • Improved purchase list item & price loading
  • Enhanced bulk visibility editor with extra options
  • Improved compatibility of “Hide Shop & Products” feature
  • Improved price import feature to support semicolon-separated CSVs
  • Added Print button under user registration data form
  • Clear all plugin data on uninstall (based on settings)
  • Fixed grouped price display issue with group pricing
  • Added tool to turn subaccounts into regular accounts
  • Bulk Order form improvements
  • Dynamic Rule speed improvements

Fixes:

  • Fixed dynamic rules bug with discounts that did not apply for category rules
  • Fixed checkout bug on mobile related to payment methods
  • Fixed dynamic rules incorrect selection bug
  • Fixed issue related to CSV upload where items would not upload
  • Fixed issue where manual updates for registration data would not work
  • Fixed issue where custom fields were not saved at checkout
  • Data is no longer lost on restore after posts are deleted

Version 3.6.0 - June 24th, 2021

New Features:

  • Added option to “Hide Shop & Products” to restrict all pages

Enhancements:

  • Offers are now integrated with WC stock and will adjust stock qty
  • Dynamic rule speed improvements
  • Added billing custom fields to admin new order email
  • Improved email compatibility with WPML
  • Improvement to free shipping rule

Fixes:

  • Dynamic rule minimum/maximum order logical fixes
  • Issue where product links would not show in cart has been fixed
  • Fixed quote email bug with translated emails
  • Fixed bulk order form issue where draft products would show

Version 3.5.3 - May 12th, 2021

New Features:

  • Added dynamic rule: “Rename Purchase Order Method” - will allow you to set different names such as “Net 30” or “Net 45” for different groups or users, based on the negotiated terms.
  • Added ability to configure endpoints

Enhancements:

  • Added visibility support for upsells, cross-sells, related products.
  • Added B2BKing custom billing fields to admin new order interface
  • Backend items can now be edited in bulk
  • Separated advanced settings: disable shipping and payment method control
  • Added option for ‘All categories visible’ for specific groups

Fixes:

  • Fixed bug about random field order number in checkout page
  • Fixed WPML translation conflicts with visibility
  • Fixed error where purchase lists with unavailable items were not deletable.
  • Fixed price display bug with range prices
  • Fixed hover color issue when tiered pricing quantity is set to 1
  • Fixed checkout bug where “is required” would be displayed incorrectly.

Version 3.5.0 - April 20th, 2021

New Features:

  • Added ability to display Minimum Order Quantity in Shop/Archive/Category page via settings
  • Added ability to display Tiered Price as a Range via settings
  • Added discount column option for the Tiered Pricing Table
  • Added setting to highlight active range and dynamically update price as quantity changes in the Tiered Pricing Table

Enhancements:

  • Plugin will now only show shipping and payment methods if they are enabled in WooCommerce
  • B2BKing registration shortcodes now return TRUE for is_account_page(), leading to better compatibility with many themes

Fixes:

  • Fixed percentage discount dynamic rule calculation issue with multiple rules
  • Fixed AJAX bug related to tiered pricing
  • Bulk order form no longer shows variations that don’t have all attributes set (not purchasable)
  • Fixed bug where dynamic rules would not be applied for newly registered b2c
  • Fixed bug where data could be lost after Bulk Edits
  • Fixed dynamic rule selection bug for logged out users

Version 3.3.5 - March 20th, 2021

New Features:

  • Added BOGO (Buy X Get 1 Free) discount dynamic rules

Enhancements:

  • Added loader icons to my account elements
  • Added the ability to set prices in bulk for variations
  • Adds support for company credit addon

Version 3.3.0 - March 15th, 2021

New Features:

  • Added “Payment Method Discount” rules. Usage example: 10% discount for paying with credit card.
  • Added “Payment Method Maximum Order” rules. Usage example: Cash on Delivery can be used for orders of maximum $1000. If cart total exceeds that, the method is disabled.

