Does ExpressTechSoftwares Addon for MemberPress and Discord have any unpatched vulnerabilities?

Yes — ExpressTechSoftwares Addon for MemberPress and Discord currently has 1 unpatched vulnerability. We recommend switching to an alternative or applying any available workarounds.

Is ExpressTechSoftwares Addon for MemberPress and Discord compatible with WordPress 6.7.5?

According to WordPress.org data, ExpressTechSoftwares Addon for MemberPress and Discord 1.1.4 has been tested up to WordPress 6.7.5. Check the plugin's changelog for the latest compatibility information.

Is ExpressTechSoftwares Addon for MemberPress and Discord compatible with PHP 7.0+?

ExpressTechSoftwares Addon for MemberPress and Discord requires PHP 7.0 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

ExpressTechSoftwares Addon for MemberPress and Discord Security & Risk Analysis

wordpress.org/plugins/expresstechsoftwares-memberpress-discord-add-on

This add-on enables connecting your MemberPress enabled website to your discord server. Now you can add/remove MemberPress members directly to your di …

200 active installs v1.1.4 PHP 7.0+ WP 4.7+ Updated Nov 11, 2025

communitiesdiscord-role-managementmemberpressmembershipssell-private-access

B · Generally Safe

CVEs total2

Unpatched1

Last CVEJan 20, 2026

Plugin page Download

Safety Verdict

Is ExpressTechSoftwares Addon for MemberPress and Discord Safe to Use in 2026?

Mostly Safe

Score 76/100

ExpressTechSoftwares Addon for MemberPress and Discord is generally safe to use. 2 past CVEs were resolved. Keep it updated.

2 known CVEs 1 unpatched Last CVE: Jan 20, 2026Updated 4mo ago

Risk Assessment

The expresstechsoftwares-memberpress-discord-add-on plugin exhibits a mixed security posture. While it shows strengths in areas like the high percentage of prepared SQL statements and proper output escaping, significant concerns arise from its attack surface and historical vulnerability patterns. The presence of five unprotected AJAX handlers represents a substantial entry point for potential attacks, especially given the total of six entry points with five being unprotected. This lack of authentication on a majority of its entry points is a critical weakness.

The code analysis also flags two instances of the dangerous `unserialize` function, which can lead to Remote Code Execution if not handled with extreme care, although no critical taint flows were identified. The taint analysis did reveal one high-severity flow, indicating a potential vulnerability that could be exploited for data leakage or other malicious actions. The vulnerability history is particularly concerning, with two known CVEs, one of which remains unpatched. The consistent pattern of 'Cross-site Scripting' vulnerabilities in the past suggests a recurring weakness in input sanitization or output escaping in user-provided data, despite overall good output escaping percentages in the current static analysis.

Key Concerns

Unprotected AJAX handlers
Unpatched CVE
High severity taint flow
Dangerous unserialize function usage

Vulnerabilities

ExpressTechSoftwares Addon for MemberPress and Discord Security Vulnerabilities

CVEs by Year

1 CVE in 2025

2025

1 CVE in 2026 · unpatched

2026

Patched Has unpatched

Severity Breakdown

Medium

2 total CVEs

CVE-2025-68838medium · 6.1Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

MemberPress Discord Addon <= 1.1.4 - Reflected Cross-Site Scripting

Jan 20, 2026Unpatched

CVE-2025-32605medium · 6.1Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

MemberPress Discord Addon <= 1.1.1 - Reflected Cross-Site Scripting

Apr 14, 2025 Patched in 1.1.2 (8d)

Code Analysis

Analyzed Mar 16, 2026

ExpressTechSoftwares Addon for MemberPress and Discord Code Analysis

Dangerous Functions

Raw SQL Queries

15 prepared

Unescaped Output

276 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Dangerous Functions Found

unserialize$roles_color = unserialize( get_option( 'ets_memberpress_discord_ropublic\class-memberpress-discord-public.php:99

unserialize$roles_color = unserialize( get_option( 'ets_memberpress_discord_rolepublic\class-memberpress-discord-public.php:699

