[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f-FZui-S3vx-MC7xigEg_ZsGCvXp5IsN7IoG3Jk0Oboc":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":29,"last_vuln_date":30,"fetched_at":31,"vulnerabilities":32,"developer":78,"crawl_stats":38,"alternatives":85,"analysis":179,"fingerprints":763},"memberful-wp","Memberful – Membership Plugin","1.78.0","memberful","https:\u002F\u002Fprofiles.wordpress.org\u002Fmemberful\u002F","\u003Cp>\u003Ca href=\"https:\u002F\u002Fmemberful.com\u002F\" rel=\"nofollow ugc\">Memberful\u003C\u002Fa> is a best-in-class membership software and WordPress plugin used by some of the web’s biggest creators, publishers, and independent media companies.\u003C\u002Fp>\n\u003Cp>Generate reliable, recurring revenue by selling subscription plans while protecting access to your content. Memberful allows you to maintain full control and ownership of your audience, your brand, and your business.\u003C\u002Fp>\n\u003Ch3>Protect Content\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Protect members-only content and select which subscribers get access to gated areas of your website using server-side content protection.\u003C\u002Fli>\n\u003Cli>Restrict access to content based on membership level and protect specific posts or pages right from your WordPress edit screen.\u003C\u002Fli>\n\u003Cli>Manage access to media including blog articles, in-house newsletters, private podcasts, protected downloads, and more.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Integrations\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Built-in integrations with popular third-party services including Mailchimp, Discord, ConvertKit, Klaviyo, and Google Analytics.\u003C\u002Fli>\n\u003Cli>Add new custom applications or develop your own using the Memberful API.\u003C\u002Fli>\n\u003Cli>Utilize webhooks to trigger when important events happen on your site, such as when a member changes their payment\u002Ftax details.\u003C\u002Fli>\n\u003Cli>Integrate with popular ad providers to disable ads based on user subscription plans and user status.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Membership Management\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Automatically sync your Memberful membership data to WordPress or import a list of your existing members.\u003C\u002Fli>\n\u003Cli>Add multiple staff users and manage their account permissions.\u003C\u002Fli>\n\u003Cli>Utilize built-in analytics dashboards to monitor and grow your business.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Payment and Plans\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Easily accept payments through your Stripe account.\u003C\u002Fli>\n\u003Cli>Streamlined member checkout process with Single-Sign-On (SSO) and Apple & Google Pay integration.\u003C\u002Fli>\n\u003Cli>Create multiple membership plans and upgrades to allow tiered access to different areas of your website.\u003C\u002Fli>\n\u003Cli>Discounts, Referrals, and Retention bonuses to incentivize sign-ups and membership upgrades.\u003C\u002Fli>\n\u003Cli>Enable automatic tax calculations based on where you and your members are located.\u003C\u002Fli>\n\u003C\u002Ful>\n","Sell memberships and restrict access to content with WordPress and Memberful.",1000,203513,94,13,"2026-02-25T14:49:00.000Z","6.9.4","3.6","7.4",[20,21,22,23,24],"membership","paywall","recurring-payments","stripe","subscriptions","http:\u002F\u002Fgithub.com\u002Fmemberful\u002Fmemberful-wp","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmemberful-wp.1.78.0.zip",97,3,0,"2025-09-22 00:00:00","2026-03-15T15:16:48.613Z",[33,49,64],{"id":34,"url_slug":35,"title":36,"description":37,"plugin_slug":4,"theme_slug":38,"affected_versions":39,"patched_in_version":40,"severity":41,"cvss_score":42,"cvss_vector":43,"vuln_type":44,"published_date":30,"updated_date":45,"references":46,"days_to_patch":48},"CVE-2025-58000","memberful-missing-authorization","Memberful \u003C= 1.75.0 - Missing Authorization","The Memberful plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on a function in versions up to, and including, 1.75.0. This makes it possible for unauthenticated attackers to perform an unauthorized action.",null,"\u003C=1.75.0","1.76.0","medium",6.5,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:N\u002FS:U\u002FC:L\u002FI:L\u002FA:N","Missing Authorization","2025-10-17 19:36:29",[47],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F42eba5fe-aafa-4cdd-9243-a50df56014fb?source=api-prod",26,{"id":50,"url_slug":51,"title":52,"description":53,"plugin_slug":4,"theme_slug":38,"affected_versions":54,"patched_in_version":55,"severity":41,"cvss_score":56,"cvss_vector":57,"vuln_type":58,"published_date":59,"updated_date":60,"references":61,"days_to_patch":63},"CVE-2024-11294","memberful-unauthenticated-content-restriction-bypass-to-sensitive-information-exposure","Memberful \u003C= 1.73.9 - Unauthenticated Content Restriction Bypass to Sensitive Information Exposure","The Memberful plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.73.9 via the WordPress core search feature. This makes it possible for unauthenticated attackers to extract sensitive data from posts that have been restricted to higher-level roles such as site members.","\u003C=1.73.9","1.74.0",5.3,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:N\u002FS:U\u002FC:L\u002FI:N\u002FA:N","Exposure of Sensitive Information to an Unauthorized Actor","2024-12-16 00:00:00","2024-12-17 08:22:47",[62],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F19ad787d-e027-48f5-8b5f-9263338b4fc3?source=api-prod",1,{"id":65,"url_slug":66,"title":67,"description":68,"plugin_slug":4,"theme_slug":38,"affected_versions":69,"patched_in_version":70,"severity":41,"cvss_score":71,"cvss_vector":72,"vuln_type":73,"published_date":74,"updated_date":75,"references":76,"days_to_patch":63},"CVE-2024-9242","memberful-membership-plugin-authenticated-contributor-stored-cross-site-scripting","Memberful – Membership Plugin \u003C= 1.73.7 - Authenticated (contributor+) Stored Cross-Site Scripting","The Memberful – Membership Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'memberful_buy_subscription_link' and 'memberful_podcasts_link' shortcodes in all versions up to, and including, 1.73.7 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.","\u003C=1.73.7","1.73.8",6.4,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:N\u002FS:C\u002FC:L\u002FI:L\u002FA:N","Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')","2024-10-03 00:00:00","2024-10-04 05:30:19",[77],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fe9e30377-2b5a-4b2d-9f19-bae91608fb24?source=api-prod",{"slug":7,"display_name":7,"profile_url":8,"plugin_count":79,"total_installs":80,"avg_security_score":81,"avg_patch_time_days":82,"trust_score":83,"computed_at":84},2,1600,91,9,88,"2026-04-04T05:27:51.112Z",[86,105,122,142,161],{"slug":87,"name":88,"version":89,"author":87,"author_profile":90,"description":91,"short_description":92,"active_installs":93,"downloaded":94,"rating":29,"num_ratings":29,"last_updated":95,"tested_up_to":96,"requires_at_least":97,"requires_php":98,"tags":99,"homepage":102,"download_link":103,"security_score":104,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"wallkit","Wallkit Subscriptions & Paywall Plugin for WordPress","3.4.4","https:\u002F\u002Fprofiles.wordpress.org\u002Fwallkit\u002F","\u003Cp>Wallkit is the most progressive paid-content system out in the market today. This versatile technological platform handles content access control, billing and administrative functions for membership-based content publishers.\u003C\u002Fp>\n\u003Cp>Wallkit software integrates seamlessly across WordPress users’ websites and your other platforms like Hubspot, Mailchimp and Stripe.\u003C\u002Fp>\n\u003Cp>This easy-to-install and lightning-fast system connects with Wallkit server to bring content protection, subscriber management, sign up\u002Fsign in, member-CRM plus access to analytics features.\u003C\u002Fp>\n\u003Cp>It’s free to use. Simply sign up for a Wallkit account once you’ve installed the Plugin at \u003Ca href=\"https:\u002F\u002Fwallkit.net\" rel=\"nofollow ugc\">www.wallkit.net\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>Service is subject to Wallkit \u003Ca href=\"https:\u002F\u002Fdocs.google.com\u002Fdocument\u002Fd\u002F19PTSlPcUSZKqTnJlolzOoaIH-PMsNElDO9_aAjaqQ6U\u002Fedit?usp=sharing\" rel=\"nofollow ugc\">Terms and Conditions\u003C\u002Fa>.\u003C\u002Fp>\n","A Plug & Play paid-content system to manage subscribers, gather fees and drive additional content sales.",20,4293,"2025-03-26T13:29:00.000Z","6.6.5","4.0","5.6",[100,101,21,22,24],"memberships","paid-membership","https:\u002F\u002Fwallkit.net","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwallkit.zip",92,{"slug":106,"name":107,"version":108,"author":109,"author_profile":110,"description":111,"short_description":112,"active_installs":113,"downloaded":114,"rating":29,"num_ratings":29,"last_updated":115,"tested_up_to":16,"requires_at_least":116,"requires_php":18,"tags":117,"homepage":119,"download_link":120,"security_score":121,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"cashflow-subscriptions","CashFlow Subscriptions","1.2","durantdigital","https:\u002F\u002Fprofiles.wordpress.org\u002Fdurantdigital\u002F","\u003Cp>CashFlow Subscriptions provides a lightweight way to accept recurring payments with Stripe and restrict content to active subscribers — without requiring WooCommerce or complex membership systems.\u003C\u002Fp>\n\u003Cp>The plugin focuses on simplicity and reliability. It creates clean subscribe and profile pages, handles Stripe Checkout Sessions, stores subscription status automatically, and lets creators restrict any post or page with a single checkbox.\u003C\u002Fp>\n\u003Cp>This plugin is \u003Cstrong>not affiliated with WordPress or Automattic\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Key Features:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>💳 Stripe-powered subscription checkout (Stripe Checkout Sessions)\u003C\u002Fli>\n\u003Cli>📄 Auto-creates \u003Ccode>\u002Fsubscribe\u003C\u002Fcode> and \u003Ccode>\u002Fmyflow\u003C\u002Fcode> pages with shortcodes\u003C\u002Fli>\n\u003Cli>🔒 Restrict any page\u002Fpost to subscribers only (checkbox toggle)\u003C\u002Fli>\n\u003Cli>🖼️ Beautiful gradient subscribe button with modern styles\u003C\u002Fli>\n\u003Cli>🧠 Smart redirects (defaults to \u002Fmyflow)\u003C\u002Fli>\n\u003Cli>📊 Admin dashboard with Subscriptions & Transactions tabs (live from Stripe)\u003C\u002Fli>\n\u003Cli>🚀 CTA panel for upcoming Pro Plan with form opt-in\u003C\u002Fli>\n\u003Cli>✅ Fully WooCommerce-compatible (but doesn’t require it)\u003C\u002Fli>\n\u003Cli>🔌 Works with any theme\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Shortcodes:\u003C\u002Fstrong>\u003Cbr \u002F>\n– \u003Ccode>[cashflow_subscribe_form]\u003C\u002Fcode> – Stripe-powered subscribe button\u003Cbr \u002F>\n– \u003Ccode>[cashflow_subscription_profile]\u003C\u002Fcode> – MyFlow dashboard (view\u002Fcancel subscription)\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Admin Settings Include:\u003C\u002Fstrong>\u003Cbr \u002F>\n– Stripe Secret Key & Webhook Secret\u003Cbr \u002F>\n– Custom plan name and monthly price\u003Cbr \u002F>\n– Custom redirect inputs (defaults to \u003Ccode>\u002Fmyflow\u003C\u002Fcode>)\u003Cbr \u002F>\n– Button to auto-create required pages (\u003Ccode>\u002Fsubscribe\u003C\u002Fcode> and \u003Ccode>\u002Fmyflow\u003C\u002Fcode>)\u003Cbr \u002F>\n– Tabs: Subscriptions, Transactions, Pro Plan (CTA), and Settings\u003C\u002Fp>\n\u003Ch3>External Services\u003C\u002Fh3>\n\u003Cp>This plugin connects to the following third‑party services:\u003C\u002Fp>\n\u003Cp>1) Stripe – Used to create Checkout Sessions and manage subscriptions.\u003Cbr \u002F>\n   * Data sent: customer email, plan name\u002Fprice, and metadata (user_id) when a user starts checkout.