User Role Editor Pro version 4.24.5 was published at April 2nd, 2016. It’s the security update to fix critical vulnerability. Versions affected (free and Pro) 4.24.4 and earlier. This exploit allowed to any registered user to raise his permissions up to administrator level.
It’s strongly recommended to update your copy of User Role Editor Pro to the latest version.

Changes List

Core version: 4.25

• Important security update: Any registered user could get an administrator access. Thanks to John Muncaster for discovering and wisely reporting this vulnerability.
• URE pages title tag was replaced from h2 to h1, for compatibility with other WordPress pages.

User Role Editor Pro version 4.24.4 was published at April, 1st, 2016. This bug fix release contains next changes:

Changes List

• Fix: Content view restrictions module: Access error message was not shown with setting to show it. Post or page was excluded from the list of available content instead.
• Fix: Admin menu access module:
  – ‘user-edit.php’ link was blocked by error with ‘block not selected’ model, which did not allow to edit a selected user.
  – admin menu copy is linked to the action with priority 1000 now, to be executed after Jetpack, which uses priority 998 for some reason.

User Role Editor Pro version 4.24.3 was published at March 23rd, 2016.

Changes List

Core version: 4.24.1

• Fix: PHP Notice: Undefined index: … in wp-content\plugins\user-role-editor-pro\includes\pro\classes\admin-menu-access.php on line 69
  Warning: Invalid argument supplied for foreach() in wp-content/plugins/user-role-editor-pro/includes/pro/classes/admin-menu-access.php on line 86
• Update: Admin menu access module – conditions were optimized when backend admin menu copy is created.