SQL Query Safety

88% prepared17 total queries

Output Escaping

82% escaped337 total outputs

Data Flows

4 unsanitized

Data Flow Analysis

10 flows4 with unsanitized paths

ets_memberpress_discord_search_by_discord (admin\class-memberpress-discord-admin.php:1341)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

5 unprotected

ExpressTechSoftwares Addon for MemberPress and Discord Attack Surface

Entry Points6

Unprotected5

AJAX Handlers 5

authwp_ajax_memberpress_load_discord_rolesincludes\class-memberpress-discord.php:154

authwp_ajax_memberpress_discord_clear_logsincludes\class-memberpress-discord.php:155

authwp_ajax_memberpress_discord_member_table_run_apiincludes\class-memberpress-discord.php:156

authwp_ajax_ets_memberpress_discord_notice_dismissincludes\class-memberpress-discord.php:188

authwp_ajax_memberpress_disconnect_from_discordincludes\class-memberpress-discord.php:210

Shortcodes 1

[mepr_discord_button] includes\class-memberpress-discord.php:206

WordPress Hooks 54

filtermepr-list-table-joinsadmin\class-memberpress-discord-admin.php:1385

filtermepr-list-table-argsadmin\class-memberpress-discord-admin.php:1396

actionadmin_noticesincludes\class-memberpress-discord-admin-notices.php:21

actionplugins_loadedincludes\class-memberpress-discord.php:131

actionadmin_enqueue_scriptsincludes\class-memberpress-discord.php:146

actionadmin_enqueue_scriptsincludes\class-memberpress-discord.php:147

actionadmin_menuincludes\class-memberpress-discord.php:148

actionadmin_post_memberpress_discord_general_settingsincludes\class-memberpress-discord.php:149

actionadmin_post_memberpress_discord_role_mappingincludes\class-memberpress-discord.php:150

actionadmin_post_memberpress_discord_advance_settingsincludes\class-memberpress-discord.php:151

actionadmin_post_memberpress_discord_save_appearance_settingsincludes\class-memberpress-discord.php:152

actionadmin_post_memberpress_discord_send_support_mailincludes\class-memberpress-discord.php:153

actionmepr-transaction-expiredincludes\class-memberpress-discord.php:157

actionmepr-event-transaction-expiredincludes\class-memberpress-discord.php:158

actionmepr-txn-expiredincludes\class-memberpress-discord.php:160

actionmepr-event-subscription-expiredincludes\class-memberpress-discord.php:161

actionmepr_pre_delete_transactionincludes\class-memberpress-discord.php:162

actionmepr-event-subscription-stoppedincludes\class-memberpress-discord.php:163

actionmepr-txn-transition-statusincludes\class-memberpress-discord.php:164

filtermepr-admin-members-colsincludes\class-memberpress-discord.php:165

actionmepr_members_list_table_rowincludes\class-memberpress-discord.php:166

actionmepr_reminders_workerincludes\class-memberpress-discord.php:167

actionmepr_payment_failureincludes\class-memberpress-discord.php:171

actionets_memberpress_discord_as_handle_memberpress_expiryincludes\class-memberpress-discord.php:172

actionets_memberpress_discord_as_handle_memberpress_cancelledincludes\class-memberpress-discord.php:173

actionets_memberpress_discord_as_send_dmincludes\class-memberpress-discord.php:174

actionets_memberpress_discord_as_schedule_delete_roleincludes\class-memberpress-discord.php:175

actionets_memberpress_discord_as_handle_memberpress_complete_transactionincludes\class-memberpress-discord.php:176

actionbefore_delete_postincludes\class-memberpress-discord.php:177

actionadmin_initincludes\class-memberpress-discord.php:178

actiondelete_userincludes\class-memberpress-discord.php:179

actionmepr-event-transaction-refundedincludes\class-memberpress-discord.php:180

actionmepr-event-subscription-pausedincludes\class-memberpress-discord.php:181

actionmepr_table_controls_searchincludes\class-memberpress-discord.php:183

actionremove_user_from_blogincludes\class-memberpress-discord.php:185

actionadmin_initincludes\class-memberpress-discord.php:187

filterdisable_as_for_roles_managementincludes\class-memberpress-discord.php:189

actionwp_enqueue_scriptsincludes\class-memberpress-discord.php:204

actionwp_enqueue_scriptsincludes\class-memberpress-discord.php:205

actionmepr-account-home-fieldsincludes\class-memberpress-discord.php:207

actioninitincludes\class-memberpress-discord.php:208

actioninitincludes\class-memberpress-discord.php:209

actionets_memberpress_discord_as_handle_add_member_to_guildincludes\class-memberpress-discord.php:211

