[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fAa0lTsTqqHO2NK-TR8KZ58autXJiVpCJAWsOFRhSW9s":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":18,"download_link":25,"security_score":26,"vuln_count":27,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"vulnerabilities":31,"developer":47,"crawl_stats":37,"alternatives":51,"analysis":143,"fingerprints":505},"membees-member-login-widget","Membee Login","2.3.7","DaleAB","https:\u002F\u002Fprofiles.wordpress.org\u002Fdaleab\u002F","\u003Cp>This plug-in allows a WordPress developer to utilize the popular membership management system, \u003Ca href=\"https:\u002F\u002Fwww.membee.com\u002F\" rel=\"nofollow ugc\">Membee\u003C\u002Fa> to control user access to a WordPress site. For a membership based organizations, this plug-in extends to WordPress the ability to manage access and roles within the member’s record in Membee and then use the roles to permit access to content in a WordPress site. Since Membee allows for the creation of unlimited groups and committees, each with their own unlimited access roles, the WordPress developer has very granular control over access to content. For the client membership based organization, they gain the desired ability manage all aspects of their relationship with their member, including website content access in one place, Membee.\u003C\u002Fp>\n\u003Cp>For example, the assignment a “BoardOnly” role to the “Board of Directors” committee in Membee would restrict access to website content secured in WordPress using the “BoardOnly” role. All roles created and managed in Membee are passed to WordPress via this plug-in so there are no additional steps to insure the roles are the same in Membee and the WordPress site. Since committee members inherit the access role from the committee, adding people to the committee or removing them instantly grants or removes the roll respectively. For the WordPress developer, this means one time only deployment of the functionality without the need to constantly revise their site as their client organization adds, drops, and revises groups and committees in Membee.\u003C\u002Fp>\n\u003Cp>The plug-in also extends Membee’s support for it’s Social Login feature. This feature allows an organization to activate support for social network login in Membee to permit members to use their social network identity (Facebook, Twitter, Google, Yahoo, and LinkedIn) to access restricted website content and features. The plug-in allows the WordPress developer to permit the use of the social network identities by members to access content the developer has restricted access to. To extend the example above, a member serving on the Board of Directors could access the site content restricted with the “BoardOnly” access role using their Facebook username and password.\u003C\u002Fp>\n","Add member authentication and access role management to your WordPress site via Membee's powerful Member Single Sign-On web service.",200,22491,68,5,"2026-02-09T18:31:00.000Z","6.9.4","2.7.0","",[20,21,22,23,24],"authentication","login","membee","members","membership","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmembees-member-login-widget.2.3.7.zip",97,1,0,"2026-01-27 00:00:00","2026-03-15T15:16:48.613Z",[32],{"id":33,"url_slug":34,"title":35,"description":36,"plugin_slug":4,"theme_slug":37,"affected_versions":38,"patched_in_version":6,"severity":39,"cvss_score":40,"cvss_vector":41,"vuln_type":42,"published_date":29,"updated_date":43,"references":44,"days_to_patch":46},"CVE-2025-68844","membee-login-unauthenticated-stored-cross-site-scripting","Membee Login \u003C= 2.3.6 - Unauthenticated Stored Cross-Site Scripting","The Membee Login plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 2.3.6 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.",null,"\u003C=2.3.6","high",7.2,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:N\u002FS:C\u002FC:L\u002FI:L\u002FA:N","Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')","2026-02-10 20:44:47",[45],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F3352b264-eae8-4ce3-86ee-5febcd2e7fcc?source=api-prod",15,{"slug":48,"display_name":7,"profile_url":8,"plugin_count":27,"total_installs":11,"avg_security_score":26,"avg_patch_time_days":46,"trust_score":49,"computed_at":50},"daleab",92,"2026-04-04T02:45:39.835Z",[52,73,94,111,127],{"slug":53,"name":54,"version":55,"author":56,"author_profile":57,"description":58,"short_description":59,"active_installs":60,"downloaded":61,"rating":49,"num_ratings":62,"last_updated":63,"tested_up_to":16,"requires_at_least":64,"requires_php":18,"tags":65,"homepage":68,"download_link":69,"security_score":70,"vuln_count":71,"unpatched_count":28,"last_vuln_date":72,"fetched_at":30},"wp-members","WP-Members Membership Plugin","3.5.6","Chad Butler","https:\u002F\u002Fprofiles.wordpress.org\u002Fcbutlerjr\u002F","\u003Cp>The original WordPress membership plugin with content restriction, user login, custom registration fields, user profiles, and more.\u003C\u002Fp>\n\u003Ch3>Membership Sites. Simplified.\u003C\u002Fh3>\n\u003Cp>You need a membership site, but you want to focus on your business, not mastering a plugin. WP-Members is simple to use, easy to set up, yet flexible in every way imaginable.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Simple to install and configure – yet customizable and scalable!\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Ch4>Features:\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Restrict or hide posts, pages, and custom post types\u003C\u002Fli>\n\u003Cli>Limit menu items to logged in users\u003C\u002Fli>\n\u003Cli>User login, registration, and profile integrated into your theme\u003C\u002Fli>\n\u003Cli>Create custom registration and profile fields\u003C\u002Fli>\n\u003Cli>Integrate custom fields into WooCommerce checkout and registration (only supported by shortcode pages, not block editor version)\u003C\u002Fli>\n\u003Cli>Create custom memberships and content restriction\u003C\u002Fli>\n\u003Cli>Notify admin of new user registrations\u003C\u002Fli>\n\u003Cli>Hold new registrations for admin approval\u003C\u002Fli>\n\u003Cli>Create post excerpt teaser content automatically\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Frocketgeek.com\u002Fplugins\u002Fwp-members\u002Fdocs\u002Fshortcodes\u002F\" rel=\"nofollow ugc\">Shortcodes for login, registration, content restriction, and more\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Create powerful customizations with \u003Ca href=\"https:\u002F\u002Frocketgeek.com\u002Fplugins\u002Fwp-members\u002Fdocs\u002Ffilter-hooks\u002F\" rel=\"nofollow ugc\">more than 120 action and filter hooks\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Frocketgeek.com\u002Fplugins\u002Fwp-members\u002Fdocs\u002Fapi-functions\u002F\" rel=\"nofollow ugc\">A library of API functions for extensibility\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>WP-Members allows you to restrict content as restricted or hidden, limiting access to registered users.