Changelog
Deskuss release notes — every version, every change. Subscribe below to stay current.
1.0.2 — Jun 12, 2026
Documentation suite expansion. No code changes in this release.
- Documentation: Expanded from 11 to 19 guides, with new pages for Client Portal, Canned Responses, Agents & Roles, End Users, Forms & Lists, Email Setup, Email Templates, Filters & Pages, Settings Reference, System Requirements, Troubleshooting, and Changelog
- Documentation: Sidebar reorganized to 3 logical groups (Getting Started, Administration, Advanced)
- Navigation: Corrections to the paths referenced in existing docs (e.g., License is its own top-level menu, not under Settings)
- API documentation: The api-integration.html page has been rewritten to reflect the 3 real endpoints (ticket creation, ticket creation via XML, cron execution). Aspirational sections (webhooks, dispatcher, dedicated filter/banlist endpoints) that were in the previous version have been removed.
1.0.1 — May 27, 2026
Security and stability release. Recommended upgrade for all installs.
- Security: Added
ABSPATHguards to all entry-point files to prevent direct PHP execution if WordPress's bootstrap is bypassed - Security: Fixed potential LFI (Local File Inclusion) vulnerability in the admin routing layer — request paths are now normalized and validated
- Security: Fixed multiple XSS vulnerabilities in template output — all user-supplied content is now properly escaped
- Security: Fixed SQL injection vector in ticket list queries — user-supplied filter values are now parameterized
- Security: Added explicit capability checks to all AJAX endpoints that mutate data
- Security: Replaced
eval()usage in legacy dynamic class loading with safe file-based class loading - Performance: Optimized admin asset loading — admin JS is now only enqueued on Deskuss's own admin pages, not on every WP-admin screen
- General: Improved compliance with WordPress coding standards across
init.phpand themain/directory - General: Updated
readme.txtwith explicit tested-up-to and stable-tag metadata
Upgrade priority: high. If you're on 1.0.0, upgrade to 1.0.1 as soon as possible. The security fixes are non-breaking and can be applied live with no downtime.
1.0.0 — May 03, 2024
The initial public release of Deskuss.
- Ticket management: Create, view, assign, transfer, close, reopen, and search support tickets
- Departments: Organize support by team with per-department SLA, signature, and form
- Staff & teams: Four access scopes (All Access, Expanded, Limited, View only); assign tickets to agents or teams
- Knowledge base: Categories, FAQs, full-text search, public/private/staff-only visibility
- Custom forms: Dynamic per-department forms with text, dropdown, list, checkbox, memo, phone, date, and file-upload fields
- Custom lists: Reusable option sets for dropdowns and multi-selects
- Email notifications: SMTP, IMAP/POP3, email piping, customizable templates, auto-responder, alert routing
- SLA management: Plans with grace periods, business hours, transitory escalation, overdue detection
- Canned responses: Reusable agent reply templates with placeholder variables and per-language variants
- Filters: Rules engine with 30+ conditions and 10+ actions
- Custom pages: Editable landing, thank-you, offline, registration, and banner pages
- Dashboard & reports: Ticket activity charts, statistics by department and agent, CSV export, system logs
- WordPress integration: Uses WP users, roles, and database.
deskuss_staffandsupport_clientcustom roles. Single^deskuss/rewrite rule. - Native WordPress admin: Deskuss menu (top-level) and Settings → Deskuss Settings (submenu)
- Client portal: Open tickets, view status, browse KB, register, log in, reset password
- Guest access: Email auth tokens let non-registered customers view and reply to their tickets
- Internal notes: Staff-only messages on tickets and on user records
- REST API: Endpoints at
/deskuss/api/for ticket creation (JSON, XML, email) and cron triggering - Kanbanz integration: Bidirectional sync of tickets, status, comments, and notifications
- CAPTCHA: reCAPTCHA, hCaptcha, and built-in math challenge
- File uploads: Configurable file-type allow-list, per-form size limits, secure chunked storage
- CSRF protection: Token-based protection on every form
- Sessions: DB-backed with configurable timeout, idle expiry, IP binding, and concurrent-login limits
- System logs: Debug, info, warning, error levels; filterable; exportable
- Multisite support: Per-site activation (no network-wide config in this version)
- License system: Top-level menu; per-site activation slots; plan-based limits
- Auto-update: Bundled plugin-update-checker library; updates flow through the WP dashboard
- Documentation: Initial docs site with 11 pages covering major features
Subscribe to Updates
Three ways to stay current with Deskuss releases:
- WordPress.org RSS — every release shows up in Dashboard → Updates automatically if your license is active
- Email — subscribe at deskuss.net/subscribe
- GitHub releases — watch the repo at github.com/deskuss/deskuss for tagged releases