WP-Safety

ELM: Make Simple Membership Sites Minus the Headache Security & Risk Analysis

wordpress.org/plugins/elearning-memberships

eLearning + Membership Features in an All-In-One Easy to Use Plugin

0 active installs v1.2 PHP + WP 4.0+ Updated Aug 14, 2020
ecourseelearninglmsmembershipmemberships
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is ELM: Make Simple Membership Sites Minus the Headache Safe to Use in 2026?

Generally Safe

Score 85/100

ELM: Make Simple Membership Sites Minus the Headache has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 5yr ago
Risk Assessment

The "elearning-memberships" plugin v1.2 exhibits a generally positive security posture based on the static analysis. The complete absence of critical and high severity taint flows, along with 100% of SQL queries using prepared statements, are strong indicators of secure coding practices. Furthermore, the plugin has no recorded vulnerabilities (CVEs), which suggests a history of responsible development and maintenance.

However, the static analysis does reveal some areas for concern. While the overall number of entry points is low and none appear to be directly unprotected, the output escaping is only properly handled in 69% of cases. This leaves a significant portion of user-facing output potentially vulnerable to cross-site scripting (XSS) attacks if the data displayed is not inherently sanitized. Additionally, the presence of file operations without further context raises a minor flag, as these can sometimes be vectors for malicious activity if not handled with extreme care.

In conclusion, "elearning-memberships" v1.2 appears to be a relatively secure plugin with good foundational security practices. The lack of known vulnerabilities is a significant strength. The primary weakness lies in the incomplete output escaping, which could be exploited for XSS. The file operation, while not explicitly dangerous in the analysis, warrants careful review in a broader context.

Key Concerns

  • Output escaping is not fully implemented
  • Presence of file operations without context
Vulnerabilities
None known

ELM: Make Simple Membership Sites Minus the Headache Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Version History

ELM: Make Simple Membership Sites Minus the Headache Release Timeline

v1.1
v1.0
Code Analysis
Analyzed Apr 16, 2026

ELM: Make Simple Membership Sites Minus the Headache Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
35
79 escaped
Nonce Checks
6
Capability Checks
2
File Operations
1
External Requests
0
Bundled Libraries
0

Output Escaping

69% escaped114 total outputs
Data Flows · Security
All sanitized

Data Flow Analysis

5 flows
<class-elm-members> (includes/admin/class-elm-members.php:0)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

ELM: Make Simple Membership Sites Minus the Headache Attack Surface

Entry Points3
Unprotected0

AJAX Handlers 1

authwp_ajax_eddelm_load_pricesincludes/admin/meta-boxes/class-elmedd-metabox.php:40

Shortcodes 2

[elm_register_form] includes/class-elm-members-frontend.php:41
[elm_restrict] includes/class-elm-members-frontend.php:43
WordPress Hooks 33
actionplugins_loadedelm.php:125
actioninitincludes/admin/block/block-init.php:34
actionadmin_enqueue_scriptsincludes/admin/class-admin-settings.php:54
actionadmin_menuincludes/admin/class-admin-settings.php:55
actionadmin_initincludes/admin/class-admin-settings.php:56
filterset-screen-optionincludes/admin/class-elm-members.php:44
filtermanage_users_columnsincludes/admin/class-elm-members.php:46
filtermanage_users_custom_columnincludes/admin/class-elm-members.php:48
actionshow_user_profileincludes/admin/class-elm-members.php:52
actionpersonal_options_updateincludes/admin/class-elm-members.php:53
actionedit_user_profileincludes/admin/class-elm-members.php:55
actionedit_user_profile_updateincludes/admin/class-elm-members.php:56
actioninitincludes/admin/class-elm-post-type.php:55
actionadd_meta_boxesincludes/admin/class-elm-post-type.php:56
actionsave_postincludes/admin/class-elm-post-type.php:57
actionsave_postincludes/admin/meta-boxes/class-elm-protection-metabox.php:63
actionadmin_initincludes/admin/meta-boxes/class-elm-protection-metabox.php:64
actionedited_termincludes/admin/meta-boxes/class-elm-taxonomy-protection-metabox.php:59
actioncreated_termincludes/admin/meta-boxes/class-elm-taxonomy-protection-metabox.php:60
actionedd_after_price_fieldincludes/admin/meta-boxes/class-elmedd-metabox.php:35
actionedd_render_price_rowincludes/admin/meta-boxes/class-elmedd-metabox.php:36
filteredd_metabox_fields_saveincludes/admin/meta-boxes/class-elmedd-metabox.php:37
actionedd_save_downloadincludes/admin/meta-boxes/class-elmedd-metabox.php:38
actionadmin_enqueue_scriptsincludes/class-edd-registration.php:34
actionedd_complete_purchaseincludes/class-edd-registration.php:35
actioninitincludes/class-elm-access.php:32
filterthe_contentincludes/class-elm-access.php:42
actionrest_api_initincludes/class-elm-access.php:43
actioninitincludes/class-elm-members-frontend.php:38
actionwp_enqueue_scriptsincludes/class-elm-members-frontend.php:45
actionadmin_initincludes/welcome/elm-welcome-logic.php:20
actionadmin_menuincludes/welcome/elm-welcome-logic.php:59
actionadmin_enqueue_scriptsincludes/welcome/elm-welcome-logic.php:104
Maintenance & Trust