\u003C\u002Fp>\n\u003Cp>A full Users Guide is \u003Ca href=\"https:\u002F\u002Frocketgeek.com\u002Fplugins\u002Fwp-members\u002Fdocs\u002F\" rel=\"nofollow ugc\">available here\u003C\u002Fa>. The guide outlines the installation process, and also documents how to use all of the settings.\u003C\u002Fp>\n\u003Ch4>Support\u003C\u002Fh4>\n\u003Cp>There is \u003Ca href=\"https:\u002F\u002Frocketgeek.com\u002Fplugins\u002Fwp-members\u002Fdocs\u002F\" rel=\"nofollow ugc\">freely available documentation on the plugin’s support site\u003C\u002Fa>. Your question may be answered there. If you need assistance configuring the plugin or have questions on how to implement or customize features, \u003Ca href=\"https:\u002F\u002Frocketgeek.com\u002Fproduct\u002Fwp-members-plugin-support\u002F\" rel=\"nofollow ugc\">premium support is available\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>You can get priority support along with all of the plugin’s premium extensions in one \u003Ca href=\"https:\u002F\u002Frocketgeek.com\u002Fproduct\u002Fwp-members-pro-bundle\u002F\" rel=\"nofollow ugc\">cost saving Pro Bundle!\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>Premium Support\u003C\u002Fh4>\n\u003Cp>Premium support subscribers have access to priority email support, examples, tutorials, and code snippets that will help you extend and customize the base plugin using the plugin’s framework. \u003Ca href=\"https:\u002F\u002Frocketgeek.com\u002Fplugins\u002Fwp-members\u002Fsupport-options\u002F\" rel=\"nofollow ugc\">Visit the site for more info\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>Free Extensions\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Frocketgeek.com\u002Fproduct\u002Fstop-spam-registrations\u002F\" rel=\"nofollow ugc\">Stop Spam Registrations\u003C\u002Fa> – Uses stopforumspam.com’s API to block spam registrations.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Frocketgeek.com\u002Fproduct\u002Fsend-test-emails\u002F\" rel=\"nofollow ugc\">Send Test Emails\u003C\u002Fa> – A utility to send test versions of the plugin’s emails.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Premium Extensions\u003C\u002Fh4>\n\u003Cp>The plugin has several premium extensions for additional functionality. You can purchase any of them individually, or get them all for a significant discount in the Pro Bundle.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Frocketgeek.com\u002Fplugins\u002Fwp-members-advanced-options\u002F\" rel=\"nofollow ugc\">Advanced Options\u003C\u002Fa> – adds additional settings to WP-Members for redirecting core WP created URLs, redirecting restricted content, hiding the WP toolbar, and more! Also includes integrations with popular plugins like WooCommerce, BuddyPress, bbPress, ADF, Easy Digital Downloads, and The Events Calendar.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Frocketgeek.com\u002Fplugins\u002Fwp-members-download-protect\u002F\" rel=\"nofollow ugc\">Download Protect\u003C\u002Fa> – Allows you to restrict access to specific files, requiring the user to be logged in to access.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Frocketgeek.com\u002Fplugins\u002Fwp-members-invite-codes\u002F\" rel=\"nofollow ugc\">Invite Codes\u003C\u002Fa> – set up invitation codes to restrict registration to only those with a valide invite code.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Frocketgeek.com\u002Fplugins\u002Fwp-members-mailchimp-integration\u002F\" rel=\"nofollow ugc\">MailChimp Integration\u003C\u002Fa> – add MailChimp list subscription to your registation form.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Frocketgeek.com\u002Fplugins\u002Fwp-members-memberships-for-woocommerce\u002F\" rel=\"nofollow ugc\">Memberships for WooCommerce\u003C\u002Fa> – Sell memberships through WooCommerce.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Frocketgeek.com\u002Fplugins\u002Fwp-members-paypal-subscriptions\u002F\" rel=\"nofollow ugc\">PayPal Subscriptions\u003C\u002Fa> – Sell restricted content access through PayPal.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Frocketgeek.com\u002Fplugins\u002Fwp-members-security\u002F\" rel=\"nofollow ugc\">Security\u003C\u002Fa> – adds a number of security features to the plugin such as preventing concurrent logins, registration form honey pot (spam blocker), require passwords be changed on first use, require passwords to be changed after defined period of time, require strong passwords, block registration by IP and email, restrict specified usernames from being registered.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Frocketgeek.com\u002Fplugins\u002Fwp-members-text-editor\u002F\" rel=\"nofollow ugc\">Text Editor\u003C\u002Fa> – Adds an editor to the WP-Members admin panel to easily customize all user facing strings in the plugin.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Frocketgeek.com\u002Fplugins\u002Fwp-members-user-list\u002F\" rel=\"nofollow ugc\">User List\u003C\u002Fa> – Display lists of users on your site. Great for creating user directories with detailed and customizable profiles.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Frocketgeek.com\u002Fplugins\u002Fwp-members-user-tracking\u002F\" rel=\"nofollow ugc\">User Tracking\u003C\u002Fa> – Track what pages logged in users are visting and when.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Frocketgeek.com\u002Fplugins\u002Fwordpass\u002F\" rel=\"nofollow ugc\">WordPass Pro\u003C\u002Fa> – Change your random password generator from gibberish to word-based passwords (can be used with or without WP-Members).\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Get support along with all of the plugin’s premium extensions in one \u003Ca href=\"https:\u002F\u002Frocketgeek.com\u002Fproduct\u002Fwp-members-pro-bundle\u002F\" rel=\"nofollow ugc\">cost saving Pro Bundle!\u003C\u002Fa>\u003C\u002Fp>\n","The original WordPress membership plugin with content restriction, user login, custom registration fields, user profiles, and more.",50000,3986869,271,"2026-02-27T14:28:00.000Z","4.0",[20,21,24,66,67],"registration","restriction","https:\u002F\u002Frocketgeek.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-members.3.5.6.zip",88,18,"2026-03-03 18:17:29",{"slug":74,"name":75,"version":76,"author":77,"author_profile":78,"description":79,"short_description":80,"active_installs":81,"downloaded":82,"rating":81,"num_ratings":83,"last_updated":84,"tested_up_to":16,"requires_at_least":85,"requires_php":86,"tags":87,"homepage":92,"download_link":93,"security_score":81,"vuln_count":28,"unpatched_count":28,"last_vuln_date":37,"fetched_at":30},"memberstack","Memberstack – Member Management & Content Protection","1.3.1","Josh","https:\u002F\u002Fprofiles.wordpress.org\u002Fmsjoshlopez\u002F","\u003Cp>Since 2019, we’ve helped thousands of businesses to generate $125,000,000 in revenue through premium content and membership sites. Our customers range from high school seniors to teams at Slack, Reddit, American Airlines, Webflow, IDEO, etc.