WP-Safety

Memberstack – Member Management & Content Protection Security & Risk Analysis

wordpress.org/plugins/memberstack

Transform your WordPress site into a premium membership platform. Create members-only content and manage subscriptions with ease.

100 active installs v1.3.1 PHP 7.4+ WP 6.7+ Updated Mar 3, 2026
content-protectionmembershipsocial-loginsubscription-managementuser-authentication
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Memberstack – Member Management & Content Protection Safe to Use in 2026?

Generally Safe

Score 100/100

Memberstack – Member Management & Content Protection has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 2mo ago
Risk Assessment

Based on the static analysis and vulnerability history, the MemberStack plugin v1.3.1 exhibits a strong security posture. The plugin demonstrates good security practices by implementing proper nonce and capability checks on its entry points, which are crucial for preventing unauthorized actions. The absence of dangerous functions and the use of prepared statements for all SQL queries further indicate a commitment to secure coding. Furthermore, the fact that there are no recorded vulnerabilities, critical or otherwise, suggests a well-maintained and thoroughly tested codebase.

While the plugin shows many strengths, there are minor areas for potential improvement. The presence of a file operation and external HTTP requests, although not flagged as problematic in the static analysis, could be areas of concern if not handled with utmost care. A high percentage of properly escaped output (95%) is good, but the remaining 5% represents a potential, albeit small, risk of cross-site scripting (XSS) vulnerabilities. The absence of taint analysis results is noteworthy; while it could mean no issues were found, a more comprehensive taint analysis might offer deeper assurance.

Overall, MemberStack v1.3.1 appears to be a secure plugin. Its lack of historical vulnerabilities and the implementation of robust security checks in its code are significant positive indicators. The minor areas for vigilance, such as careful handling of file operations and external requests, and further scrutiny of the unescaped output, are standard considerations for any plugin. The plugin's current state is very good, with minimal apparent risks.

Key Concerns

  • Unescaped output exists (5% of total outputs)
  • File operation present in code
  • External HTTP requests present (14 total)
Vulnerabilities
None known

Memberstack – Member Management & Content Protection Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Version History

Memberstack – Member Management & Content Protection Release Timeline

v1.3.1Current
v1.3.0
v1.2.9
v1.2.8
v1.2.7
v1.2.6
v1.2.5
v1.2.4
v1.2.3
v1.2.2
v1.2.1
v1.2.0
v1.1.9
v1.1.8
v1.1.7
v1.1.6
v1.1.5
v1.1.4
v1.1.3
v1.1.2
Code Analysis
Analyzed Mar 16, 2026

Memberstack – Member Management & Content Protection Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
2 prepared
Unescaped Output
29
612 escaped
Nonce Checks
1
Capability Checks
5
File Operations
1
External Requests
14
Bundled Libraries
0

SQL Query Safety

100% prepared2 total queries

Output Escaping

95% escaped641 total outputs
Attack Surface

Memberstack – Member Management & Content Protection Attack Surface

Entry Points8
Unprotected0

AJAX Handlers 1

authwp_ajax_memberstack_refresh_gated_contentincludes\class-memberstack-settings.php:89