\u003Cbr \u002F>\n   * Terms: https:\u002F\u002Fstripe.com\u002Flegal\u003Cbr \u002F>\n   * Privacy: https:\u002F\u002Fstripe.com\u002Fprivacy\u003C\u002Fp>\n\u003Cp>The plugin also links to our own Durant Digital policies:\u003Cbr \u002F>\n– Durant Digital Terms of Service: https:\u002F\u002Fdurantdigital.com\u002Fterms\u003Cbr \u002F>\n– Durant Digital Privacy Policy: https:\u002F\u002Fdurantdigital.com\u002Fprivacy-policy\u002F\u003C\u002Fp>\n","Simple, modern Stripe subscriptions for WordPress. Create paywalls, manage members, and restrict content without WooCommerce or heavy plugins.",10,328,"2025-12-23T02:49:00.000Z","5.5",[20,118,22,23,24],"monthly-payments","https:\u002F\u002Fdurantdigital.com\u002Fproducts\u002Fcashflow-subscriptions","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcashflow-subscriptions.zip",100,{"slug":123,"name":124,"version":125,"author":126,"author_profile":127,"description":128,"short_description":129,"active_installs":130,"downloaded":131,"rating":29,"num_ratings":29,"last_updated":132,"tested_up_to":133,"requires_at_least":134,"requires_php":135,"tags":136,"homepage":139,"download_link":140,"security_score":141,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"crowdfunding-and-fundraising-campaign-builder-by-payform","Crowdfunding and Fundraising Campaign Builder for PayForm","2.0","payform","https:\u002F\u002Fprofiles.wordpress.org\u002Fpayform\u002F","\u003Cp>PayForm is a solution used by hundreds of businesses and organizations around the world. The crowdfunding widget is perfect for anyone who needs to run a crowdfunding campaign on their WordPress site. PayForm gives you the most powerful billing and order management solution to make your crowdfunding campaign a success.\u003C\u002Fp>\n\u003Cp>Accept all major credit cards, like Visa, MasterCard, American Express, Discover, JCB and Diners Club in your WordPress site using PayForm.\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>\u003Cstrong>PayForm works out of the box in all WordPress sites. You don’t need any other plugin or to have SSL in your server.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003C\u002Fblockquote>\n","Add a crowdfunding campaign to any Wordpress website in seconds, connected to Stripe or PayPal, using Crowdfunding for PayForm",40,1950,"2018-08-31T21:13:00.000Z","4.9.29","3.0.1","",[20,137,22,23,138],"payments","stripe-checkout","http:\u002F\u002Fpayform.me\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcrowdfunding-and-fundraising-campaign-builder-by-payform.2.0.zip",85,{"slug":143,"name":144,"version":145,"author":144,"author_profile":146,"description":147,"short_description":148,"active_installs":149,"downloaded":150,"rating":121,"num_ratings":151,"last_updated":152,"tested_up_to":153,"requires_at_least":154,"requires_php":155,"tags":156,"homepage":157,"download_link":158,"security_score":159,"vuln_count":63,"unpatched_count":63,"last_vuln_date":160,"fetched_at":31},"pico","Hype","1.0.5","https:\u002F\u002Fprofiles.wordpress.org\u002Fpicoengineering\u002F","\u003Cp>Hype gives you all the tools you need to turn your site into an audience business. No need to redesign your site, learn to code, or hire a developer.\u003C\u002Fp>\n\u003Ch4>FOR COLLECTING SIGNUPS AND MANAGING NEWSLETTERS\u003C\u002Fh4>\n\u003Cp>\u003Cstrong>Register users while you collect emails and phone numbers.\u003C\u002Fstrong>\u003Cbr \u002F>\nHype’s popups and landing pages can register users on your site in seconds (no password needed), helping you collect email addresses and phone numbers at scale.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Offer free and paid newsletters side by side.\u003C\u002Fstrong>\u003Cbr \u002F>\nEasily offer any combination of free and paid newsletters.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Engagement data that matter.\u003C\u002Fstrong>\u003Cbr \u002F>\nTransform your contact list into a sales funnel. Keep track of how often a user visits, when they last visited your site, and even what content categories they read the most.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Easy on-site integration.\u003C\u002Fstrong>\u003Cbr \u002F>\nUse Hype’s pre-made templates, with high-converting, third-party sign-in buttons built-in. Or connect with your own email embed forms on site with just one line of code.\u003C\u002Fp>\n\u003Ch4>FOR SUBSCRIPTIONS AND MEMBERSHIPS\u003C\u002Fh4>\n\u003Cp>\u003Cstrong>The easiest way to sell access to your content.\u003C\u002Fstrong>\u003Cbr \u002F>\nLaunch a subscription paywall or membership program in minutes with checkout flows that are sure to convert.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Manage members and leads in the same place.\u003C\u002Fstrong>\u003Cbr \u002F>\nHype is the only subscription and membership tool with a built-in CRM that helps you keep track of who’s paying and \u003Cem>who’s about to pay\u003C\u002Fem>.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Just want to collect donations?\u003C\u002Fstrong>\u003Cbr \u002F>\nHype is the easiest way to offer donations via Stripe directly on your site or via landing page. All with Hype’s CRM and signup tools built in.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Effortless setup. No coding required.\u003C\u002Fstrong>\u003Cbr \u002F>\nHype can be up and running on your site in minutes. And the Hype app makes setting up all types of models – from multiple pricing tiers, metered paywalls, ‘freemium’ access, and trials – a breeze.\u003C\u002Fp>\n\u003Ch4>INTEGRATIONS\u003C\u002Fh4>\n\u003Cp>Hype integrates directly with Stripe and various email service providers, including Mailchimp, ConvertKit, and ActiveCampaign. Hype also integrates with Zapier, enabling workflows with thousands of other services.