\u003C\u002Fp>\n\u003Cp>Whether you’re creating a custom SaaS application, online course, subscription service, premium content site, or member community, we’re ready to help!\u003C\u002Fp>\n\u003Cp>Our WordPress integration makes it simple to protect content, manage members, and process payments without any coding knowledge. Perfect for content creators, course developers, and businesses looking to monetize their WordPress sites through memberships.\u003C\u002Fp>\n\u003Ch4>Getting Started Guide\u003C\u002Fh4>\n\u003Cp>\u003Cstrong>Quick Start Video Tutorial\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Check out our installation and setup guide video: \u003Ca href=\"https:\u002F\u002Fyoutu.be\u002FN-S2CJjomK8?si=nGboxSIPbjHHbCoO\" rel=\"nofollow ugc\">Watch Getting Started with Memberstack + WordPress\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>In this video, you’ll learn how you can add gated content, social auth, and more to your WordPress site using the Memberstack plugin with WordPress!\u003C\u002Fp>\n\u003Ch4>Why Choose Memberstack?\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>No Coding Required\u003C\u002Fstrong> – Easy setup with visual builders and pre-built components for WordPress\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Professional Features\u003C\u002Fstrong> – Enterprise-grade security and functionality at a fraction of the cost\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Flexible Pricing\u003C\u002Fstrong> – Start building in test mode for free with no credit card required\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Modern Authentication\u003C\u002Fstrong> – Social login, passwordless options, and traditional email\u002Fpassword\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Page Builder Ready\u003C\u002Fstrong> – Works seamlessly with popular builders like Bricks, Elementor, Gutenberg, and more\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Perfect For\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Online Courses & Educational Content\u003C\u002Fli>\n\u003Cli>Premium News & Media Sites\u003C\u002Fli>\n\u003Cli>Subscription Services\u003C\u002Fli>\n\u003Cli>Member Communities\u003C\u002Fli>\n\u003Cli>Digital Downloads\u003C\u002Fli>\n\u003Cli>Professional Services\u003C\u002Fli>\n\u003Cli>Content Creators\u003C\u002Fli>\n\u003Cli>Online Coaches\u003C\u002Fli>\n\u003Cli>Digital Products\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Essential Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\n\u003Cp>\u003Cstrong>Smart Content Protection\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Protect entire pages or specific sections\u003C\u002Fli>\n\u003Cli>Create multiple membership plans, paid or free\u003C\u002Fli>\n\u003Cli>Set up trial periods for paid plans\u003C\u002Fli>\n\u003Cli>Custom access rules\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Modern Authentication\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Social login (Google, GitHub, LinkedIn, etc.)\u003C\u002Fli>\n\u003Cli>Passwordless email login\u003C\u002Fli>\n\u003Cli>Traditional email\u002Fpassword\u003C\u002Fli>\n\u003Cli>Custom registration fields, we call them “custom fields”\u003C\u002Fli>\n\u003Cli>Profile management\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Payment & Subscriptions\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Stripe integration – Memberstack exclusively uses Stripe\u003C\u002Fli>\n\u003Cli>Multiple pricing tiers\u003C\u002Fli>\n\u003Cli>Free and paid plans\u003C\u002Fli>\n\u003Cli>Trial periods\u003C\u002Fli>\n\u003Cli>Payment management\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Pricing\u003C\u002Fh4>\n\u003Cp>Start in test mode for free – no credit card required. When you’re ready to launch, choose the plan that fits your member count. As your business grows, unlock lower transaction fees. We added this section because we want to be transparent about our pricing and help you make an informed decision.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\n\u003Cp>\u003Cstrong>Basic – $29\u002Fmo\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Perfect for up to 1,000 members\u003C\u002Fli>\n\u003Cli>4% transaction fee – great for testing the waters\u003C\u002Fli>\n\u003Cli>All core features included\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Professional – $49\u002Fmo\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Scale up to 5,000 members\u003C\u002Fli>\n\u003Cli>Reduced 2% transaction fee\u003C\u002Fli>\n\u003Cli>All core features included\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Business – $99\u002Fmo\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Support up to 10,000 members\u003C\u002Fli>\n\u003Cli>Ultra-low 0.9% transaction fee\u003C\u002Fli>\n\u003Cli>All core features included\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Established – $499\u002Fmo\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>10,000+ members\u003C\u002Fli>\n\u003Cli>ZERO transaction fees – maximize your revenue\u003C\u002Fli>\n\u003Cli>All core features included\u003C\u002Fli>\n\u003Cli>Priority support included\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Every Plan Includes:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>WordPress integration\u003C\u002Fli>\n\u003Cli>Social login options\u003C\u002Fli>\n\u003Cli>Stripe payment processing\u003C\u002Fli>\n\u003Cli>Custom SSO\u003C\u002Fli>\n\u003Cli>Branded emails\u003C\u002Fli>\n\u003Cli>Member management dashboard\u003C\u002Fli>\n\u003Cli>Save 20% with annual billing\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Start for free in test mode and upgrade when you’re ready to launch. No hidden fees or surprises – just straightforward pricing that scales with your success.\u003C\u002Fp>\n\u003Ch4>Page Builder Integration\u003C\u002Fh4>\n\u003Cp>Works seamlessly with your favorite page builders:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Bricks\u003C\u002Fstrong> – Native elements for forms and buttons\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Elementor\u003C\u002Fstrong> – Custom widgets for membership features\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Divi\u003C\u002Fstrong> – Built-in module support\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Gutenberg\u003C\u002Fstrong> – Dedicated blocks for content protection\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Easy Implementation\u003C\u002Fh4>\n\u003Cp>Add membership features anywhere with our shortcodes:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ccode>[memberstack_login]\u003C\u002Fcode> – Display login form\u003C\u002Fli>\n\u003Cli>\u003Ccode>[memberstack_signup]\u003C\u002Fcode> – Display signup form\u003C\u002Fli>\n\u003Cli>\u003Ccode>[memberstack_protected]\u003C\u002Fcode> – Protect content sections\u003C\u002Fli>\n\u003Cli>\u003Ccode>[memberstack_member]\u003C\u002Fcode> – Display member information\u003C\u002Fli>\n\u003Cli>\u003Ccode>[memberstack_modal]\u003C\u002Fcode> – Add modal triggers\u003C\u002Fli>\n\u003Cli>\u003Ccode>[memberstack_logout]\u003C\u002Fcode> – Add logout buttons\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Getting Started\u003C\u002Fh4>\n\u003Col>\n\u003Cli>Install the Memberstack WordPress plugin\u003C\u002Fli>\n\u003Cli>Create your free Memberstack account at \u003Ca href=\"https:\u002F\u002Fmemberstack.com\" rel=\"nofollow ugc\">memberstack.com\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Copy your App ID from the Memberstack dashboard\u003C\u002Fli>\n\u003Cli>Paste the App ID in WordPress under Settings > Memberstack\u003C\u002Fli>\n\u003Cli>Start protecting content and adding membership features!