Enhancements:

  • Improvement to Tax Exemption with paid VAT in Cart - improved calculation, improved display and added coupon support.
  • Shipping methods control: all methods are now controllable, not just main methods (e.g. all flat rate options, not just the main category)
  • Improved input steps: now minimum quantity is also supported
  • Subaccount creation now automatically copies billing and shipping data to subaccount
  • Added option to deactivate/unapprove users
  • Required multiple rules for categories now inform users which items in cart are part of that category

Fixes:

  • Fixed bug with page and JS loading in thank you page
  • Fixed issues related to decimals handling based on locale
  • Fixed issue with WPML translation for choices in SELECT dropdowns

Version 3.2.0 - February 25th, 2021

New Features:

  • Added shortcodes for offers and purchase lists pages: [b2bking_offers] and [b2bking_purchaselists]

Enhancements:

  • Added password strength check to b2bking registration
  • Added locale and validation to backend b2bking price fields
  • Added quantity step to product page qty field for required multiple rules
  • Added check during activation that b2bking lite is not active
  • Cache is now flushed when scheduled posts are published
  • Adds support for PHP 8 by fixing deprecated code
  • Improved compatibility with WPML regarding emails and purchase list language
  • Subaccount checkout permission error is now displayed perpetually in the checkout page
  • Improved display support for variable products with 3 ore more attributes

Fixes:

  • Fixed incorrect price in cart for issue. A recent WordPress update had broken one of the plugin’s pricing functions.
  • Preview mode redirecting to My Account issue is fixed
  • Content restriction shortcode now works in Quick View (AJAX)
  • Fixed bug where quotes would be enabled for guests incorrectly
  • Fixed issue where tiered/information table data would be lost
  • Fixed issues with user registration data in backend and my account

Version 3.1.0 - February 4th, 2021

New Features:

  • Added Purchase Order Gateway
  • Added Quick Order via CSV Upload (SKU and Quantity List)
  • Purchase Lists can now be Downloaded as CSV by customers in My Account
  • Added option for Separate My Account page for B2B Users. See https://woocommerce-b2b-plugin.com/docs/how-to-completely-separate-b2b-and-b2c-registration-in-woocommerce-with-b2bking/ for details
  • Added Tool to set users as subaccounts of a parent user in bulk

Enhancements:

  • Improvements to Currency Rules. Now rules change not just symbol, but attempt to change currency completely for a user/group.
  • Improved interface to show Conversations number in menu
  • Improved Tiered Price Table. If regular table is set but group table not set, only tiers with better price than user price are now shown in the table.
  • Improved REST API support.
  • Users now sortable by Waiting Approval in the the users panel.
  • B2BKing now flushes object cache when transients need updates - may help solve other caching issues

Fixes:

  • Fixed issue where VAT could prevent other items from being editable in my account
  • Fixed product / category visibility bug related to username-based visibility
  • Fixed category visibility issue when translating with WPML
  • Fixed category exclusion bug for discounts
  • Fixed purchase list NaN bug where price would not show for specific products, because of search speed optimizations.

Version 3.0.0 release - January 11th, 2021

New Features:

  • Superfast Caching
  • Enhanced UX and Design
  • Adaptive Settings

Enhancements:

  • Improvements and Updates to Tax Exemptions. Now exemptions take into account what the shop calculates tax based on.
  • Refactoring

Fixes:

  • Tax exemption cache issue related to a recent WooCommerce update has been fixed.

Version 2.7.0 - January 1st, 2021

Tested with WooCommerce 4.8 and WP 5.6

Enhancements:

  • Compatibility improvements with 3rd party plugins.
  • Styling improvements
  • Better compatibility with external APIs

Fixes:

  • Fixed several logical bugs
  • Fixed warnings
  • Fixed notice in Customers panel

Version 2.6.5 - December 2nd, 2020

Enhancements:

  • VAT is now verified with VIES in “Update User Data” in the user profile backend. This improvement means you can now add users with validated VAT directly in the backend, and this will also work with dynamic rules that require validated VAT.

  • Tiered Price does not apply, if the user’s special group price is already smaller.

