JetEngine - Adding & Editing Dynamic Content with Elementor v3.8.12 + Extenal Modules
- ADD: Profile Builder. Allow selecting multiple roles for Show menu for the role option in Profile menu;
- ADD: Listing grid. Add server-side signature for filtered query to prevent client-side tampering of listing arguments;
- UPD: CCT. Allow to delete CCT item when its related single post is permanently deleted;
- FIX: Query Builder. Avoid PHP warnings when condition field is non-string and ensure proper sanitization;
- FIX: Query Builder. Label dedicated relation tables with relation names in the SQL table selector;
- FIX: Dynamic Field + Gallery Slider. Set auto height by default;
- FIX: Dynamic Field. Reduce redundant inner wrapper and optimize DOM output;
- FIX: [jet_engine] shortcode. Sanitize output to prevent XSS;
- FIX: Components. Preview styles in the Block editor;
- FIX: Components. Prevent PHP warning when using Dynamic Field with empty value and no fallback;
- FIX: Replace unsafe maybe_unserialize usage with safe unserialize helpers across all components where it was needed.
JetEngine - Adding & Editing Dynamic Content with Elementor v3.8.11.2 + Extenal Modules
- FIX: Query Builder. Advanced SQL query. Rework macros sanitizing to effectively prevent potential SQL-injections but avoid false-positives.
JetEngine - Adding & Editing Dynamic Content with Elementor v3.8.11 + Extenal Modules
- FIX: Query Builder. Advanced SQL Query. More strict applied macros sanitizing to avoid SQL vulnerabilities through publicy allowed macros inputs;
- FIX: Data Stores. Reset datastore item counters when clearing Data Stores and CCT stores;
- FIX: Maps Listings. Improve escaping and accessibility for Location & Distance filter (aria labels, escaped attributes and option output);
- FIX: Components & Elementor views. Background dynamic image handling and Atomic Editor style inlining for components built with Elementor;
- FIX: Dynamic Visibility. Block editor error when using Dynamic Visibility;
- FIX: Maps Listings. Location Input default value for Maps Listings filter block;
- FIX: Angie compatibility;
- FIX: Blocks views. Editor styling issues after WordPress 7.0 update;
- FIX: Dynamic image preview for specific sizes in Listings — fall back to available thumbnail when requested size is missing;
- FIX: Listings. improve unique ID generation for listing objects to reduce collisions and make IDs stable per content object
- FIX: WooCommerce Product Image dynamic tag now uses configured fallback when no current product is available.
JetEngine - Adding & Editing Dynamic Content with Elementor v3.8.10.2 + Extenal Modules
June 15, 2026
- FIX: Query Builder. SQL query type. More strict sanitizng of the input parmaters to prevent SQL injections.
JetEngine - Adding & Editing Dynamic Content with Elementor v3.8.10.1 + Extenal Modules
- FIX: More strict sanitization of custom table queries to prevent potential SQL injections in some cases (appears as a combination of some backend CPT config and appropriate front-end setup);
- FIX: Legacy forms. Sanitize status-related query parameters to prevent XSS vulnerability through the form status parameter;
- FIX: Sanitize URL form fields and listing URLs using JetEngine URL schemes;
- FIX: Custom Content Types. Only unserialize array-backed fields when reading items to avoid converting unauthorized serialized strings into real PHP objects.
JetEngine - Adding & Editing Dynamic Content with Elementor v3.8.10 + Extenal Modules
## 3.8.10
- ADD: Meta boxes. Field layout option (Inline/Stacked);
- UPD: CCT + Query Builder. Intersect _ID IN values from initial query and existing filters;
- FIX: Dynamic Calendar. Normalize event day bounds using site timezone to fix missing/incorrect multi-day rendering;
- FIX: Maps Listings. Marker REST access — add source-aware publish/access checks and handle unknown sources;
- FIX: Maps Listings. Apply JetSmartFilters currentQuery (jsf_query) for map popup requests;
- FIX: Glossaries. Fix handling of "0" custom checkbox values in glossary;
- FIX: Meta Boxes. Isolate WC variation meta field names to avoid collisions with parent product fields in variation meta box;
- FIX: Adjust Swiper pagination spacing to improve vertical gap and avoid overlap in listings/pagers;
- FIX: Potential XSS vulnerability in legacy forms module and PayPal handler;
- FIX: Potential PHP object injection when unsafe serialized data is stored into the post data;
- FIX: Potential SQL injection with some query types using navigation parameters for the listing grid AJAX handler.
JetEngine - Adding & Editing Dynamic Content with Elementor v3.8.9.1 + Extenal Modules
- FIX: More strict sanitizing search parameters for public CCT Rest API endpoints.
JetEngine - Adding & Editing Dynamic Content with Elementor v3.8.9 + Extenal Modules
= JetEngine 3.8.9 = May 7, 2026
- ADD: Select All/Deselect All Option in the admin Checkbox Field;
- ADD: Plain number output option for Query Results Count dynamic tag;
- UPD: Misc Settings. Default slider library switched to Swiper.js; preserve existing sites by adding migration path and admin guidance;
- UPD: Data Stores. Support user stores for post counts and allow custom handlers for count updates;
- FIX: Rest API Listings. Ensure macro values are JSON-encoded and sanitized correctly to avoid malformed JSON;
- FIX: Dynamic Field. Fix wrapper HTML and alignment behavior for listing dynamic fields;
- FIX: Maps Listings. Fallback to find parent block ID for map initialization and avoid missing map id on some layouts;
- FIX: Dynamic Calendar. Restore correct local variable declarations and ensure calendar selectors remain backwards-compatible;
- FIX: Dynamic Calendar. Update JetSmartFilterSettings (start month/year) for multiday and regular calendars and set custom_start_from flag;
- FIX: Dynamic Visibility + Elementor. Ensure filters added for hidden elements are unregistered reliably to avoid blocking widget rendering;
- FIX: Meta boxes. Correctly handle saving/clearing custom option values and clear glossary cache after adding glossary entries;
- FIX: Meta boxes + REST API. Ensure repeater separate sub-fields and Advanced Date values are properly handled when updated via REST API;
- FIX: Listings. Properly scope Elementor dynamic CSS to listing items and generate stable per-item identifiers;
- FIX: Swiper/carousel CSS. Prevent global forcing of anchor display to flex; scope and add safe fallback to avoid layout breaks.
JetEngine - Adding & Editing Dynamic Content with Elementor v3.8.8.2 + Extenal Modules
= JetEngine 3.8.8.2 = April 27, 2026
- FIX: Strict snitizing SQL query field names, operators, values and relations to avoid possible SQL injections.
JetEngine - Adding & Editing Dynamic Content with Elementor v3.8.8.1 + Extenal Modules
- FIX: Profile Builder. Fix access restrictions fallback for Account pages when action is not set.