\u003C\u002Fp>\n","Intelligent popups and landing pages to fully manage email and phone number signups, newsletters, subscriptions, donations, and memberships.",30,6232,4,"2023-04-05T21:17:00.000Z","6.1.10","3.7","5.2.4",[100,23,24],"https:\u002F\u002Fgithub.com\u002FPicoNetworks\u002Fwordpress-plugin","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpico.1.0.5.zip",63,"2025-12-04 00:00:00",{"slug":162,"name":163,"version":164,"author":165,"author_profile":166,"description":167,"short_description":168,"active_installs":29,"downloaded":169,"rating":93,"num_ratings":63,"last_updated":170,"tested_up_to":171,"requires_at_least":172,"requires_php":173,"tags":174,"homepage":177,"download_link":178,"security_score":141,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"chargely-free-subscriptions-for-woocommerce","Chargely Free Subscriptions For Woocommernce","1.0","chargely","https:\u002F\u002Fprofiles.wordpress.org\u002Fchargely\u002F","\u003Cul>\n\u003Cli>\n\u003Cp>Chargely WooCommerce is a powerful plugin that allows you to sell subscription-based products and services on your WooCommerce store. With Chargely, you can easily set up recurring payment plans, manage subscriptions, and offer flexible billing options to your customers.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>This plugin is designed to work seamlessly with WooCommerce, so you can leverage all the benefits of this popular eCommerce platform while taking advantage of Chargely’s subscription management features. You can offer free trials, set custom billing intervals, and even allow customers to switch between plans or upgrade their subscriptions.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Chargely WooCommerce also offers a variety of payment options, including credit cards and PayPal, and integrates with popular payment gateways like Stripe and Braintree. You can also customize the subscription checkout process to match your branding and provide a seamless user experience.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Whether you’re selling software, digital content, or any other type of subscription-based product or service, Chargely WooCommerce makes it easy to manage your subscriptions and grow your recurring revenue. Try it today and start building a more profitable business!\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>What makes us stand out from other subscription apps?\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\n\u003Cp>\u003Cstrong>Capture recurring payments with automatic billing\u003C\u002Fstrong> – Leave the hassle of creating Recurring Infrastructure to us, Our Infrastructure will automatically charge your customer on subscription date and will update your WooCommerce in real time. Both you and your customers will get email notification through WooCommerce once the payment has been captured.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Save time and effort with an efficient Recurring Plugin\u003C\u002Fstrong> – With our 1-Click Plugin- you can enable the subscriptions for the entire product catalog or select only the products which should be enabled for subscription.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>We are PCI Level-1 Certified\u003C\u002Fstrong> – Hence you don’t need one* – Your customer’s card information is stored on secured and encrypted infrastructure.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Supports both one-time & subscription products together\u003C\u002Fstrong> – Now let your customers checkout for both One-Time and Subscription products all at the same time.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Customize and edit as per your needs\u003C\u002Fstrong> – Make any number of changes to your product anytime you want as you can manage multiple products and edit the information anytime, customization at any point is easy to do.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Tiered discounting & offer product trials\u003C\u002Fstrong> – Incentivize your subscribers to continue their subscriptions and reduce churn. This is an initiative to subscribe and save with our model. To further advance subscription from customers, we offer a free trial for them to get a feel of our product which in turn leads to a definite subscription.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Dunning management to reduce churn\u003C\u002Fstrong> – Our System automatically sends renewal links to the customers in case the card is expired or declined.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Manage different payments easily\u003C\u002Fstrong> – With our wide set of well renowned payment gateways, you can choose what works for you best.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Why Chargely?\u003C\u002Fh3>\n\u003Cp>Chargely is a reliable product built purely for subscriptions and recurring payments. It’s an incredibly flexible system which is super user-friendly and easy-to-use that helps you boost your revenue with a click of a button. Increase your customer loyalty and improve your cash flow with a strong subscription offering for your business.\u003C\u002Fp>\n\u003Ch4>SUPPORT\u003C\u002Fh4>\n\u003Cp>You can contact us if you have any questions regarding Chargely using the Support option on our site.