Does MIPL WP User Forms have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is MIPL WP User Forms compatible with WordPress 6.8.5?

According to WordPress.org data, MIPL WP User Forms 1.1.0 has been tested up to WordPress 6.8.5. Check the plugin's changelog for the latest compatibility information.

Is MIPL WP User Forms compatible with PHP 7.4+?

MIPL WP User Forms requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is MIPL WP User Forms updated?

MIPL WP User Forms was last updated on Oct 24, 2025. Frequent updates are generally a positive security signal.

What is MIPL WP User Forms's security score?

MIPL WP User Forms has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

MIPL WP User Forms Security & Risk Analysis

wordpress.org/plugins/mipl-wp-user-forms

Create custom WordPress login & registration forms on the front-end for any user role. Secure with reCAPTCHA, extend with 2FA, social logins, impo …

0 active installs v1.1.0 PHP 7.4+ WP 5.1+ Updated Oct 24, 2025

2facustom-rolesloginregistrationuser-forms

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is MIPL WP User Forms Safe to Use in 2026?

Generally Safe

Score 100/100

MIPL WP User Forms has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 6mo ago

Risk Assessment

The mipl-wp-user-forms plugin v1.1.0 exhibits a generally good security posture, with no known vulnerabilities or CVEs recorded. The static analysis reveals several positive security practices, including 100% use of prepared statements for SQL queries and a high percentage (87%) of properly escaped outputs. The presence of nonce and capability checks, though limited, also indicates some awareness of security principles. The attack surface is entirely protected by authentication, which is a significant strength.

However, the analysis does flag two instances of dangerous function usage, specifically `unserialize`. While the taint analysis didn't identify critical or high severity flows originating from these, the potential for deserialization vulnerabilities exists, especially if the data being unserialized comes from user input without proper validation. The five unsanitized paths in the taint analysis also warrant attention, as they could lead to vulnerabilities if not adequately handled downstream, despite not currently being classified as critical.

In conclusion, this version of the plugin is relatively secure due to its lack of historical vulnerabilities and robust handling of database queries and output escaping. The main areas of concern revolve around the potential risks associated with `unserialize` and the identified unsanitized paths, which could become attack vectors in future or more complex scenarios.

Key Concerns

Dangerous function 'unserialize' used
Flows with unsanitized paths found

Vulnerabilities

None known

MIPL WP User Forms Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

MIPL WP User Forms Release Timeline

v1.1.0Current

v1.0.1

Code Analysis

Analyzed Apr 6, 2026

MIPL WP User Forms Code Analysis

Dangerous Functions

Raw SQL Queries

4 prepared

Unescaped Output

546 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Dangerous Functions Found

unserialize$wp_capabilities = unserialize($user_meta[$meta_field][$key]);inc/lib-mipluf-common.php:242

unserialize$user_meta[$meta_field][$key] = json_encode(unserialize($user_meta[$meta_field][$key]));inc/lib-mipluf-common.php:249

SQL Query Safety

100% prepared4 total queries

Output Escaping

87% escaped629 total outputs

Data Flows · Security

5 unsanitized

Data Flow Analysis

8 flows5 with unsanitized paths

<mipluf-class-social-media-logins> (inc/mipluf-class-social-media-logins.php:0)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

