• SECURITY: Added capability and nonce checks to Stripe webhook AJAX management endpoints. #3615 (@dparker1005)
• SECURITY: Added shared-secret token validation for the deprecated Authorize.net ARB Silent Posts integration with a configurable pmpro_authnet_silent_post_token option in gateway settings. #3598 (@dparker1005)
• BUG FIX: Fixed an operator precedence bug causing corechart.js to load on all report pages. #3609 (@flintfromthebasement)
• BUG FIX: Fixed an "Attempt to read property ID on null" warning in display post states. #3599 (@dwanjuki)