Shortcodes 7

[memberstack_content] includes\class-memberstack-content.php:106
[memberstack_login] includes\class-memberstack-shortcodes.php:51
[memberstack_signup] includes\class-memberstack-shortcodes.php:52
[memberstack_modal] includes\class-memberstack-shortcodes.php:53
[memberstack_logout] includes\class-memberstack-shortcodes.php:54
[memberstack_protected] includes\class-memberstack-shortcodes.php:55
[memberstack_member] includes\class-memberstack-shortcodes.php:56
WordPress Hooks 69
actioninitaddons\bricks\class-memberstack-bricks-addon.php:27
filterbricks/builder/i18naddons\bricks\class-memberstack-bricks-addon.php:30
actionwp_enqueue_scriptsaddons\bricks\class-memberstack-bricks-addon.php:33
actionwpaddons\bricks\class-memberstack-bricks-addon.php:36
filterbricks/dynamic_tags_listaddons\bricks\dynamic-data\class-memberstack-bricks-dynamic-data.php:25
filterbricks/dynamic_data/render_tagaddons\bricks\dynamic-data\class-memberstack-bricks-dynamic-data.php:26
filterbricks/dynamic_data/render_contentaddons\bricks\dynamic-data\class-memberstack-bricks-dynamic-data.php:27
filterbricks/dynamic_data/providersaddons\bricks\dynamic-data\class-memberstack-bricks-dynamic-data.php:28
actioninitaddons\cornerstone\class-memberstack-cornerstone-addon.php:26
actionwp_enqueue_scriptsaddons\cornerstone\class-memberstack-cornerstone-addon.php:29
filtermemberstack_addon_error_message_cornerstoneaddons\cornerstone\class-memberstack-cornerstone-addon.php:32
actioncs_register_elementsaddons\cornerstone\includes\class-cornerstone-integration.php:17
actioninitaddons\cornerstone\includes\class-cornerstone-integration.php:18
actionwp_loadedaddons\cornerstone\includes\class-cornerstone-integration.php:19
actioncornerstone_loadedaddons\cornerstone\includes\class-cornerstone-integration.php:20
filtercornerstone_icon_mapaddons\cornerstone\includes\class-cornerstone-integration.php:23
actioncs_dynamic_content_setupaddons\cornerstone\includes\class-cornerstone-integration.php:26
actionwp_enqueue_scriptsaddons\cornerstone\includes\class-cornerstone-integration.php:29
actionadmin_enqueue_scriptsaddons\cornerstone\includes\class-cornerstone-integration.php:30
actionet_builder_framework_loadedaddons\divi\class-memberstack-divi-addon.php:35
filteret_builder_module_pathsaddons\divi\class-memberstack-divi-addon.php:38
actionwp_enqueue_scriptsaddons\divi\class-memberstack-divi-addon.php:41
actionet_builder_readyaddons\divi\class-memberstack-divi-addon.php:44
filteret_builder_module_general_fieldsaddons\divi\class-memberstack-divi-addon.php:50
filteret_module_shortcode_outputaddons\divi\class-memberstack-divi-addon.php:53
actionelementor/elements/categories_registeredaddons\elementor\class-memberstack-elementor-addon.php:51
actionelementor/widgets/registeraddons\elementor\class-memberstack-elementor-addon.php:54
actionelementor/frontend/after_enqueue_stylesaddons\elementor\class-memberstack-elementor-addon.php:57
actionelementor/frontend/after_enqueue_scriptsaddons\elementor\class-memberstack-elementor-addon.php:58
actionelementor/dynamic_tags/registeraddons\elementor\class-memberstack-elementor-addon.php:61
actionelementor/element/container/section_layout/after_section_endaddons\elementor\widgets\class-memberstack-gated-content-container-extension-widget.php:50
actionelementor/frontend/container/before_renderaddons\elementor\widgets\class-memberstack-gated-content-container-extension-widget.php:53
actioninitaddons\gutenberg\class-memberstack-gutenberg-addon.php:107
filterblock_categories_alladdons\gutenberg\class-memberstack-gutenberg-addon.php:108
actionenqueue_block_editor_assetsaddons\gutenberg\class-memberstack-gutenberg-addon.php:111
filterrender_blockaddons\gutenberg\class-memberstack-gutenberg-addon.php:114
filterwpforms_form_settings_panelsaddons\wpforms\class-memberstack-wpforms-addon.php:31
filterwpforms_builder_stringsaddons\wpforms\class-memberstack-wpforms-addon.php:32
filterwpforms_builder_fields_buttonsaddons\wpforms\class-memberstack-wpforms-addon.php:35
actionwpforms_loadedaddons\wpforms\class-memberstack-wpforms-addon.php:38
filterwpforms_frontend_form_dataaddons\wpforms\class-memberstack-wpforms-addon.php:41
filterwpforms_frontend_form_attsaddons\wpforms\class-memberstack-wpforms-addon.php:42
actionplugins_loadedaddons\wpforms\class-memberstack-wpforms-loader.php:101
actionadmin_enqueue_scriptsaddons\wpforms\class-memberstack-wpforms-loader.php:102
actionadmin_initincludes\class-memberstack-addons.php:113
actionplugins_loadedincludes\class-memberstack-addons.php:114
actionadmin_enqueue_scriptsincludes\class-memberstack-addons.php:115
actionmemberstack_activate_addonincludes\class-memberstack-addons.php:118
actionmemberstack_deactivate_addonincludes\class-memberstack-addons.php:119
filterrender_blockincludes\class-memberstack-blocks.php:69
filterblock_type_metadataincludes\class-memberstack-blocks.php:70
filterrender_block_dataincludes\class-memberstack-content.php:102
filterno_texturize_shortcodesincludes\class-memberstack-content.php:111
actiontemplate_redirectincludes\class-memberstack-security.php:65
filterwp_kses_allowed_htmlincludes\class-memberstack-security.php:66
actionadmin_menuincludes\class-memberstack-settings.php:86
actionadmin_initincludes\class-memberstack-settings.php:87
actionadmin_enqueue_scriptsincludes\class-memberstack-settings.php:88
filterno_texturize_shortcodesincludes\class-memberstack-shortcodes.php:60
actionwp_enqueue_scriptsincludes\class-memberstack-shortcodes.php:63
actioninitmemberstack.php:76
actionadmin_noticesmemberstack.php:89
actionadmin_noticesmemberstack.php:95
actionwp_headmemberstack.php:147
actionplugins_loadedmemberstack.php:148
actionadmin_noticesmemberstack.php:149
actioninitmemberstack.php:151
filterbricks/elements/form/control_groupsmemberstack.php:156
filterscript_loader_tagmemberstack.php:234
Maintenance & Trust

