WooCommerce 2.3.10 Fix/Security Release

WooCommerce 2.3.10 was released on June 1 .  Next to bugfixes and security updates it contains some improvements for the caching system and database effectivity.

Changelog:

• Fix – Fixed theme check notice for core supported themes.
• Fix – Add RTL direction to emails.
• Fix – Fixed product category media upload modal.
• Fix – Coupon maximum discount calculation.
• Fix – PayPal icons and URLs.
• Fix – API – Fixed subtotal_tax round and decimal dp.
• Fix – Wrap payment js in jquery.
• Fix – Delete correct transient when linking variations.
• Fix – Set default currency position format string (in case of missing or invalidwoocommerce_currency_pos option value).
• Fix – Simplify Commerce undefined constant (‹error_code› > ‹$error› typo).
• Fix – Fixes too many arguments in function or method call: WC_Shortcode_My_Account::add_payment_method.
• Fix – Pass correct number of arguments to wc_lostpassword_url(),wc_nav_menu_items(), wc_nav_menu_item_classes(), andwc_change_term_counts().
• Fix – Fixes usage of void return value fromwc_cart_totals_taxes_total_html().
• Fix – Missing global in render_product_columns().
• Fix – Add $args arguments to WC_Product_Factory->get_product_class() to allow $product_type to be overwritten by $args['product_type'].
• Fix – Remove call to wp_specialchars_decode() inwc_get_price_thousand_separator() andwc_get_price_decimal_separator().
• Fix – fclose in logging class requires a resource, not a string.
• Fix – Prevent (admin) SQLi when setting stock levels for product variations.

• Tweak – Extra escaping of customer emails in wc_customer_bought_product().
• Tweak – Improve tooltip sanitization.
• Tweak – Escape provided array of post codes in tax class.
• Tweak – Escape metadata when duplicating products.
• Tweak – Escape permalink settings slugs.
• Tweak – Sanitize columns value in shortcodes.
• Tweak – Use prepare for updating attributes.
• Tweak – Use wp_safe_remote_ functions in place of wp_remote_ where applicable.
• Tweak – Added extra capability checks to notices, email template editing, and admin ajax requests.
• Tweak – Set nonce_user_logged_out to WC session ID, if set.
• Tweak – Added wc_send_frame_options_header function to prevent checkout and account pages from being used in iFrames. Added via filter so this can be disabled.
• Tweak – Validate file types are allowed for downloadable products when saving.
• Tweak – Filter: woocommerce_cart_item_removed_title
• Tweak – Update html-admin-page-status-report.php to show unaltered URLs.
• Tweak – When updating transients, clear previous version of transients.
• Tweak – Replace max_related_posts_query for performance reasons.
• Tweak – Combine transients for get_rating_count.
• Tweak – Bump the PrettyPhoto version during enqueue to flush caches.
• Tweak – Remove all instances of sslverify=false #8058
• Tweak – Error prevention when showing customer orders on the frontend.
• Tweak – Added PH states.

We highly recommend to backup your website before updating your system and test it in a secure area first.