\u003C\u002Fp>\n","Start your Subscription Business in minutes with Chargely. Chargely provides PCI Certified Payment page for your card processing. So that you don't need a PCI Certification.",878,"2023-05-20T07:23:00.000Z","6.2.9","5.9","7.2",[175,176,22,23,24],"payment","paypal","https:\u002F\u002Fchargely.com\u002Fplugins\u002Fwoocommerce","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fchargely-free-subscriptions-for-woocommerce.1.0.zip",{"attackSurface":180,"codeSignals":491,"taintFlows":578,"riskAssessment":749,"analyzedAt":762},{"hooks":181,"ajaxHandlers":442,"restRoutes":443,"shortcodes":444,"cronEvents":489,"entryPointCount":485,"unprotectedCount":29},[182,188,192,195,201,205,208,210,213,217,220,225,230,234,238,242,247,251,254,257,261,265,268,271,275,279,283,285,288,290,292,295,298,301,303,308,313,317,321,325,329,333,336,341,345,349,354,357,361,363,367,370,374,377,381,385,387,391,395,399,402,404,406,409,414,418,421,424,427,430,434,439],{"type":183,"name":184,"callback":185,"file":186,"line":187},"filter","auth_cookie_expiration","memberful_extend_auth_cookie_expiration","memberful-wp.php",116,{"type":183,"name":189,"callback":190,"file":191,"line":28},"mce_buttons","memberful_wp_register_editor_buttons","src\\admin\\editor.php",{"type":183,"name":193,"callback":194,"file":191,"line":151},"mce_external_plugins","memberful_wp_load_tinymce_extensions",{"type":196,"name":197,"callback":198,"file":199,"line":200},"action","admin_head","memberful_wp_announce_plans_and_download_in_head","src\\admin.php",7,{"type":196,"name":202,"callback":203,"file":199,"line":204},"admin_menu","memberful_wp_menu",8,{"type":196,"name":206,"callback":207,"file":199,"line":82},"admin_init","memberful_wp_register_options",{"type":196,"name":206,"callback":209,"file":199,"line":113},"memberful_wp_activation_redirect",{"type":196,"name":206,"callback":211,"file":199,"line":212},"memberful_wp_plugin_migrate_db",11,{"type":196,"name":214,"callback":215,"file":199,"line":216},"admin_enqueue_scripts","memberful_wp_admin_enqueue_scripts",12,{"type":183,"name":218,"callback":219,"priority":113,"file":199,"line":14},"display_post_states","memberful_wp_add_protected_state_to_post_list",{"type":183,"name":221,"callback":222,"priority":113,"file":223,"line":224},"authenticate","init","src\\authenticator.php",124,{"type":183,"name":226,"callback":227,"priority":228,"file":223,"line":229},"allow_password_reset","audit_password_reset",50,289,{"type":183,"name":231,"callback":232,"file":223,"line":233},"login_message","memberful_wp_display_check_account_message",290,{"type":183,"name":235,"callback":236,"priority":113,"file":223,"line":237},"wp_login","memberful_wp_link_accounts_if_appropriate",291,{"type":196,"name":239,"callback":240,"file":223,"line":241},"login_form","memberful_wp_add_nonce_check_to_login_form",292,{"type":196,"name":243,"callback":244,"file":245,"line":246},"enqueue_block_editor_assets","enqueue_assets","src\\block-editor.php",41,{"type":183,"name":248,"callback":249,"priority":113,"file":245,"line":250},"register_block_type_args","add_block_visibility_attributes",42,{"type":196,"name":252,"callback":252,"priority":113,"file":245,"line":253},"render_block",44,{"type":196,"name":206,"callback":255,"file":256,"line":216},"redirect_members_home","src\\block_dashboard_access.php",{"type":196,"name":258,"callback":259,"file":260,"line":28},"template_redirect","memberful_comments_protection_template_redirect","src\\comments_protection.php",{"type":183,"name":262,"callback":263,"priority":93,"file":260,"line":264},"comments_template","memberful_comments_protection_comments_template",15,{"type":196,"name":266,"callback":267,"priority":82,"file":260,"line":253},"do_feed_rss2","memberful_single_feed_comments_protection",{"type":196,"name":269,"callback":267,"priority":82,"file":260,"line":270},"do_feed_atom",45,{"type":183,"name":272,"callback":273,"priority":113,"file":260,"line":274},"comment_feed_where","memberful_comment_feed_cwhere_filter",106,{"type":196,"name":276,"callback":277,"priority":121,"file":278,"line":28},"the_content","memberful_wp_protect_content","src\\content_filter.php",{"type":183,"name":280,"callback":281,"file":278,"line":282},"rss_enclosure","__return_empty_string",33,{"type":183,"name":277,"callback":284,"file":278,"line":250},"wptexturize",{"type":183,"name":277,"callback":286,"file":278,"line":287},"convert_smilies",43,{"type":183,"name":277,"callback":289,"file":278,"line":253},"convert_chars",{"type":183,"name":277,"callback":291,"file":278,"line":270},"wpautop",{"type":183,"name":277,"callback":293,"file":278,"line":294},"shortcode_unautop",46,{"type":183,"name":277,"callback":296,"file":278,"line":297},"prepend_attachment",47,{"type":183,"name":277,"callback":299,"priority":264,"file":278,"line":300},"do_blocks",49,{"type":183,"name":277,"callback":302,"priority":212,"file":278,"line":228},"do_shortcode",{"type":183,"name":304,"callback":305,"priority":113,"file":306,"line":307},"advanced-ads-can-display-ad","disable_advanced_ads","src\\contrib\\ad-providers\\advanced-ads.php",61,{"type":196,"name":309,"callback":310,"priority":311,"file":312,"line":307},"wp_enqueue_scripts","disable_mediavine_ads",99,"src\\contrib\\ad-providers\\mediavine-ads.php",{"type":183,"name":314,"callback":315,"file":316,"line":246},"body_class","disable_ads_body_class","src\\contrib\\ad-providers\\raptive-ads.php",{"type":196,"name":222,"callback":318,"file":319,"line":320},"memberful_wp_ad_providers_init","src\\contrib\\ad-providers.php",22,{"type":196,"name":322,"callback":323,"file":319,"line":324},"memberful_ad_provider_register_providers","memberful_wp_ad_providers_register_providers",39,{"type":196,"name":326,"callback":327,"priority":63,"file":328,"line":28},"bbp_template_redirect","memberful_wp_regulate_access_to_bbpress","src\\contrib\\bbpress.php",{"type":183,"name":330,"callback":331,"priority":113,"file":332,"line":28},"elementor\u002Ffrontend\u002Fbuilder_content_data","closure","src\\contrib\\elementor.php",{"type":196,"name":334,"callback":277,"file":332,"line":335},"elementor\u002Ffrontend\u002Fthe_content",5,{"type":183,"name":337,"callback":338,"file":339,"line":340},"memberful_metabox_post_types","filter_learndash_subtypes","src\\contrib\\sfwd-learndash.php",18,{"type":183,"name":276,"callback":342,"priority":343,"file":339,"line":344},"protect_learndash_content",1001,19,{"type":183,"name":346,"callback":347,"priority":348,"file":339,"line":93},"comments_open","hide_comments_on_protected_content",200,{"type":196,"name":350,"callback":351,"priority":352,"file":353,"line":344},"woocommerce_single_product_summary","hide_add_to_cart_button",25,"src\\contrib\\woocommerce.php",{"type":183,"name":355,"callback":356,"priority":149,"file":353,"line":93},"woocommerce_add_to_cart_validation","block_cart_add",{"type":183,"name":358,"callback