2.7.0

• [Changed] Event hash no longer includes next execution timestamp, making it stable across reschedulings
• [Fixed] "In queue" cron events failing to delete, run, or pause with "wrong_nonce" error
• [Fixed] Bulk actions (remove, pause, unpause) failing due to parallel AJAX race conditions
• [Fixed] Undefined $errors variable when removing non-protected events
• [Security] Added nonce verification to rerender AJAX endpoints to prevent CSRF
• [Security] Added capability check to form provider endpoints
• [Security] Improved output escaping in implementation code and view templates