  • Added Support for Widgets: Recently Viewed Products, Top Rated Products

  • Added required validation for b2bking fields in checkout registration

  • Added select country required in registration

Fixes:

  • Fixed several notice errors
  • Fixed quote invalid email issue

Version 2.6.0 - November 24th, 2020

Enhancements: Quote Requests:

  • All fields of quote requests are now mandatory
  • When guests request a quote they now receive a notification email
  • Improved quote request display

VAT:

  • Improved VAT validation

Hiding Prices:

  • Hide prices now also hides price from Google search results (schema markup)

Product Visibility:

  • Introduced support for hiding products using the [products] shortcode
  • Introduced support for hiding products using WooCommerce products widgets

Subaccounts:

  • Order notes now highlight that an order is placed by a subaccount and point to the main account

Prices, Tiered Price, Price Table:

  • Group sale price can now work with tiered prices
  • Improved Price Table Mobile responsiveness
  • Improved Price Table to take tax exemptions into account

Fixes:

  • Fixed tiered pricing table hidden prices issue
  • Fixed registration roles bug with shortcode
  • Dynamic rules warning fixes
  • Product visibility fix
  • Tiered pricing in bulk order fix

Version 2.5.0 - October 19th, 2020

New features:

  • Introduces ability to restrict coupon usage. Coupons can now be restricted to b2b, b2c, guests, and user roles.

Enhancements:

  • Expanded “Validate VAT” at checkout function to work without registration. Now guest users can order, and be exempted from vat by using this button during checkout.
  • Improved product visibility function for ajax searches
  • Improved registration fields
  • Minor speed improvements
  • File upload control improvements

Fixes:

  • Fixed issue with WP Roles saving as Auto Draft

Version 2.4.0 - October 7th, 2020

Enhancements:

  • Speed improvements for dynamic rules
  • Automatic approval group now selects group by default for manual approval
  • Added option to enable a “Validate VAT” button in checkout, for checkout registration
  • Added option in Other Settings for VAT validation to require delivery country to be different than shop country (for EU laws)
  • Added experimental option for discount dynamic rules: “All products except:” selector.

Fixes:

  • Fixed a bug that prevented price tiers being saved correctly
  • Fixed issue with file upload
  • Fixed display issues in the user profile page
  • Fixed subaccount identification issue
  • Fixed purchase list NaN price retrieval bug
  • Fixed issue with subaccounts’ ability to order again other users’ orders

Version 2.3.0 - September 25th, 2020

Enhancements:

  • Added option in registration fields to allow which groups can see fields in billing (e.g. you can show VAT in billing only for B2B users)
  • Sending quote requests now clears cart Fixes:
  • Fixed a conflict between WPBakery and b2bking visibility
  • Fixed a bug with available payment methods

Version 2.2.5 - September 10th, 2020

New Feature Additions:

  • Added “Custom Key Mapping” option to registration fields billing connection (you can now use custom meta keys e.g. billing_cnpj, vat_number, etc) Enhancements:
  • Category thumbnails now hidden by b2bking category visibility
  • Added caching to discount in cart dynamic rules which should improve performance Fixes:
  • Fixed issue with bulk order form visibility for guests
  • Fixed a few non-critical notices/warnings associated with previous update

Version 2.2.0 - September 1, 2020

New Feature Additions:

  • B2BKing Dashboard with sales chart, registration approval, and messages
  • Tiered Pricing in Product Backend
  • B2BKing Panel in Product Backend
  • Tiered Pricing Table, compatible with all themes, in product frontend. Works for products and for individual variations. Table is automatically generated based on price tiers.
  • Custom Information Table for Products
  • Dynamic rule: Payment Method Minimum Order. Example: Bank Transfer is available only for orders of $1000 or more.
  • WP Roles Support: B2BKing groups now associated with WP Roles for each group

Enhancements:

  • Added caching for product and category visibility, which should result in performance increase
  • Added visibility criteria to AJAX searches, which should make the search with many themes work better with b2bking visibility
  • Added bulk order form setting: search each individual variation. This will fix issues with search by SKU for individual variations for example.