":359,"priority":93,"file":353,"line":360},"woocommerce_is_purchasable","is_purchasable",21,{"type":183,"name":276,"callback":362,"file":353,"line":320},"remove_erroneous_protection",{"type":196,"name":258,"callback":364,"priority":228,"file":365,"line":366},"handle_delivery","src\\contrib\\woothemes-sensei.php",28,{"type":196,"name":276,"callback":368,"file":365,"line":369},"single_lesson_special_content_filter",83,{"type":196,"name":371,"callback":372,"file":373,"line":28},"wp","memberful_disable_wp_ultimate_recipe_premium_content_filter","src\\contrib\\wp-ultimate-recipe-premium.php",{"type":196,"name":371,"callback":375,"file":376,"line":28},"memberful_disable_wp_ultimate_recipe_content_filter","src\\contrib\\wp-ultimate-recipe.php",{"type":183,"name":378,"callback":379,"file":380,"line":82},"allowed_redirect_hosts","memberful_wp_allowed_hosts","src\\core-ext.php",{"type":196,"name":382,"callback":383,"file":384,"line":204},"memberful_wp_cron_sync","memberful_wp_cron_sync_users","src\\cron.php",{"type":196,"name":382,"callback":386,"file":384,"line":82},"memberful_wp_cron_sync_entities",{"type":196,"name":388,"callback":389,"file":390,"line":28},"wp_head","memberful_wp_render_embed","src\\embed.php",{"type":196,"name":392,"callback":393,"file":394,"line":14},"wp_loaded","memberful_wp_endpoint_filter","src\\endpoints.php",{"type":183,"name":396,"callback":397,"file":398,"line":149},"wp_get_nav_menu_items","filter_account_links","src\\filter_account_menu_items.php",{"type":183,"name":277,"callback":400,"priority":63,"file":401,"line":204},"memberful_apply_global_snippets_content_filter","src\\global_marketing.php",{"type":183,"name":277,"callback":403,"priority":63,"file":401,"line":113},"memberful_get_global_replacement",{"type":196,"name":276,"callback":277,"file":401,"line":405},53,{"type":196,"name":222,"callback":407,"file":408,"line":204},"filter_admin_toolbar","src\\hide_admin_toolbar.php",{"type":196,"name":410,"callback":411,"priority":412,"file":413,"line":151},"wp_logout","memberful_wp_ensure_user_logged_out_of_memberful",5000,"src\\logout_hooks.php",{"type":196,"name":415,"callback":416,"file":417,"line":28},"add_meta_boxes","memberful_wp_add_metabox","src\\metabox.php",{"type":196,"name":419,"callback":420,"file":417,"line":151},"save_post","memberful_wp_save_postdata",{"type":196,"name":422,"callback":423,"priority":113,"file":417,"line":216},"registered_taxonomy","memberful_setup_taxonomy_hooks",{"type":196,"name":202,"callback":425,"file":426,"line":28},"memberful_add_nav_menu_items","src\\nav_menus.php",{"type":196,"name":222,"callback":428,"file":429,"line":216},"memberful_private_user_feed_init","src\\private_user_feed.php",{"type":196,"name":431,"callback":432,"file":433,"line":28},"pre_get_posts","memberful_wp_protect_search","src\\search_filter.php",{"type":196,"name":435,"callback":436,"file":437,"line":438},"widgets_init","memberful_wp_register_wp_profile_widget","src\\widgets.php",96,{"type":196,"name":309,"callback":440,"file":437,"line":441},"memberful_wp_add_stylesheet_if_action",130,[],[],[445,448,451,454,457,461,464,467,470,473,476,479,482,486],{"tag":7,"callback":446,"file":447,"line":79},"memberful_wp_shortcode","src\\shortcodes.php",{"tag":449,"callback":450,"file":447,"line":28},"memberful_account_link","memberful_wp_shortcode_account_link",{"tag":452,"callback":453,"file":447,"line":151},"memberful_buy_download_link","memberful_wp_shortcode_buy_download_link",{"tag":455,"callback":456,"file":447,"line":335},"memberful_buy_gift_link","memberful_wp_shortcode_buy_gift_link",{"tag":458,"callback":459,"file":447,"line":460},"memberful_buy_subscription_link","memberful_wp_shortcode_buy_subscription_link",6,{"tag":462,"callback":463,"file":447,"line":200},"memberful_download_link","memberful_wp_shortcode_download_link",{"tag":465,"callback":466,"file":447,"line":204},"memberful_private_rss_feed_link","memberful_wp_shortcode_private_user_feed_link",{"tag":468,"callback":469,"file":447,"line":82},"memberful_register_link","memberful_wp_shortcode_register_link",{"tag":471,"callback":472,"file":447,"line":113},"memberful_sign_in_link","memberful_wp_shortcode_sign_in_link",{"tag":474,"callback":475,"file":447,"line":212},"memberful_sign_out_link","memberful_wp_shortcode_sign_out_link",{"tag":477,"callback":478,"file":447,"line":216},"memberful_podcasts_link","memberful_wp_shortcode_feeds_link",{"tag":480,"callback":481,"file":447,"line":14},"memberful_podcast_url","memberful_wp_shortcode_feed_url",{"tag":483,"callback":484,"file":447,"line":485},"memberful_if_has_active_subscription","memberful_wp_shortcode_if_has_active_subscription",14,{"tag":487,"callback":488,"file":447,"line":264},"memberful_if_does_not_have_active_subscription","memberful_wp_shortcode_if_does_not_have_active_subscription",[490],{"hook":382,"callback":382,"file":384,"line":151},{"dangerousFunctions":492,"sqlUsage":493,"outputEscaping":519,"fileOperations":79,"externalRequests":335,"nonceChecks":63,"capabilityChecks":113,"bundledLibraries":574},[],{"prepared":344,"raw":113,"locations":494},[495,498,501,502,503,505,507,511,513,517],{"file":199,"line":496,"context":497},24,"$wpdb->query() with variable interpolation",{"file":199,"line":499,"context":500},38,"$wpdb->get_results() with variable interpolation",{"file":199,"line":246,"context":497},{"file":199,"line":300,"context":497},{"file":199,"line":504,"context":497},60,{"file":199,"line":506,"context":500},178,{"file":508,"line":509,"context":510},"src\\user\\map.php",256,"$wpdb->get_col() with variable interpolation",{"file":508,"line":512,"context":510},264,{"file":514,"line":515,"context":516},"src\\user\\map_stats.php",29,"$wpdb->get_var() with variable interpolation",{"file":514,"line":518,"context":500},35,{"escaped":520,"rawEcho":324,"locations":521},204,[522,525,527,529,530,531,532,533,534,535,536,537,538,539,540,541,542,543,544,545,546,547,548,550,552,555,557,558,560,562,564,565,566,567,568,569,570,571,572],{"file":353,"line":523,"context":524},52,"raw