## 2.1.60 | February 27, 2026
– Fixed upgrade version check for permissive LMT sanitization option.
## 2.1.59 | February 25, 2026
– Fixed an issue with Live Merge Tags on conditionally hidden phone fields.
– Fixed an issue where Live Merge Tags could potentially cause a fatal error when checking address fields on GravityView.
– Improved security of how HTML is handled in Live Merge Tags. Instead of running through `wp_kses_post`, `wp_kses` is used with a default of _no_ allowed tags. The old behavior will remain in place for existing Populate Anything installations for backwards compatibility. We recommend adding [`gppa_use_permissive_lmt_sanitization`](https://gravitywiz.com/documentation/gppa_use_permissive_lmt_sanitization) via `add_filter( ‘gppa_use_permissive_lmt_sanitization’, ‘__return_false’ );` to switch to the stricter HTML stripping. You may configure allowed tags and attributes with [`gppa_lmt_kses_allowed_html`](https://gravitywiz.com/documentation/gppa_lmt_kses_allowed_html).