\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>Professional Support\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Extensive \u003Ca href=\"https:\u002F\u002Fdocs.memberstack.com\u002Fhc\u002Fen-us\" rel=\"nofollow ugc\">Documentation\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Support Team – \u003Ca href=\"https:\u002F\u002Fdocs.memberstack.com\u002Fhc\u002Fen-us\u002Frequests\u002Fnew\" rel=\"nofollow ugc\">Contact Us\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Community Forum – \u003Ca href=\"https:\u002F\u002Fdocs.memberstack.com\u002Fhc\u002Fen-us\u002Fcommunity\u002Fposts\" rel=\"nofollow ugc\">Join the Discussion\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>WordPress Slack Community – \u003Ca href=\"https:\u002F\u002Fwww.memberstack.com\u002Fwpslack\" rel=\"nofollow ugc\">Join the Slack Community\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Privacy Policy\u003C\u002Fh3>\n\u003Cp>Memberstack integrates with our cloud service to manage memberships and protect content. \u003Ca href=\"https:\u002F\u002Fdocs.memberstack.com\u002Fhc\u002Fen-us\u002Farticles\u002F11419812024347-Privacy-Policy\" rel=\"nofollow ugc\">View our Privacy Policy\u003C\u002Fa>.\u003C\u002Fp>\n","Transform your WordPress site into a premium membership platform. Create members-only content and manage subscriptions with ease.",100,2767,24,"2026-03-03T09:43:00.000Z","6.7","7.4",[88,24,89,90,91],"content-protection","social-login","subscription-management","user-authentication","https:\u002F\u002Fmemberstack.com\u002Fwordpress","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmemberstack.1.3.1.zip",{"slug":95,"name":96,"version":97,"author":98,"author_profile":99,"description":100,"short_description":101,"active_installs":102,"downloaded":103,"rating":81,"num_ratings":27,"last_updated":104,"tested_up_to":105,"requires_at_least":106,"requires_php":18,"tags":107,"homepage":18,"download_link":110,"security_score":81,"vuln_count":28,"unpatched_count":28,"last_vuln_date":37,"fetched_at":30},"spiral-secure-session-manager","SPIRALセキュアセッションマネージャー","1.2.0","SPIRAL Inc.","https:\u002F\u002Fprofiles.wordpress.org\u002Fspiralplatform\u002F","\u003Cp>“SPIRALセキュアセッションマネージャー”は スパイラル株式会社 が提供するクラウド型ローコード開発プラットフォームSPIRALを利用し、安全な会員サイトを制作できるプラグインです。プログラム開発は一切不要。どなたでも簡単に会員サイトを作成することができます。\u003Cbr \u002F>\nプラグインの特長\u003Cbr \u002F>\n　・ログインフォームをウィジェットとして表示\u003Cbr \u002F>\n　・会員データは高セキュリティなSPIRALのデータベースにて安全に保管されます。\u003Cbr \u002F>\n　・SPIRALの会員データへの認証とセッション管理が自動で行えます。\u003Cbr \u002F>\n　・会員サイトを実現する複数のショートコードを提供\u003Cbr \u002F>\n　ショートコードを利用してWebコンテンツページをログインにより表示内容の切り分けができます。\u003Cbr \u002F>\n　また、会員属性によってもコンテンツ内容の表示の切り分けが可能です。\u003Cbr \u002F>\n　さらに、SPIRALのデータベースに保管されているデータをコンテンツページへ表示も可能です。\u003Cbr \u002F>\nプラグインの設定方法やショートコード情報などは\u003Ca href=\"https:\u002F\u002Fapl-support.pi-pe.co.jp\u002Fs3m\u002F\" rel=\"nofollow ugc\">サポートサイト\u003C\u002Fa>を参照してください。\u003Cbr \u002F>\n※SPIRALは スパイラル株式会社 の登録商標です。\u003C\u002Fp>\n\u003Cp>このプラグインは会員管理機能を提供するために第三者（外部）サービスを利用しています。\u003Cbr \u002F>\nプラグインを利用するには、\u003Ca href=\"https:\u002F\u002Fwww.spiral-platform.co.jp\u002Fservice\u002Fspiralv1\u002F\" rel=\"nofollow ugc\">SPIRAL ver.1\u003C\u002Fa> または \u003Ca href=\"https:\u002F\u002Fspiral.pi-pe.co.jp\u002F\" rel=\"nofollow ugc\">SPIRAL ver.2\u003C\u002Fa>の契約が別途必要です。\u003C\u002Fp>\n\u003Cp>“SPIRALセキュアセッションマネージャー” is a plugin that utilizes the cloud-based low-code development platform SPIRAL provided by SPIRAL Inc. , enabling the creation of secure membership sites. No programming is required, and anyone can easily create a membership site.\u003Cbr \u002F>\nPlugin Features:\u003Cbr \u002F>\n– Display the login form as a widget.\u003Cbr \u002F>\n– Member data is securely stored in SPIRAL’s high-security database.\u003Cbr \u002F>\n– Authentication to SPIRAL’s member data and session management are automatically handled.\u003Cbr \u002F>\n– Provides multiple shortcodes to create a membership site.\u003Cbr \u002F>\n– Use shortcodes to differentiate the display content of web content pages based on login status.\u003Cbr \u002F>\n– Additionally, content display differentiation based on member attributes is possible.\u003Cbr \u002F>\n– Furthermore, display data stored in SPIRAL’s database on content pages.\u003Cbr \u002F>\nFor information on plugin settings and shortcodes, please refer to the \u003Ca href=\"https:\u002F\u002Fapl-support.pi-pe.co.jp\u002Fs3m\u002F\" rel=\"nofollow ugc\">support site\u003C\u002Fa>.\u003Cbr \u002F>\n*SPIRAL is a registered trademark of SPIRAL Inc. .\u003C\u002Fp>\n\u003Cp>This plugin utilizes third-party (external) services to provide membership management functionality.\u003Cbr \u002F>\nTo use the plugin, a separate contract with \u003Ca href=\"https:\u002F\u002Fwww.spiral-platform.co.jp\u002Fservice\u002Fspiralv1\u002F\" rel=\"nofollow ugc\">SPIRAL ver.1\u003C\u002Fa> or \u003Ca href=\"https:\u002F\u002Fspiral.pi-pe.co.jp\u002F\" rel=\"nofollow ugc\">SPIRAL ver.2\u003C\u002Fa> is required.\u003C\u002Fp>\n\u003Ch3>Service Provider: SPIRAL Platform\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Service URL:\u003C\u002Fstrong> \u003Ca href=\"https:\u002F\u002Fwww.spiral-platform.co.jp\u002Fservice\u002Fspiralv1\u002F\" rel=\"nofollow ugc\">SPIRAL ver.1\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Terms of Use:\u003C\u002Fstrong> \u003Ca href=\"https:\u002F\u002Fwww.spiral-platform.co.jp\u002Fwp-content\u002Fuploads\u002Fuser\u002Fspiral\u002FSPIRALv1_agreement.pdf\" rel=\"nofollow ugc\">SPIRAL ver.1 Terms of Use\u003C\u002Fa>\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Service URL:\u003C\u002Fstrong> \u003Ca href=\"https:\u002F\u002Fspiral.pi-pe.co.jp\u002F\" rel=\"nofollow ugc\">SPIRAL ver.2\u003C\u002Fa>\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Terms of Use:\u003C\u002Fstrong> \u003Ca href=\"https:\u002F\u002Fwww.pi-pe.co.jp\u002Farea\u002Ftable_file\u002FB1-K8B000270010O9k0E0E24000002000hj5\" rel=\"nofollow ugc\">SPIRAL ver.2 Terms of Use\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Usage Details\u003C\u002Fh4>\n\u003Cp>This