output",{"file":526,"line":149,"context":524},"src\\endpoints\\debug.php",{"file":528,"line":151,"context":524},"views\\debug.php",{"file":528,"line":93,"context":524},{"file":528,"line":93,"context":524},{"file":528,"line":93,"context":524},{"file":528,"line":93,"context":524},{"file":528,"line":93,"context":524},{"file":528,"line":250,"context":524},{"file":528,"line":228,"context":524},{"file":528,"line":228,"context":524},{"file":528,"line":405,"context":524},{"file":528,"line":405,"context":524},{"file":528,"line":405,"context":524},{"file":528,"line":504,"context":524},{"file":528,"line":504,"context":524},{"file":528,"line":504,"context":524},{"file":528,"line":504,"context":524},{"file":528,"line":159,"context":524},{"file":528,"line":159,"context":524},{"file":528,"line":159,"context":524},{"file":528,"line":159,"context":524},{"file":549,"line":204,"context":524},"views\\embed.js.php",{"file":551,"line":79,"context":524},"views\\js_vars.php",{"file":553,"line":554,"context":524},"views\\metabox.php",16,{"file":556,"line":287,"context":524},"views\\private_user_feed_content.php",{"file":556,"line":438,"context":524},{"file":556,"line":559,"context":524},107,{"file":556,"line":561,"context":524},113,{"file":563,"line":63,"context":524},"views\\profile_widget.php",{"file":563,"line":28,"context":524},{"file":563,"line":28,"context":524},{"file":563,"line":28,"context":524},{"file":563,"line":200,"context":524},{"file":563,"line":113,"context":524},{"file":563,"line":216,"context":524},{"file":563,"line":554,"context":524},{"file":563,"line":340,"context":524},{"file":573,"line":113,"context":524},"views\\setup.php",[575],{"name":576,"version":38,"knownCves":577},"TinyMCE",[],[579,597,605,633,666,684,694,736],{"entryPoint":580,"graph":581,"unsanitizedCount":63,"severity":41},"init (src\\authenticator.php:72)",{"nodes":582,"edges":594},[583,588],{"id":584,"type":585,"label":586,"file":223,"line":587},"n0","source","$_REQUEST",114,{"id":589,"type":590,"label":591,"file":223,"line":592,"wp_function":593},"n1","sink","wp_redirect() [Open Redirect]",118,"wp_redirect",[595],{"from":584,"to":589,"sanitized":596},false,{"entryPoint":598,"graph":599,"unsanitizedCount":63,"severity":41},"\u003Cauthenticator> (src\\authenticator.php:0)",{"nodes":600,"edges":603},[601,602],{"id":584,"type":585,"label":586,"file":223,"line":587},{"id":589,"type":590,"label":591,"file":223,"line":592,"wp_function":593},[604],{"from":584,"to":589,"sanitized":596},{"entryPoint":606,"graph":607,"unsanitizedCount":28,"severity":632},"memberful_wp_advanced_settings (src\\admin.php:381)",{"nodes":608,"edges":628},[609,612,616,620,624],{"id":584,"type":585,"label":610,"file":199,"line":611},"$_POST (x2)",400,{"id":589,"type":590,"label":613,"file":199,"line":614,"wp_function":615},"update_option() [Settings Manipulation]",409,"update_option",{"id":617,"type":585,"label":618,"file":199,"line":619},"n2","$_POST",423,{"id":621,"type":622,"label":623,"file":199,"line":619},"n3","transform","→ memberful_wp_set_use_per_plan_roles()",{"id":625,"type":590,"label":613,"file":626,"line":627,"wp_function":615},"n4","src\\roles.php",137,[629,630,631],{"from":584,"to":589,"sanitized":596},{"from":617,"to":621,"sanitized":596},{"from":621,"to":625,"sanitized":596},"low",{"entryPoint":634,"graph":635,"unsanitizedCount":28,"severity":632},"memberful_wp_protect_bbpress (src\\admin.php:566)",{"nodes":636,"edges":659},[637,639,641,643,645,647,650,653,656],{"id":584,"type":585,"label":618,"file":199,"line":638},604,{"id":589,"type":622,"label":640,"file":199,"line":638},"→ memberful_wp_bbpress_update_required_downloads()",{"id":617,"type":590,"label":613,"file":328,"line":642,"wp_function":615},77,{"id":621,"type":585,"label":618,"file":199,"line":644},605,{"id":625,"type":622,"label":646,"file":199,"line":644},"→ memberful_wp_bbpress_update_required_subscription_plans()",{"id":648,"type":590,"label":613,"file":328,"line":649,"wp_function":615},"n5",81,{"id":651,"type":585,"label":618,"file":199,"line":652},"n6",606,{"id":654,"type":622,"label":655,"file":199,"line":652},"n7","→ memberful_wp_bbpress_update_send_unauthorized_users_to_url()",{"id":657,"type":590,"label":613,"file":328,"line":658,"wp_function":615},"n8",93,[660,661,662,663,664,665],{"from":584,"to":589,"sanitized":596},{"from":589,"to":617,"sanitized":596},{"from":621,"to":625,"sanitized":596},{"from":625,"to":648,"sanitized":596},{"from":651,"to":654,"sanitized":596},{"from":654,"to":657,"sanitized":596},{"entryPoint":667,"graph":668,"unsanitizedCount":79,"severity":632},"memberful_wp_private_rss_feed_settings (src\\admin.php:640)",{"nodes":669,"edges":680},[670,672,674,676,678],{"id":584,"type":585,"label":618,"file":199,"line":671},646,{"id":589,"type":590,"label":613,"file":199,"line":673,"wp_function":615},649,{"id":617,"type":585,"label":618,"file":199,"line":675},648,{"id":621,"type":622,"label":677,"file":199,"line":675},"→ memberful_private_user_feed_settings_set_required_plan()",{"id":625,"type":590,"label":613,"file":429,"line":679,"wp_function":615},129,[681,682,683],{"from":584,"to":589,"sanitized":596},{"from":617,"to":621,"sanitized":596},{"from":621,"to":625,"sanitized":596},{"entryPoint":685,"graph":686,"unsanitizedCount":63,"severity":632},"memberful_wp_ad_provider_settings (src\\admin.php:721)",{"nodes":687,"edges":692},[688,690],{"id":584,"type":585,"label":618,"file":199,"line":689},727,{"id":589,"type":590,"label":613,"file":199,"line":691,"wp_function":615},731,[693],{"from":584,"to":589,"sanitized":596},{"entryPoint":695,"graph":696,"unsanitizedCount":82,"severity":632},"\u003Cadmin> (src\\admin.php:0)",{"nodes":697,"edges":724},[698,700,701,702,703,704,705,706,707,708,710,712,714,716,718,720,722],{"id":584,"type":585,"label":699,"file":199,"line":611},"$_POST (x4)",{"id":589,"type":590,"label":613,"file":199,"line":614,"wp_function":615},{"id":617,"type":585,"label":618,"file":199,"line":619},{"id":621,"type":622,"label":623,"file":199,"line":619},{"id":625,"type":590,"label":613,"file":626,"line":627,"wp_function":615},{"id":648,"type":585,"label":618,"file":199,"line":638},{"id":651,"type":622,"label":640,"file":199,"line":638},{"id":654,"type":590,"label":613,"file":328,"line":642,"wp_function":615},{"id":657,"type":585,"label":618,"file":199,"line":644},{"id":709,"type":622,"label":646,"file":199,"line":644},"n9",{"id":711,"type":590,"label":613,"file":328,"line":649,"wp_function":615},"n10",{"id":713,"type":585,"label":618,"file":199,"line":652},"n11",{"id":715,"type":622,"label":655,"file":199,"line":652},"n12",{"id":717,"type":590,"label":613,"file":328,"line":658,"wp_function":615},"n13",{"id":719,"type":585,"label":618,"file":199,"line":675},"n14",{"id":721,"type":622,"label":677,"file":199,"line":675},"n15",{"id":723,"type":590,"label":613,"file":429,"line":679,"wp_function":615},"n16",[725,726,727,728,729,730,731,732,733,734,735],{"from":584,"to":589,"sanitized":596},{"from":617,"to":621,"sanitized":596},{"from":621,"to":625,"sanitized":596},{"from":648,"to":651,"sanitized":596},{"from":651,"to":654,"sanitized":596},{"from":657,"to":709,"sanitized":596},{"from":709,"to":711,"sanitized":596},{"from":713,"to":715,"sanitized":596},{"from":715,"to":717,"sanitized":596},{"from":719,"to":721,"sanitized":596},{"from":721,"to":723,"sanitized":596},{"entryPoint":737,"graph":738,"unsanitizedCount":29,"severity":632},"\u003Cbulk_protect> (views\\bulk_protect.php:0)",{"nodes":739,"edges":746},[740,743],{"id":584,"type":585,"label":741,"file":742,"line":212},"$_GET['error']","views\\bulk_protect.php",{"id":589,"type":590,"label":744,"file":742,"line":212,"wp_function":745},"echo() [XSS]","echo",[747],{"from":584,"to":589,"sanitized":748},true,{"summary":750,"deductions":751},"The static analysis of memberful-wp v1.78.0 reveals a mixed security posture. On the positive side, the plugin demonstrates good practices by having a substantial number of capability checks and a high percentage of SQL queries using prepared statements and properly escaped outputs. There are no directly identified critical or high severity issues in the current code analysis, such as dangerous functions or critical taint flows. The absence of unprotected entry points further strengthens its security framework. However, there are some areas that warrant attention. A significant portion of taint flows (7 out of 8) involve unsanitized paths, which, although not rated as critical or high in this analysis, could still represent potential avenues for unexpected behavior or security weaknesses if exploited in conjunction with other factors. The presence of file operations and external HTTP requests, while not inherently insecure, always introduces a degree of risk that needs careful management. The plugin's vulnerability history indicates a pattern of medium severity issues, including missing authorization, information exposure, and cross-site scripting, with the last vulnerability occurring relatively recently. While there are currently no unpatched vulnerabilities, this history suggests a need for continued vigilance and robust security testing.  Overall, the plugin has a solid foundation in secure coding practices, but the unsanitized path flows and historical vulnerability types highlight areas for ongoing improvement and risk mitigation.",[752,754,756,758,760],{"reason":753,"points":204},"Flows with unsanitized paths found",{"reason":755,"points":264},"Medium severity vulnerabilities in history",{"reason":757,"points":28},"File operations present",{"reason":759,"points":28},"External HTTP requests present",{"reason":761,"points":335},"Nonce checks only present once","2026-03-16T19:05:23.506Z",{"wat":764,"direct":785},{"assetPaths":765,"generatorPatterns":774,"scriptPaths":775,"versionParams":776},[766,767,768,769,770,771,772,773],"\u002Fwp-content\u002Fplugins\u002Fmemberful-wp\u002Fadmin.css","\u002Fwp-content\u002Fplugins\u002Fmemberful-wp\u002Fadmin.js","\u002Fwp-content\u002Fplugins\u002Fmemberful-wp\u002Fassets\u002Fcss\u002Fmemberful-admin.css","\u002Fwp-content\u002Fplugins\u002Fmemberful-wp\u002Fassets\u002Fcss\u002Fmemberful-editor.css","\u002Fwp-content\u002Fplugins\u002Fmemberful-wp\u002Fassets\u002Fjs\u002Fmemberful-admin.js","\u002Fwp-content\u002Fplugins\u002Fmemberful-wp\u002Fassets\u002Fjs\u002Fmemberful-editor.js","\u002Fwp-content\u002Fplugins\u002Fmemberful-wp\u002Fassets\u002Fjs\u002Fmemberful-gutenberg.js","\u002Fwp-content\u002Fplugins\u002Fmemberful-wp\u002Fassets\u002Fjs\u002Fmemberful-react.js",[],[767,770,771,772,773],[777,778,779,780,781,782,783,784],"memberful-wp\u002Fadmin.css?ver=","memberful-wp\u002Fadmin.js?ver=","memberful-wp\u002Fassets\u002Fcss\u002Fmemberful-admin.css?ver=","memberful-wp\u002Fassets\u002Fcss\u002Fmemberful-editor.css?ver=","memberful-wp\u002Fassets\u002Fjs\u002Fmemberful-admin.js?ver=","memberful-wp\u002Fassets\u002Fjs\u002Fmemberful-editor.js?ver=","memberful-wp\u002Fassets\u002Fjs\u002Fmemberful-gutenberg.js?ver=","memberful-wp\u002Fassets\u002Fjs\u002Fmemberful-react.js?ver=",{"cssClasses":786,"htmlComments":796,"htmlAttributes":799,"restEndpoints":805,"jsGlobals":808,"shortcodeOutput":810},[787,788,789,790,791,792,793,794,795],"memberful-admin-wrap","memberful-connection-form","memberful-plans-list","memberful-plan-row","memberful-account-menu-item","memberful-account-menu","memberful-shortcode-button","memberful-button","memberful-embed-container",[797,798],"\u003C!-- memberful_embed_start -->","\u003C!-- memberful_embed_end -->",[800,801,802,803,804],"data-memberful-key","data-memberful-plan-id","data-memberful-account-page-url","data-memberful-embed","data-memberful-url",[806,807],"\u002Fwp-json\u002Fmemberful\u002Fv1\u002Fsettings","\u002Fwp-json\u002Fmemberful\u002Fv1\u002Fplans",[7,809],"Memberful",[811,812,813,814,815],"[memberful_plans]","[memberful_buy_button]","[memberful_account_link]","[memberful_subscribe_form]","[memberful_login_form]"]