MIPL WP User Forms Attack Surface

Entry Points9

Unprotected0

Shortcodes 9

[mipluf_login_button] mipl-wp-user-forms.php:69

[mipluf_login_registration_button] mipl-wp-user-forms.php:70

[mipluf_login_form] mipl-wp-user-forms.php:71

[mipluf_user_login_links] mipl-wp-user-forms.php:72

[mipluf_registration_form] mipl-wp-user-forms.php:73

[mipluf_login_registration_form] mipl-wp-user-forms.php:74

[mipluf_form_field] mipl-wp-user-forms.php:75

[mipluf_recaptcha] mipl-wp-user-forms.php:76

[mipluf_google_login_button] mipl-wp-user-forms.php:77

WordPress Hooks 51

actioninitmipl-wp-user-forms.php:53

actionadmin_initmipl-wp-user-forms.php:54

actionwp_headmipl-wp-user-forms.php:62

actionadmin_headmipl-wp-user-forms.php:63

actionwp_enqueue_scriptsmipl-wp-user-forms.php:64

actioninitmipl-wp-user-forms.php:82

actionadmin_menumipl-wp-user-forms.php:89

actionadd_meta_boxesmipl-wp-user-forms.php:90

actionmanage_registration_forms_posts_columnsmipl-wp-user-forms.php:91

actionmanage_registration_forms_posts_custom_columnmipl-wp-user-forms.php:92

actionsave_postmipl-wp-user-forms.php:93

actionedit_form_after_titlemipl-wp-user-forms.php:94

filterwp_insert_post_datamipl-wp-user-forms.php:95

actionadmin_footermipl-wp-user-forms.php:96

actionedit_user_profilemipl-wp-user-forms.php:97

actionedit_user_profile_updatemipl-wp-user-forms.php:98

actionadmin_noticesmipl-wp-user-forms.php:99

actionadmin_enqueue_scriptsmipl-wp-user-forms.php:101

actioninitmipl-wp-user-forms.php:107

actioninitmipl-wp-user-forms.php:112

actioninitmipl-wp-user-forms.php:120

actionadmin_menumipl-wp-user-forms.php:125

actionadmin_initmipl-wp-user-forms.php:132

actionadmin_initmipl-wp-user-forms.php:137

actioninitmipl-wp-user-forms.php:152

actioninitmipl-wp-user-forms.php:157

actioninitmipl-wp-user-forms.php:162

actioninitmipl-wp-user-forms.php:167

actionlogin_formmipl-wp-user-forms.php:175

actioninitmipl-wp-user-forms.php:180

actioninitmipl-wp-user-forms.php:187

filterquery_varsmipl-wp-user-forms.php:188

actiontemplate_redirectmipl-wp-user-forms.php:189

actioninitmipl-wp-user-forms.php:194

actioninitmipl-wp-user-forms.php:200

actioninitmipl-wp-user-forms.php:206

actionafter_password_resetmipl-wp-user-forms.php:211

actioninitmipl-wp-user-forms.php:215

actioninitmipl-wp-user-forms.php:220

actioninitmipl-wp-user-forms.php:228

actioninitmipl-wp-user-forms.php:232

actioninitmipl-wp-user-forms.php:236

actionwp_footermipl-wp-user-forms.php:243

actionwp_footermipl-wp-user-forms.php:247

actionwpmipl-wp-user-forms.php:251

filterblock_categories_allmipl-wp-user-forms.php:256

actionenqueue_block_editor_assetsmipl-wp-user-forms.php:267

actioninitmipl-wp-user-forms.php:273

actionvc_before_initmipl-wp-user-forms.php:279

actionelementor/widgets/registermipl-wp-user-forms.php:296

actionelementor/elements/categories_registeredmipl-wp-user-forms.php:311

Maintenance & Trust

MIPL WP User Forms Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5

Last updatedOct 24, 2025

PHP min version7.4

Downloads2K

Community Trust

Rating0/100

Number of ratings0

Active installs0

Alternatives

MIPL WP User Forms Alternatives

Login With Ajax – Fast Logins, 2FA, Redirects

Add beautiful login forms with smooth AJAX login/registration effects, 2FA support, custom redrection options and many more login-related features!

20K 6 CVEs

LoginWP (Formerly Peter's Login Redirect)

peters-login-redirect

Redirect users to different locations after they log in, log out and register based on different conditions.

90K 3 CVEs

Wordfence Login Security

wordfence-login-security

Secure your website with Wordfence Login Security, providing two-factor authentication, login and registration CAPTCHA, and XML-RPC protection.

70K No CVEs

WP Hide & Security Enhancer

wp-hide-security-enhancer

Protect your website by concealing vulnerable WordPress traces, plugins, themes, login/admin url. 2FA, Captcha, Firewall, Security Headers etc.

50K 3 CVEs

WP-Members Membership Plugin

wp-members

The original WordPress membership plugin with content restriction, user login, custom registration fields, user profiles, and more.

50K 18 CVEs

Developer Profile

MIPL WP User Forms Developer Profile

Mulika Team

6 plugins · 300 total installs

trust score

Avg Security Score

96/100

Avg Patch Time

1 days

View full developer profile

Detection Fingerprints

How We Detect MIPL WP User Forms

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/mipl-wp-user-forms/assets/css/mipluf-frontend.css/wp-content/plugins/mipl-wp-user-forms/assets/js/mipluf-frontend.js/wp-content/plugins/mipl-wp-user-forms/assets/js/mipluf-admin.js

Script Paths

/wp-content/plugins/mipl-wp-user-forms/assets/js/mipluf-frontend.js/wp-content/plugins/mipl-wp-user-forms/assets/js/mipluf-admin.js

Version Parameters

mipl-wp-user-forms/assets/css/mipluf-frontend.css?ver=mipl-wp-user-forms/assets/js/mipluf-frontend.js?ver=mipl-wp-user-forms/assets/js/mipluf-admin.js?ver=

HTML / DOM Fingerprints

CSS Classes

mipluf_login_form_fieldmipluf_registration_form_fieldmipluf_recaptcha_fieldmipluf_google_login_button

Data Attributes

data-mipluf-form-id

JS Globals

MIPLUF_ajax_urlMIPLUF_nonces

Shortcode Output

[mipluf_login_button][mipluf_login_registration_button][mipluf_login_form][mipluf_user_login_links]

FAQ