plugin uses the SPIRAL API to enhance its features. The API requests are made to the following endpoints:\u003C\u002Fp>\n\u003Col>\n\u003Cli>API Endpoint:\n\u003Cul>\n\u003Cli>\u003Cstrong>Endpoint URL:\u003C\u002Fstrong> \u003Ccode>https:\u002F\u002Fapi.spiral-platform.com\u002Fv1\u003C\u002Fcode>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>Authentication Server API Endpoints:\n\u003Cul>\n\u003Cli>\u003Cstrong>Login\u002FCache API:\u003C\u002Fstrong> https:\u002F\u002Fs3m-api.smp.ne.jp\u002Fapi\u002Fv1\u002F\u003C\u002Fli>\n\u003Cli>\u003Cstrong>authentications:\u003C\u002Fstrong> https:\u002F\u002Fs3m-api.smp.ne.jp\u002Fapi\u002Fv1\u002Fauthentications\u002F\u003C\u002Fli>\n\u003Cli>\u003Cstrong>API Location Retrieval:\u003C\u002Fstrong> https:\u002F\u002Fs3m-locator.smp.ne.jp\u002Fapi\u002Fv1\u002Flocator\u002F , https:\u002F\u002Fwww.pi-pe.co.jp\u002Fapi\u002Flocator\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Activation:\u003C\u002Fstrong> https:\u002F\u002Fs3m-account.smp.ne.jp\u002Fapi\u002Fv1\u002F\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>You can review the service URLs and terms of use related to these services at the following links:\u003Cbr \u002F>\n– \u003Cstrong>Service URL:\u003C\u002Fstrong> \u003Ca href=\"https:\u002F\u002Fwww.spiral-platform.co.jp\u002Fservice\u002Fspiralv1\u002F\" rel=\"nofollow ugc\">SPIRAL ver.1\u003C\u002Fa>\u003Cbr \u002F>\n– \u003Cstrong>Terms of Use:\u003C\u002Fstrong> \u003Ca href=\"https:\u002F\u002Fwww.spiral-platform.co.jp\u002Fwp-content\u002Fuploads\u002Fuser\u002Fspiral\u002FSPIRALv1_agreement.pdf\" rel=\"nofollow ugc\">SPIRAL ver.1 Terms of Use\u003C\u002Fa>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Service URL:\u003C\u002Fstrong> \u003Ca href=\"https:\u002F\u002Fspiral.pi-pe.co.jp\u002F\" rel=\"nofollow ugc\">SPIRAL ver.2\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Terms of Use:\u003C\u002Fstrong> \u003Ca href=\"https:\u002F\u002Fwww.pi-pe.co.jp\u002Farea\u002Ftable_file\u002FB1-K8B000270010O9k0E0E24000002000hj5\" rel=\"nofollow ugc\">SPIRAL ver.2 Terms of Use\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Please note that by using this plugin, you acknowledge and agree to the terms of use and privacy policy of SPIRAL.\u003Cbr \u002F>\nMake sure to review them to ensure compliance and understanding of how your data is handled.\u003C\u002Fp>\n\u003Ch3>Privacy Policy\u003C\u002Fh3>\n\u003Cp>SPIRALセキュアセッションマネージャー is designed as part of the creation and functionality of membership websites.\u003Cbr \u002F>\nYou can connect your membership website created with this plugin to the low-code development platform SPIRAL and sets the websites to send data to the database in SPIRAL accounts and also can decide which accounts the data is sent to.\u003Cbr \u002F>\nthe data is managed by who managed the accounts. SPIRAL Inc. processes without anyone seeing or touching the data.\u003Cbr \u002F>\nIf you have any questions regarding privacy, please feel free to \u003Ca href=\"https:\u002F\u002Fwww.pi-pe.co.jp\u002Fregist\u002Fis?SMPFORM=man-mcsepb-0e06c81b1a06832e44b64b391bc18b71&f000099823=WordPress%E3%83%97%E3%83%A9%E3%82%B0%E3%82%A4%E3%83%B3%20%E4%BC%9A%E5%93%A1%E7%AE%A1%E7%90%86&f000099824=https:\u002F\u002Fwww.pi-pe.co.jp\u002Fsolution\u002Fwp-mls\u002F\" rel=\"nofollow ugc\">contact us\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>This plugin utilizes third-party (external) services to provide membership management functionality.\u003Cbr \u002F>\nTo use the plugin, a separate contract with \u003Ca href=\"https:\u002F\u002Fwww.spiral-platform.co.jp\u002Fservice\u002Fspiralv1\u002F\" rel=\"nofollow ugc\">SPIRAL ver.1\u003C\u002Fa> or \u003Ca href=\"https:\u002F\u002Fspiral.pi-pe.co.jp\u002F\" rel=\"nofollow ugc\">SPIRAL ver.2\u003C\u002Fa> is required.\u003Cbr \u002F>\nYou can review the service URLs and terms of use related to these services at the following links:\u003Cbr \u002F>\n– \u003Cstrong>Service URL:\u003C\u002Fstrong> \u003Ca href=\"https:\u002F\u002Fwww.spiral-platform.co.jp\u002Fservice\u002Fspiralv1\u002F\" rel=\"nofollow ugc\">SPIRAL ver.1\u003C\u002Fa>\u003Cbr \u002F>\n– \u003Cstrong>Terms of Use:\u003C\u002Fstrong> \u003Ca href=\"https:\u002F\u002Fwww.spiral-platform.co.jp\u002Fwp-content\u002Fuploads\u002Fuser\u002Fspiral\u002FSPIRALv1_agreement.pdf\" rel=\"nofollow ugc\">SPIRAL ver.1 Terms of Use\u003C\u002Fa>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Service URL:\u003C\u002Fstrong> \u003Ca href=\"https:\u002F\u002Fspiral.pi-pe.co.jp\u002F\" rel=\"nofollow ugc\">SPIRAL ver.2\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Terms of Use:\u003C\u002Fstrong> \u003Ca href=\"https:\u002F\u002Fwww.pi-pe.co.jp\u002Farea\u002Ftable_file\u002FB1-K8B000270010O9k0E0E24000002000hj5\" rel=\"nofollow ugc\">SPIRAL ver.2 Terms of Use\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n","Easily add secure membership management and authentication features to your WordPress site using SPIRAL&reg;.",40,1030,"2026-01-15T08:45:00.000Z","6.8.5","5.7",[20,21,24,108,109],"security","spiral","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fspiral-secure-session-manager.1.2.0.zip",{"slug":112,"name":113,"version":114,"author":115,"author_profile":116,"description":117,"short_description":118,"active_installs":119,"downloaded":120,"rating":28,"num_ratings":28,"last_updated":121,"tested_up_to":16,"requires_at_least":122,"requires_php":86,"tags":123,"homepage":18,"download_link":126,"security_score":81,"vuln_count":28,"unpatched_count":28,"last_vuln_date":37,"fetched_at":30},"edel-auth-for-supabase","Edel Auth for Supabase","1.0.2","Edel Hearts","https:\u002F\u002Fprofiles.wordpress.org\u002Fedelhearts\u002F","\u003Cp>This plugin integrates \u003Cstrong>Supabase Authentication\u003C\u002Fstrong> into your WordPress site, providing a secure, scalable, and modern membership system.\u003Cbr \u002F>\nIt allows you to completely separate “Site Administrators” (who use WordPress native auth) from “General Users” (who use Supabase auth).\u003Cbr \u002F>\nThis ensures your \u003Ccode>wp-admin\u003C\u002Fcode> remains secure while offering a seamless login experience for your customers.\u003C\u002Fp>\n\u003Ch3>Full Setup Guide\u003C\u002Fh3>\n\u003Cp>We have prepared a comprehensive guide to help you through the process, including Google Cloud Platform configuration and Supabase settings:\u003Cbr \u002F>\nhttps:\u002F\u002Fedel-hearts.com\u002Fedel-auth-for-supabase-guide\u002F?display_lang=en\u003C\u002Fp>\n\u003Ch3>Key Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Supabase Authentication:\u003C\u002Fstrong> Support for Email\u002FPassword, Magic Links (Passwordless), and Social Login (Google).\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Auto Synchronization:\u003C\u002Fstrong> Users created in Supabase are automatically synced to WordPress as subscribers upon login.