actionets_memberpress_discord_as_schedule_delete_memberincludes\class-memberpress-discord.php:212

actionets_memberpress_discord_as_send_welcome_dmincludes\class-memberpress-discord.php:213

actionets_memberpress_discord_as_schedule_member_put_roleincludes\class-memberpress-discord.php:214

actionmepr-account-home-before-nameincludes\class-memberpress-discord.php:215

actionmepr-checkout-before-nameincludes\class-memberpress-discord.php:216

actionmepr-event-createincludes\class-memberpress-discord.php:217

filterkses_allowed_protocolsincludes\class-memberpress-discord.php:218

filterets_memberpress_show_connect_button_on_profileincludes\class-memberpress-discord.php:219

filteraction_scheduler_queue_runner_batch_sizeincludes\class-memberpress-discord.php:229

filteraction_scheduler_queue_runner_concurrent_batchesincludes\class-memberpress-discord.php:230

actionaction_scheduler_failed_executionincludes\class-memberpress-discord.php:231

Maintenance & Trust

ExpressTechSoftwares Addon for MemberPress and Discord Maintenance & Trust

Maintenance Signals

WordPress version tested6.7.5

Last updatedNov 11, 2025

PHP min version7.0

Downloads12K

Community Trust

Rating90/100

Number of ratings8

Active installs200

Alternatives

ExpressTechSoftwares Addon for MemberPress and Discord Alternatives

Connect Eduma Theme to Discord

connect-eduma-theme-to-discord

Create a community of your students by connecting your Eduma Theme and LearnPress Website to your Discord server.

0 No CVEs

Members – Membership & User Role Editor Plugin

members

The best WordPress membership and user role editor plugin. User Roles & Capabilities editor helps you restrict content in just a few clicks.

300K 1 CVE

Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress

wp-user-avatar

Setup paid membership, accept payment, sell subscription & digital product, paywall, create login & registration form, user profile & member directory

100K 41 CVEs

Simple Membership

simple-membership

Simple membership plugin adds membership functionality to your site. Protect members only content using content protection easily.

40K 24 CVEs

Paid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content Restriction

paid-member-subscriptions

Feature-packed membership plugin for creating subscription plans, adding recurring payments & content restriction on your membership site.

10K 16 CVEs

Developer Profile

ExpressTechSoftwares Addon for MemberPress and Discord Developer Profile

expresstechsoftware

14 plugins · 2K total installs

trust score

Avg Security Score

97/100

Avg Patch Time

8 days

View full developer profile

Detection Fingerprints

How We Detect ExpressTechSoftwares Addon for MemberPress and Discord

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/expresstechsoftwares-memberpress-discord-add-on/admin/css/skeletabs.css/wp-content/plugins/expresstechsoftwares-memberpress-discord-add-on/admin/css/memberpress-discord-admin.css/wp-content/plugins/expresstechsoftwares-memberpress-discord-add-on/admin/js/skeletabs.js/wp-content/plugins/expresstechsoftwares-memberpress-discord-add-on/admin/js/memberpress-discord-admin.js/wp-content/plugins/expresstechsoftwares-memberpress-discord-add-on/admin/js/memberpress-discord-search.js

Version Parameters

expresstechsoftwares-memberpress-discord-add-on/admin/css/memberpress-discord-admin.css?ver=expresstechsoftwares-memberpress-discord-add-on/admin/js/memberpress-discord-admin.js?ver=

HTML / DOM Fingerprints

CSS Classes

ets-memberpress-discord

Data Attributes

ets_discord_save_settingsets-memberpress-discord-ajax-nonce

JS Globals

etsMemberpressParams

FAQ