ELM: Make Simple Membership Sites Minus the Headache Maintenance & Trust

Maintenance Signals

WordPress version tested5.5.18
Last updatedAug 14, 2020
PHP min version
Downloads5K

Community Trust

Rating100/100
Number of ratings1
Active installs0
Alternatives

ELM: Make Simple Membership Sites Minus the Headache Alternatives

Connect Eduma Theme to Discord

Connect Eduma Theme to Discord

connect-eduma-theme-to-discord

A
92

Create a community of your students by connecting your Eduma Theme and LearnPress Website to your Discord server.

0 No CVEs
Members – Membership & User Role Editor Plugin

Members – Membership & User Role Editor Plugin

members

A
99

The best WordPress membership and user role editor plugin. User Roles & Capabilities editor helps you restrict content in just a few clicks.

300K 1 CVE
Tutor LMS – eLearning and online course solution

Tutor LMS – eLearning and online course solution

tutor

B
75

A complete WordPress LMS plugin to create any eLearning website easily.

100K 69 CVEs
Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress

Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress

wp-user-avatar

B
76

Setup paid membership, accept payment, sell subscription & digital product, paywall, create login & registration form, user profile & member directory

100K 43 CVEs
LearnPress – WordPress LMS Plugin for Create and Sell Online Courses

LearnPress – WordPress LMS Plugin for Create and Sell Online Courses

learnpress

B
76

A WordPress LMS Plugin to create WordPress Learning Management System. Turn your WordPress to LMS WordPress Website with Courses, Lessons, Quizzes &am &hellip;

80K 67 CVEs
Developer Profile

ELM: Make Simple Membership Sites Minus the Headache Developer Profile

Ristretto Apps

1 plugin · 0 total installs

84
trust score
Avg Security Score
85/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect ELM: Make Simple Membership Sites Minus the Headache

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/elearning-memberships/assets/css/elm-frontend.css/wp-content/plugins/elearning-memberships/assets/css/elm-frontend-membership-styles.css/wp-content/plugins/elearning-memberships/assets/js/elm-frontend.js
Script Paths
/wp-content/plugins/elearning-memberships/assets/js/elm-frontend.js
Version Parameters
elearning-memberships/assets/css/elm-frontend.css?ver=elearning-memberships/assets/css/elm-frontend-membership-styles.css?ver=elearning-memberships/assets/js/elm-frontend.js?ver=

HTML / DOM Fingerprints

CSS Classes
elm-membership-levelelm-login-formelm-register-formelm-content-restriction-message
HTML Comments
<!-- Ristretto ELM: Content Restricted --><!-- Ristretto ELM: Membership Levels List -->
Data Attributes
data-elm-membership-iddata-elm-user-id
JS Globals
window.elm_frontend_params
REST Endpoints
/wp-json/elearning-memberships/v1/memberships/wp-json/elearning-memberships/v1/users
Shortcode Output
[elm_membership_details][elm_login_form][elm_register_form][elm_restricted_content]
FAQ

Frequently Asked Questions about ELM: Make Simple Membership Sites Minus the Headache