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Logout Synchronization:\u003C\u002Fstrong> Logging out of WordPress automatically triggers a sign-out from Supabase to ensure session consistency.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>User Deletion Sync:\u003C\u002Fstrong> Deleting a user in WordPress automatically removes the corresponding user from Supabase (Requires Service Role Key).\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Secure Admin Separation:\u003C\u002Fstrong> Administrators are blocked from logging in via the frontend forms to prevent privilege escalation attacks.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Smart Password Reset:\u003C\u002Fstrong> Automatically detects if a user registered via Google and guides them to use the “Log in with Google” button instead of sending a reset email.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Welcome Emails:\u003C\u002Fstrong> Sends customizable “Welcome” emails directly from WordPress upon successful registration. Custom Sender Name and Email are supported.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Keep Alive (Maintenance):\u003C\u002Fstrong> Automatically accesses Supabase once a day to prevent free projects from pausing due to inactivity.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Developer Friendly:\u003C\u002Fstrong> Includes hooks for customizing user roles and syncing additional metadata.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Why use this plugin?\u003C\u002Fh3>\n\u003Cp>Unlike other plugins that sync the entire database, \u003Cstrong>Edel Auth for Supabase\u003C\u002Fstrong> authenticates users via the Supabase API on the frontend and only creates a WordPress user session when necessary.\u003Cbr \u002F>\nThis keeps your WordPress database clean and your site fast.\u003C\u002Fp>\n\u003Ch3>For Developers\u003C\u002Fh3>\n\u003Cp>You can customize the plugin behavior using the following hooks in your theme’s functions.php:\u003C\u002Fp>\n\u003Col>\n\u003Cli>\n\u003Cp>Filter Hook: eafs_user_role\u003Cbr \u002F>\nThis filter allows you to dynamically change the WordPress user role based on the Supabase provider (e.g., assigning a ‘contributor’ role to users who log in via Google).\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Action Hook: eafs_after_user_sync\u003Cbr \u002F>\nThis action triggers after a user is successfully synced from Supabase to WordPress. It is ideal for updating additional user metadata, such as syncing the display name or recording the last login timestamp.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>Shortcodes\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Ccode>[eafs_login]\u003C\u002Fcode> – Displays the login form.\u003C\u002Fli>\n\u003Cli>\u003Ccode>[eafs_register]\u003C\u002Fcode> – Displays the registration form.\u003C\u002Fli>\n\u003Cli>\u003Ccode>[eafs_forgot_password]\u003C\u002Fcode> – Displays the password reset request form.\u003C\u002Fli>\n\u003Cli>\u003Ccode>[eafs_update_password]\u003C\u002Fcode> – Displays the new password entry form (for the reset flow).\u003C\u002Fli>\n\u003Cli>\u003Ccode>[eafs_logout]\u003C\u002Fcode> – Displays a logout button (only visible to logged-in users).\u003C\u002Fli>\n\u003C\u002Ful>\n","Connect your WordPress site to Supabase Authentication. Securely manage members with Supabase while keeping WordPress admins separate.",10,220,"2026-02-14T10:21:00.000Z","5.8",[20,124,21,24,125],"google-login","supabase","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fedel-auth-for-supabase.1.0.2.zip",{"slug":128,"name":129,"version":130,"author":131,"author_profile":132,"description":133,"short_description":134,"active_installs":28,"downloaded":135,"rating":28,"num_ratings":28,"last_updated":136,"tested_up_to":16,"requires_at_least":137,"requires_php":86,"tags":138,"homepage":141,"download_link":142,"security_score":81,"vuln_count":28,"unpatched_count":28,"last_vuln_date":37,"fetched_at":30},"bigambitions-glueup-bridge","BigAmbitions Membership & Login Bridge for GlueUp","1.1.0","divemasterza","https:\u002F\u002Fprofiles.wordpress.org\u002Fdivemasterza\u002F","\u003Cp>\u003Cstrong>BigAmbitions Membership & Login Bridge for GlueUp\u003C\u002Fstrong> is an independent integration tool designed for organizations using the GlueUp platform (formerly EventBank). It provides a secure, branded gateway that bridges your WordPress site with your GlueUp database, allowing members to log in using their GlueUp credentials.\u003C\u002Fp>\n\u003Cp>This plugin is not affiliated with, endorsed by, or officially connected to GlueUp. It simply integrates with the publicly available GlueUp API.\u003C\u002Fp>\n\u003Cp>Unlike standard login plugins, this bridge doesn’t just check passwords—it validates the user’s real-time membership status. It ensures that only members in good standing (Active, Soon-to-Expire, or in a Grace Period) can access your protected content.\u003C\u002Fp>\n\u003Cp>Key Features:\u003Cbr \u002F>\n*   \u003Cstrong>Real-time API Authentication\u003C\u002Fstrong>: Authenticate members securely against the GlueUp API.\u003Cbr \u002F>\n*   \u003Cstrong>Intelligent Membership Check\u003C\u002Fstrong>: Automatically verify if a member is Active, Soon-to-Expire, or in a Grace Period before allowing access.\u003Cbr \u002F>\n*   \u003Cstrong>Organization-First White-Labeling\u003C\u002Fstrong>: Customize the login experience with your own company name.\u003Cbr \u002F>\n*   \u003Cstrong>Seamless Profile Sync\u003C\u002Fstrong>: Automatically synchronize user names and company details from GlueUp to WordPress.\u003Cbr \u002F>\n*   \u003Cstrong>Security First\u003C\u002Fstrong>: Built with CSRF protection, data sanitization, and compatibility with brute-force protection plugins.\u003Cbr \u002F>\n*   \u003Cstrong>Developer Friendly\u003C\u002Fstrong>: Simple shortcode integration \u003Ccode>[glueup_login_form]\u003C\u002Fcode> and a clean administration dashboard.\u003C\u002Fp>\n\u003Ch3>External services\u003C\u002Fh3>\n\u003Cp>This plugin connects to the GlueUp API to authenticate members and verify their membership status.\u003C\u002Fp>\n\u003Ch4>Authentication (Login)\u003C\u002Fh4>\n\u003Cp>When a user submits the login form, the plugin sends their email address and an MD5-hashed password to the GlueUp session endpoint to obtain an authentication token.\u003Cbr \u002F>\nEndpoint: \u003Ccode>https:\u002F\u002Fapi.glueup.com\u002Fv2\u002Fuser\u002Fsession\u003C\u002Fcode>\u003C\u002Fp>\n\u003Ch4>Membership Verification\u003C\u002Fh4>\n\u003Cp>After authentication, the plugin sends the session token to the GlueUp membership endpoint to check whether the user has an active membership.