Version 2.1.0 - August 27, 2020

New Feature Additions:

  • Added shortcode [b2bking_content]content[/b2bking_content] that allows you to restrict content visibility to b2b/b2c/groups/users/loggedout so you can control what content each users can see
  • Added new dynamic rule: change currency symbol
  • Added option for large stores: Customers panel in the backend now supports Search by AJAX, which should prevent crashes for stores with more than 5000 business users.
  • Added ability to modify b2bking custom fields in the backend

Enhancements:

  • Improved access. Shop Managers can now also fully manage B2BKing.
  • Added more classes to buttons for improved customizability
  • Hidden add to cart button completely for variations (sometimes shown depending on theme)
  • Registration now remembers country+state on failed attempts

Fixes:

  • Fixed issue where users were displayed by name instead of username in b2bking boxes
  • B2BKing cache now clears on product update
  • Fixed issue where WooCommerce shipping cache did not clear, making “free shipping” rules not work correctly.
  • Fixed bug where very small taxes added with Add Tax would not show up

Version 2.0.0 - August 17, 2020

New Feature Additions:

  • Introduced New Tool: Bulk EDITOR
  • Ability to bulk edit category visibility
  • Ability to bulk move users to groups

Enhancements:

  • Added support for multiple tax rates display for “Pay Tax in Cart” options of Tax exemptions
  • Changes to Customers panel
  • Plugin now clears dynamic rule cache on user group update
  • Offer price display is now tax-adjusted in cart
  • Offer price display is now tax-adjusted in my account
  • Offer price display is now tax-adjusted in minicart
  • Improved Translations

Fixes:

  • Dynamic Discounts no longer apply to Offers
  • Corrected Offer price in minicart
  • Fixed minor product visibility bug
  • Fixed issue where country field was required but state was not

Version 1.9.0 - August 1, 2020

Enhancements:

  • Converted conversations and messages timestamps to website’s timezone setting
  • Improved WOOCS support
  • Added Link to user profile in User Requires Approval Emails send to admin

Fixes:

  • Improved support for older WooCommerce version without get_additional_content() method in emails
  • Fixed issue with tax calculation when sale discounts are involved
  • Added check that WC()->customer is initialized to prevent errors during API calls or similar situations where customer is not initialized
  • Remove registration fields at checkout if user is logged in
  • Fixed display notices in admin panel

Version 1.8.5 - July 21, 2020

New Feature Additions:

  • Added “Withholding Tax” option
  • Added new Dynamic Rule: Replace prices with Request a Quote. Now this can be applied to all users, not just guests as previously

Enhancements:

  • Tested plugin up to WooCommerce 4.3.0
  • Cleaned up notices in the Add New User panel
  • Removed ‘On sale’ flash badge for “Replace Prices w. Request a Quote”
  • Added “value:text” option for writing select options in custom fields
  • Improved settings interface

Fixes:

  • Fixed rounding error that could cause prices off by 0.01
  • Fixed accounting subtotals rounding error

Version 1.8.0 - July 7, 2020

- Product prices directly in the product page

  • CSV Import / Export Tool
  • Fixed conditions bug for Add Tax Rules
  • Added the option to include shipping in tax exemption vat tax calculations
  • Added “one-time” fee to shipping
  • Improved options for stores with large numbers of users / products
  • Replaced deprecated WooCommerce hook: woocommerce_add_order_item_meta
  • Added custom billing fields in admin->order details->billing for each order (e.g. to display VAT or any other relevant billing field)
  • Changed My Account URL structure to address frequent 404 issues. The previous structure can easily be enabled in Settings->Other Settings->Permalinks
  • Added option to hide website by forcing login
  • Added Tools section
  • Added TroubleShooter file generator
  • Modified bulk order form design with switch between product name and sku search
  • Loader GIF added to bulk order form
  • Added option to show subtotals in the bulk order form in the accounting format used in WooCommerce
  • Bulk order form speed improvement

