Change: CAPTCHA verification when enabled now additionally applies to 2FA logins (may send an email verification on low scores) and no longer reveals whether a user exists for the submitted account credentials (credit: Raxis)
Fix: Addressed a potential PHP 8 notice in the human/bot detection AJAX call
Fix: Addressed a potential PHP 8 notice when requesting a lockout unlock verification email
Fix: Revised the behavior of the reCAPTCHA verification to use the documented expiration period of the token and response to avoid sending verification requests too frequently, which could artificially lower scores in some circumstances
Fix: Addressed PHP 8 deprecation notices in the file differ used by file changed scan results
Fix: Reduced the frequency of Wordfence Central status update callbacks in sections of the scan that...