* [Fixed] Resolved a spam validation issue when code-based login was enabled on the standard login form.
* [Updated] Updated dependencies.
* [Added] Admin notice when placeholder encryption keys/salts are in use.
* [Added] Rate limiting for API requests.
* [Fixed] Added capability checks for the settings page.
* [Fixed] Improved validation of $_SERVER variables.
* [Improved] Settings import file validation.
* [Improved] Better alignment of CF Turnstile on the login form.
* [Added] Elementor widgets for Magic Login and Registration forms.
* [Added] SMS notifications for newly registered users with a valid phone number.
* [Added] Option to send login links directly from the user profile page.
* [Added] Ability to override TTL and token validity on a per-user basis.
* [Improved] Input field names updated to prevent conflicts with Cloudflare Turnstile.
* [Fixed] JIT translation-related warnings.
* [Fixed] Warning triggered by the auto-updater.
* [Updated] Dependency packages to latest versions.
* Read the full update: [Magic Login PRO 2.6](https://handyplugins.co/blog/magic-login-pro-2-6-release/)
* [Added] No-cache headers for magic login links to prevent caching issues.
* [Added] QR code display when generating a magic login link from the user profile page.
* [New] QR Code Login – Users can now log in by scanning a QR code. Learn more about [QR Code Login](https://handyplugins.co/docs/qr-code-login/).
* [New] QR Code Shortcode – Display a QR code anywhere using the `[magic_login_qr]` shortcode.
* [New] Purge Login Links – Admins can delete all login links for a specific user. Learn more about [Purge Login Links](https://handyplugins.co/docs/reset-magic-login-links-for-a-user/).
* [New] Registration Redirect – Redirect users to a specific page after registration.
* [New] Tools Section – Added reset, export, and import options in the settings panel. Learn more about [Tools](https://handyplugins.co/docs/magic-login-tools/).
* [Improved] WP-CLI – Added commands for QR code, export, import, and reset operations.
* [Improved] REST API – Enhanced QR code support.
* [Improved] Alphanumeric Sender ID – Set a custom SMS sender name (Twilio only).
* [Fixed] Domain Matching – Login and registration now use case-insensitive domain checks.
* [Updated] Dependencies.
* [Changed] Minimum PHP version raised to 7.4.
* Read the full update: [Magic Login 2.5](https://handyplugins.co/blog/qr-code-login-for-wordpress/)
* [Improved] SMS login support to API.
* [Added] New filter `magic_login_twilio_sms_options` to customize Twilio SMS options.
* [Added] New filter `magic_login_email_placeholders` to customize email placeholders.
* [Fix] Remove deprecated send_login usage in API.
* [Fix] Prevent fatal error when spam service is enabled but not configured for the registration form.
* [Updated] Dependencies.
* Tested with WP 6.8
* [Fix] Default sms registration message without using emoji.
* [New Feature] SMS Login – Now you can send magic login links via SMS. [Learn More](https://handyplugins.co/docs/passwordless-authentication-with-sms/)
* [New Feature] Code Login – Users can now log in using the login code sent to their email or phone instead of clicking a link.
* [New Feature] Domain Restriction for Registration – Restrict user registration to specific domains.
* [New Feature] FluentCRM Integration – Send magic login links directly via FluentCRM. [Learn More](https://handyplugins.co/docs/magic-login-fluent-crm/)
* [New Feature] Easy Digital Downloads (EDD) Integration – Seamlessly integrate Magic Login into the EDD checkout experience. [Learn More](https://handyplugins.co/docs/magic-login-edd-integration/)
* [Improvement] Applied `login_redirect` filter before `magic_login_redirect` to allow other plugins to modify the redirect URL.
* [Improvement] Deprecated login.php in favor of the LoginManager class.
* [Improvement] Refactored WooCommerce integration into a dedicated class and extended support for customer login forms.
* [Fix] Resolved a brute force protection issue when used with login throttling.
* [Fix] Properly encode the redirection URL on the wp-login page.
* [Fix] Corrected various typos. Props [@szepeviktor](https://github.com/szepeviktor)
* Read the full update: [Magic Login 2.4](https://handyplugins.co/blog/magic-login-2-4-now-with-sms-login/)
* [Fixed] Ensure proper handling of email recipient for {{MAGIC_LINK}} integration.
* [Fixed] French translation.
* [Improved] Applied `array_shift()` to extract the first recipient if `$atts['to']` is an array.