Memberstack – Member Management & Content Protection Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedMar 3, 2026
PHP min version7.4
Downloads3K

Community Trust

Rating100/100
Number of ratings24
Active installs100
Alternatives

Memberstack – Member Management & Content Protection Alternatives

WP Content Protection

WP Content Protection

wp-content-protection

C
63

WP Content Protection plugin is used to protect the content.No membership required for this protection.

80 1 unpatched
MC Professional Authentication and User Sync

MC Professional Authentication and User Sync

memberclicks-professional-authentication

A
92

Provides SSO (Single Sign-On) with MemberClicks Professional to restrict content based on member group. Sync user records for consistent access.

20 No CVEs
Stitchz Social Login

Stitchz Social Login

stitchz-social-login

A
85

The Stitchz Social Login plugin adds the option to authenticate with one or more of the 22+ social identities providers supported by Stitchz.

10 No CVEs
ArraySubs – Subscription Manager for WooCommerce

ArraySubs – Subscription Manager for WooCommerce

arraysubs

A
100

Subscriptions manager with recurring billing, self-service customer portal and membership restrictions for WooCommerce.

0 No CVEs
CRM Memberships

CRM Memberships

crm-memberships

C
66

WordPress plugin for content protection, membership management, and CRM integration. Create courses, restrict content, and integrate with CRMs.

0 1 unpatched
Developer Profile

Memberstack – Member Management & Content Protection Developer Profile

Josh

1 plugin · 100 total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Memberstack – Member Management & Content Protection

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/memberstack/assets/css/memberstack-settings.css/wp-content/plugins/memberstack/assets/js/memberstack-settings.js/wp-content/plugins/memberstack/assets/js/memberstack-addons.js
Script Paths
https://static.memberstack.com/scripts/v1/memberstack.js
Version Parameters
memberstack-script?ver=

HTML / DOM Fingerprints

CSS Classes
memberstack-settings-formmemberstack-gated-content
HTML Comments
<!-- Memberstack gated content start --><!-- Memberstack gated content end -->
Data Attributes
data-memberstack-app-id
JS Globals
window.MemberStack
Shortcode Output
[memberstack_gated]
FAQ

Frequently Asked Questions about Memberstack – Member Management & Content Protection