\u003Cbr \u002F>\nEndpoint: \u003Ccode>https:\u002F\u002Fapi.glueup.com\u002Fv2\u002Fmembership\u002FactiveApplicationList\u003C\u002Fcode>\u003C\u002Fp>\n\u003Ch4>Data transmitted\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>User email address (on login)\u003C\u002Fli>\n\u003Cli>MD5-hashed user password (on login)\u003C\u002Fli>\n\u003Cli>Session token (on membership verification)\u003C\u002Fli>\n\u003Cli>API public and private keys (as HMAC authentication headers)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>This data is only sent when a user actively submits the login form. No data is sent passively or on page load.\u003C\u002Fp>\n\u003Ch4>Service provider\u003C\u002Fh4>\n\u003Cp>These services are provided by GlueUp (https:\u002F\u002Fwww.glueup.com).\u003Cbr \u002F>\n* Terms of Use: https:\u002F\u002Fwww.glueup.com\u002Fterms\u003Cbr \u002F>\n* Privacy Policy: https:\u002F\u002Fwww.glueup.com\u002Fprivacy\u003C\u002Fp>\n","Professional membership validator and login bridge for organizations using the GlueUp platform.",105,"2026-02-18T05:18:00.000Z","6.2",[20,139,140,21,24],"bridge","integration","https:\u002F\u002Fbigambitions.co.za\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbigambitions-glueup-bridge.1.1.0.zip",{"attackSurface":144,"codeSignals":263,"taintFlows":359,"riskAssessment":495,"analyzedAt":504},{"hooks":145,"ajaxHandlers":233,"restRoutes":234,"shortcodes":235,"cronEvents":262,"entryPointCount":186,"unprotectedCount":28},[146,151,156,160,165,169,173,177,181,184,187,190,191,195,199,203,205,209,213,215,218,221,224,229,231],{"type":147,"name":148,"callback":149,"priority":27,"file":150,"line":71},"action","widgets_init","membee_wpac_widgets_init","default-widgets.php",{"type":147,"name":152,"callback":153,"file":154,"line":155},"admin_menu","display_membee_login_menu","membee-login.php",32,{"type":147,"name":157,"callback":158,"file":154,"line":159},"admin_print_styles","admin_header_stylesheet",33,{"type":161,"name":162,"callback":163,"file":154,"line":164},"filter","allowed_redirect_hosts","allow_redirects",34,{"type":147,"name":166,"callback":167,"file":154,"line":168},"init","membee_init",106,{"type":161,"name":170,"callback":171,"file":154,"line":172},"logout_url","change_logout_url",108,{"type":147,"name":174,"callback":175,"file":176,"line":14},"after_setup_theme","load_custom_widgets","wordpress-access-control.php",{"type":147,"name":178,"callback":179,"file":176,"line":180},"wp","check_for_members_only",6,{"type":147,"name":178,"callback":182,"file":176,"line":183},"check_for_nonmembers_only",7,{"type":147,"name":166,"callback":185,"file":176,"line":186},"add_wpac_nav_menus",8,{"type":147,"name":188,"callback":188,"file":176,"line":189},"admin_init",9,{"type":147,"name":152,"callback":152,"file":176,"line":119},{"type":147,"name":192,"callback":193,"file":176,"line":194},"add_meta_boxes","add_wp_access_meta_boxes",11,{"type":147,"name":196,"callback":197,"file":176,"line":198},"save_post","save_postdata",12,{"type":147,"name":200,"callback":201,"file":176,"line":202},"manage_pages_custom_column","show_column",13,{"type":161,"name":204,"callback":204,"file":176,"line":46},"get_pages",{"type":161,"name":206,"callback":207,"file":176,"line":208},"manage_edit-page_columns","add_column",16,{"type":161,"name":210,"callback":211,"file":176,"line":212},"the_excerpt","remove_excerpt",17,{"type":161,"name":214,"callback":211,"file":176,"line":71},"the_content",{"type":161,"name":216,"callback":216,"priority":119,"file":176,"line":217},"plugin_row_meta",19,{"type":161,"name":219,"callback":219,"priority":119,"file":176,"line":220},"posts_join_paged",20,{"type":161,"name":222,"callback":222,"priority":119,"file":176,"line":223},"posts_where_paged",21,{"type":161,"name":225,"callback":226,"priority":227,"file":176,"line":228},"wp_nav_menu_args","wp_nav_menu_members_only",99999,22,{"type":161,"name":225,"callback":225,"priority":227,"file":176,"line":230},23,{"type":161,"name":232,"callback":232,"file":176,"line":83},"wp_page_menu_args",[],[],[236,239,243,247,249,253,256,259],{"tag":237,"callback":238,"file":154,"line":26},"membee_login","membee_login_shortcode",{"tag":240,"callback":241,"file":154,"line":242},"membee_reset","membee_reset_shortcode",98,{"tag":244,"callback":245,"file":176,"line":246},"member","shortcode_members",26,{"tag":23,"callback":245,"file":176,"line":248},27,{"tag":250,"callback":251,"file":176,"line":252},"non-members","shortcode_nonmembers",28,{"tag":254,"callback":251,"file":176,"line":255},"nonmembers",29,{"tag":257,"callback":251,"file":176,"line":258},"non-member",30,{"tag":260,"callback":251,"file":176,"line":261},"nonmember",31,[],{"dangerousFunctions":264,"sqlUsage":265,"outputEscaping":267,"fileOperations":28,"externalRequests":27,"nonceChecks":357,"capabilityChecks":357,"bundledLibraries":358},[],{"prepared":28,"raw":28,"locations":266},[],{"escaped":268,"rawEcho":269,"locations":270},25,48,[271,274,276,278,280,282,284,285,286,288,289,291,292,294,295,296,298,301,303,305,307,308,309,310,312,314,316,318,320,321,322,323,325,327,329,331,333,335,337,339,341,343,345,347,349,351,353,355],{"file":150,"line":272,"context":273},49,"raw output",{"file":150,"line":275,"context":273},52,{"file":150,"line":277,"context":273},56,{"file":150,"line":279,"context":273},85,{"file":150,"line":281,"context":273},90,{"file":150,"line":283,"context":273},91,{"file":150,"line":283,"context":273},{"file":150,"line":283,"context":273},{"file":150,"line":287,"context":273},95,{"file":150,"line":287,"context":273},{"file":150,"line":290,"context":273},96,{"file":150,"line":290,"context":273},{"file":150,"line":293,"context":273},99,{"file":150,"line":81,"context":273},{"file":150,"line":81,"context":273},{"file":150,"line":297,"context":273},104,{"file":299,"line":300,"context":273},"mvc\\v.php",47,{"file":299,"line":302,"context":273},115,{"file":299,"line":304,"context":273},153,{"file":306,"line":27,"context":273},"templates\\meta_box.php",{"file":306,"line":14,"context":273},{"file":306,"line":268,"context":273},{"file":306,"line":248,"context":273},{"file":306,"line":311,"context":273},39,{"file":306,"line":313,"context":273},58,{"file":306,"line":315,"context":273},66,{"file":317,"line":164,"context":273},"templates\\options.php",{"file":317,"line":319,"context":273},38,{"file":317,"line":70,"context":273},{"file":317,"line":281,"context":273},{"file":317,"line":302,"context":273},{"file":317,"line":324,"context":273},117,{"file":317,"line":326,"context":273},158,{"file":317,"line":328,"context":273},159,{"file":317,"line":330,"context":273},160,{"file":317,"line":332,"context":273},175,{"file":317,"line":334,"context":273},177,{"file":317,"line":336,"context":273},237,{"file":317,"line":338,"context":273},256,{"file":317,"line":340,"context":273},286,{"file":317,"line":342,"context":273},296,{"file":317,"line":344,"context":273},306,{"file":317,"line":346,"context":273},332,{"file":317,"line":348,"context":273},342,{"file":317,"line":350,"context":273},367,{"file":176,"line":352,"context":273},234,{"file":176,"line":354,"context":273},236,{"file":176,"line":356,"context":273},401,2,[],[360,379,389,402,413,427,463],{"entryPoint":361,"graph":362,"unsanitizedCount":27,"severity":378},"membee_widget (mvc\\v.php:107)",{"nodes":363,"edges":375},[364,369],{"id":365,"type":366,"label":367,"file":299,"line":368},"n0","source","$_GET['error_description']",126,{"id":370,"type":371,"label":372,"file":299,"line":373,"wp_function":374},"n1","sink","echo() [XSS]",125,"echo",[376],{"from":365,"to":370,"sanitized":377},false,"medium",{"entryPoint":380,"graph":381,"unsanitizedCount":27,"severity":378},"membee_flyout_widget (mvc\\v.php:145)",{"nodes":382,"edges":387},[383,385],{"id":365,"type":366,"label":367,"file":299,"line":384},164,{"id":370,"type":371,"label":372,"file":299,"line":386,"wp_function":374},163,[388],{"from":365,"to":370,"sanitized":377},{"entryPoint":390,"graph":391,"unsanitizedCount":401,"severity":378},"check_for_members_only (wordpress-access-control.php:280)",{"nodes":392,"edges":399},[393,396],{"id":365,"type":366,"label":394,"file":176,"line":395},"$_SERVER['REQUEST_URI'] (x4)",298,{"id":370,"type":371,"label":397,"file":176,"line":395,"wp_function":398},"header() [Header Injection]","header",[400],{"from":365,"to":370,"sanitized":377},4,{"entryPoint":403,"graph":404,"unsanitizedCount":28,"severity":412},"display_membee_login_options (mvc\\v.php:11)",{"nodes":405,"edges":409},[406,408],{"id":365,"type":366,"label":407,"file":299,"line":202},"$_SERVER",{"id":370,"type":371,"label":372,"file":299,"line":228,"wp_function":374},[410],{"from":365,"to":370,"sanitized":411},true,"low",{"entryPoint":414,"graph":415,"unsanitizedCount":357,"severity":412},"\u003Cv> (mvc\\v.php:0)",{"nodes":416,"edges":424},[417,418,419,422],{"id":365,"type":366,"label":407,"file":299,"line":202},{"id":370,"type":371,"label":372,"file":299,"line":228,"wp_function":374},{"id":420,"type":366,"label":421,"file":299,"line":368},"n2","$_GET['error_description'] (x2)",{"id":423,"type":371,"label":372,"file":299,"line":373,"wp_function":374},"n3",[425,426],{"from":365,"to":370,"sanitized":411},{"from":420,"to":423,"sanitized":377},{"entryPoint":428,"graph":429,"unsanitizedCount":28,"severity":412},"options_page (wordpress-access-control.php:54)",{"nodes":430,"edges":457},[431,434,437,440,441,444,446,449,451,455],{"id":365,"type":366,"label":432,"file":176,"line":433},"$_REQUEST['wpac_members_blog_redirect']",70,{"id":370,"type":371,"label":435,"file":176,"line":433,"wp_function":436},"update_option() [Settings Manipulation]","update_option",{"id":420,"type":366,"label":438,"file":176,"line":439},"$_REQUEST['wpac_custom_post_types']",77,{"id":423,"type":371,"label":435,"file":176,"line":439,"wp_function":436},{"id":442,"type":366,"label":443,"file":176,"line":368},"n4","$_REQUEST['wpac_default_members_redirect']",{"id":445,"type":371,"label":435,"file":176,"line":368,"wp_function":436},"n5",{"id":447,"type":366,"label":448,"file":176,"line":326},"n6","$_REQUEST['page_excerpt_text']",{"id":450,"type":371,"label":435,"file":176,"line":326,"wp_function":436},"n7",{"id":452,"type":366,"label":453,"file":176,"line":454},"n8","$_REQUEST['post_excerpt_text']",162,{"id":456,"type":371,"label":435,"file":176,"line":454,"wp_function":436},"n9",[458,459,460,461,462],{"from":365,"to":370,"sanitized":411},{"from":420,"to":423,"sanitized":411},{"from":442,"to":445,"sanitized":411},{"from":447,"to":450,"sanitized":411},{"from":452,"to":456,"sanitized":411},{"entryPoint":464,"graph":465,"unsanitizedCount":28,"severity":412},"\u003Cwordpress-access-control> (wordpress-access-control.php:0)",{"nodes":466,"edges":487},[467,468,469,470,471,472,473,474,475,476,477,479,481,484],{"id":365,"type":366,"label":432,"file":176,"line":433},{"id":370,"type":371,"label":435,"file":176,"line":433,"wp_function":436},{"id":420,"type":366,"label":438,"file":176,"line":439},{"id":423,"type":371,"label":435,"file":176,"line":439,"wp_function":436},{"id":442,"type":366,"label":443,"file":176,"line":368},{"id":445,"type":371,"label":435,"file":176,"line":368,"wp_function":436},{"id":447,"type":366,"label":448,"file":176,"line":326},{"id":450,"type":371,"label":435,"file":176,"line":326,"wp_function":436},{"id":452,"type":366,"label":453,"file":176,"line":454},{"id":456,"type":371,"label":435,"file":176,"line":454,"wp_function":436},{"id":478,"type":366,"label":394,"file":176,"line":395},"n10",{"id":480,"type":371,"label":397,"file":176,"line":395,"wp_function":398},"n11",{"id":482,"type":366,"label":407,"file":176,"line":483},"n12",295,{"id":485,"type":371,"label":397,"file":176,"line":486,"wp_function":398},"n13",336,[488,489,490,491,492,493,494],{"from":365,"to":370,"sanitized":411},{"from":420,"to":423,"sanitized":411},{"from":442,"to":445,"sanitized":411},{"from":447,"to":450,"sanitized":411},{"from":452,"to":456,"sanitized":411},{"from":478,"to":480,"sanitized":411},{"from":482,"to":485,"sanitized":411},{"summary":496,"deductions":497},"The membees-member-login-widget v2.3.7 plugin presents a mixed security posture. On the positive side, the plugin demonstrates good practices by utilizing prepared statements for all SQL queries and appears to have no unpatched vulnerabilities in its history. The absence of dangerous functions, file operations, and external HTTP requests are also positive indicators. However, concerns arise from the significant percentage of improperly escaped output (66%). While the static analysis did not identify critical or high severity taint flows, the presence of 4 flows with unsanitized paths warrants attention, especially when combined with the output escaping issues. The vulnerability history, although showing no currently unpatched CVEs, does include a past high-severity vulnerability related to Cross-Site Scripting (XSS), indicating a historical weakness in input sanitization or output encoding. The large number of shortcodes (8) as entry points, while not explicitly stated as unprotected, could become a vector if not handled with robust sanitization and escaping, especially in light of the observed output escaping deficiency.",[498,500,502],{"reason":499,"points":186},"Significant percentage of improperly escaped output",{"reason":501,"points":180},"Flows with unsanitized paths found",{"reason":503,"points":14},"Past high severity vulnerability (XSS)","2026-03-16T20:13:02.952Z",{"wat":506,"direct":515},{"assetPaths":507,"generatorPatterns":510,"scriptPaths":511,"versionParams":512},[508,509],"\u002Fwp-content\u002Fplugins\u002Fmembees-member-login-widget\u002Fcss\u002Fmembee-login-widget.css","\u002Fwp-content\u002Fplugins\u002Fmembees-member-login-widget\u002Fjs\u002Fmembee-login-widget.js",[],[509],[513,514],"membees-member-login-widget\u002Fcss\u002Fmembee-login-widget.css?ver=","membees-member-login-widget\u002Fjs\u002Fmembee-login-widget.js?ver=",{"cssClasses":516,"htmlComments":520,"htmlAttributes":521,"restEndpoints":523,"jsGlobals":524,"shortcodeOutput":526},[517,518,519],"membee-login-widget-container","membee-login-widget-title","membee-login-widget-subtitle",[],[522],"data-membee-widget-id",[],[525],"membee_login_widget_settings",[527,528],"[membee_login]","[membee_reset]"]