Version 1.7.0

Caching and Speed Optimization for all Dynamic Rules resulting in Major Performance Improvements Smart detection for dynamic rules further reduces performance impact if rules do not apply to a user Registration shortcodes now redirect to My Account Added option to show registration in checkout (for websites that allow this) Bulk Order Form performance improvements Bulk Order Form Search by SKU Price Display Update Added “Show Tax in Cart” option to Tax Exemptions Added the ability to control visibility of the quote request button and also enable it for guests and b2c Added a Offers settings panel Added the ability to replace the text selector in offers with a product selector Added the ability to show product images for offers in My Account (frontend) via Settings CSS Fixes for the Frontend Added Category Visibility Behaviour in Access Restriction Options: you can now hide products based on category is at least 1 of their categories is hidden Added Option in “Other Settings” to force permalinks rewrite to solve persistent 404 errors Price display bug fixes

Version 1.6.4

Fixed bulk order form product visibility issues for non-stock products

Version 1.6.3

Added Performance Tab that allows you to disable unused code Added Multi-Select Option for Rules for “Who” selector Bulk Order form no longer allows products that are out of stock and not available on backorder

Version 1.6.0

Added Variable Product Support to the Bulk Order Form + Purchase Lists

Version 1.5.6

Discount Display Improvements Added WOOCS Currency Switcher Compatibility for Dynamic Pricing Rules

Version 1.5.5

Improved and complete variable product support across all plugin functions

Version 1.5.4

Added Language Settings Options

Version 1.5.3

Minor patch

Version 1.5.2

Improved Groups UI Introduced separate product visibility settings for logged out, b2c, b2b users for more control

Version 1.5.1

Introduced shortcode parameter: registration_role_id

Version 1.5.0

Improved Groups Page Introduced 2 Default Groups and the ability to control Shipping and Payment methods for B2C and Guest users

Version 1.4.3

Introduced option to allow dynamic rules to be active in hybrid mode for B2C and guest users

Version 1.4.2

Fixed file upload issues on registration Added "Checkboxes (check all that apply)" custom field type to registration Improved CSS Added Language selector for Purchase Lists

Version 1.4.1

Fixed issue with Registration Message only showing occasionally. Improved Registration fields aesthethics Fixed scroll issues with country in registration inside a popup (e.g. Flatsome theme) Fixed Roboto loading issue Database numbering change, custom posts now follow default WordPress numerotation

Version 1.4.0

Added Multi-Select Support to Dynamic Rules Added Show Discounts Everywhere option (currently only for simple products) Fixed WooCommerce Dashboard Loading Conflict Introduced “Discount name” option Introduced ability to show discounts as "Sale Price", and display discount everywhere, not just in cart Other bugs and fixes

Version 1.3.1

Fixed VAT display bug in registration if shop sells to only 1 country

Version 1.3.0

Fixed a bug with automatic user approval to groups Added additional support and options for Multisite Fixed VAT Validation bug for Greece (GR country but EL vat code was causing issues) Most custom fields are now remembered in registration. If the user encounters registration validation errors, the user does not have to input everything again. Improved Country and state selectors in Registration. New option Country+State introduced Added "Select Multiple Roles’ option to custom fields, so a field can appear for multiple roles. Added registration roles sort order

Version 1.2.0

Fixed bulk order form compatibility issue with hidden price rule Better support for First Name and Last Name on registration Added registration form only shortcode for better separation of b2b/b2c registration Fixed hidden product visibility bug when product is accessed directly Fixed an issue with product visibility default settings Added "Guest Users (Logged Out)" in product visibility settings Introduced a new Dynamic rule “Zero Tax Rule” and modified "Tax Exemption". Tax Exemptions are now user-based and show “excluding tax” or “including tax” based on user.

Version 1.1.1

RTL Support for Front-End Introduced Added Product Visibility Switch in Access Restriction Settings Decimal Points bug fixes in dynamic rules Bulk Order Form fixes: takes into account dynamic pricing rules + shop tax settings

Version 1.1.0

Added WPML Support Fixed several text domain typos

Version 1.0.1

Registration Bug Fixed Added B2B registration shortcode for full B2B and B2C registration separation

Version 1.0.0

Initial Release

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE-2023-6905
CVE-2023-6903
CVE-2023-6904
CVE-2023-3907