WP-Safety

Custom Login/Register Fields Security & Risk Analysis

wordpress.org/plugins/custom-loginregister-fields

Custom Login/Register Fields allows you to add custom fields to the WordPress registration forms with an easy drag-and-drop interface.

0 active installs v1.0.1 PHP 7.0+ WP 5.0+ Updated Oct 10, 2024
admincustom-fieldsloginregistrationuser-profile
92
A · Safe
CVEs total0
Unpatched0
Last CVENever
Download
Safety Verdict

Is Custom Login/Register Fields Safe to Use in 2026?

Generally Safe

Score 92/100

Custom Login/Register Fields has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1yr ago
Risk Assessment

The custom-loginregister-fields plugin v1.0.1 exhibits a strong security posture based on the provided static analysis. The absence of any detected dangerous functions, raw SQL queries, unsanitized paths in taint analysis, or external HTTP requests is highly encouraging. Furthermore, the plugin demonstrates good development practices by properly escaping all output and utilizing prepared statements for any potential database interactions, and importantly, includes nonce and capability checks where relevant. The attack surface is effectively zero, meaning there are no directly accessible entry points that could be exploited without proper authentication or authorization.

Vulnerabilities
None known

Custom Login/Register Fields Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 17, 2026

Custom Login/Register Fields Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
0
44 escaped
Nonce Checks
4
Capability Checks
1
File Operations
0
External Requests
0
Bundled Libraries
0

Output Escaping

100% escaped44 total outputs
Data Flows
All sanitized

Data Flow Analysis

2 flows
clrfCustomRegistrationFields (custom-loginregister-fields.php:109)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

Custom Login/Register Fields Attack Surface

Entry Points0
Unprotected0
WordPress Hooks 10
actionadmin_enqueue_scriptscustom-loginregister-fields.php:22
actionadmin_menucustom-loginregister-fields.php:28
actionadmin_initcustom-loginregister-fields.php:68
actionregister_formcustom-loginregister-fields.php:125
filterregistration_errorscustom-loginregister-fields.php:157
actionuser_registercustom-loginregister-fields.php:175
actionshow_user_profilecustom-loginregister-fields.php:205
actionedit_user_profilecustom-loginregister-fields.php:206
actionpersonal_options_updatecustom-loginregister-fields.php:230
actionedit_user_profile_updatecustom-loginregister-fields.php:231
Maintenance & Trust

Custom Login/Register Fields Maintenance & Trust

Maintenance Signals

WordPress version tested6.6.5
Last updatedOct 10, 2024
PHP min version7.0
Downloads1K

Community Trust

Rating0/100
Number of ratings0
Active installs0
Alternatives

Custom Login/Register Fields Alternatives

UsersWP – Front-end login form, User Registration, User Profile & Members Directory plugin for WP

UsersWP – Front-end login form, User Registration, User Profile & Members Directory plugin for WP

userswp

A
89

Light weight Front-end login form, User Registration, User Profile and Members Directory plugin.

20K 14 CVEs
Pie Register – User Registration, Profiles & Content Restriction

Pie Register – User Registration, Profiles & Content Restriction

pie-register

D
40

Create customized registration forms, Invite through email, Email Notification, User Roles assignment, and more. Pie Register is a User Registration p …

2K 1 unpatched
PowerUp – Admin Tools (Login/Logout Redirects, Scripts & Comments Control)

PowerUp – Admin Tools (Login/Logout Redirects, Scripts & Comments Control)

powerup

A
100

Simplify site management with Login/Logout Redirect, Hide Admin Bar, Disable Comments, Header Footer Scripts and Remove Footer Credit.

200 No CVEs
User Toolkit

User Toolkit

user-toolkit

A
90

The missing user tools and activity data that you need and don't have by default.

100 1 CVE
User Approval Manager

User Approval Manager

user-approval-manager

A
100

Requires administrator approval before new users can log in. Sends email notifications to admins and users during the approval process.

20 No CVEs
Developer Profile

Custom Login/Register Fields Developer Profile

ketu762

1 plugin · 0 total installs

88
trust score
Avg Security Score
92/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Custom Login/Register Fields

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/custom-loginregister-fields/js/admin.js/wp-content/plugins/custom-loginregister-fields/css/admin.css
Script Paths
/wp-content/plugins/custom-loginregister-fields/js/admin.js
Version Parameters
custom-loginregister-fields/js/admin.js?ver=1.0custom-loginregister-fields/css/admin.css?ver=1.0

HTML / DOM Fingerprints

CSS Classes
clrf-fields-containerclrf-new-fieldclrf-field-labelclrf-field-typeclrf-field-validationclrf-add-fieldclrf-fields-list
HTML Comments
/** * Outputs custom fields to the registration form. * * Note: Nonce verification is not performed here because this function is only responsible for rendering form fields. * Nonce verification is handled in the clrf_custom_registration_errors and clrf_custom_user_register functions. */
Data Attributes
id="clrf-fields-container"id="clrf-new-field"id="clrf-field-label"id="clrf-field-type"id="clrf-field-validation"id="clrf-add-field"+5 more
JS Globals
window.clrf_custom_fieldsvar clrf_custom_fields
FAQ

Frequently Asked Questions about Custom Login/Register Fields