Does Only for Registered Users have any unpatched vulnerabilities?

No. All known vulnerabilities in Only for Registered Users have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Only for Registered Users compatible with WordPress 3.9.40?

According to WordPress.org data, Only for Registered Users 1.0 has been tested up to WordPress 3.9.40. Check the plugin's changelog for the latest compatibility information.

How often is Only for Registered Users updated?

Only for Registered Users was last updated on Sep 2, 2014. Frequent updates are generally a positive security signal.

What is Only for Registered Users's security score?

Only for Registered Users has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Only for Registered Users Security & Risk Analysis

wordpress.org/plugins/only-for-registered-users

Make post, page or partial content visible to registered users only

100 active installs v1.0 PHP + WP 2.8+ Updated Sep 2, 2014

registerregistered-onlyregistrationrestriction

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Only for Registered Users Safe to Use in 2026?

Generally Safe

Score 85/100

Only for Registered Users has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 11yr ago

Risk Assessment

The "only-for-registered-users" plugin v1.0 demonstrates a strong security posture based on the provided static analysis. The absence of dangerous functions, reliance on prepared statements for all SQL queries, and proper output escaping indicate good development practices. Furthermore, the presence of nonce and capability checks on the identified entry points suggests an effort to protect against common web vulnerabilities. The plugin's vulnerability history is clean, with no known CVEs, which is a positive indicator of its current security. However, the analysis indicates a limited attack surface, with only one shortcode identified and no AJAX handlers or REST API routes without authentication. This could be a strength if the plugin's functionality is minimal, but if it offers more complex features that were not captured in the static analysis, there might be undiscovered entry points. The lack of taint analysis results is also noteworthy, as it implies no potentially harmful data flows were detected, which is a good sign.

Vulnerabilities

None known

Only for Registered Users Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Only for Registered Users Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

1 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

TinyMCE

Output Escaping

100% escaped1 total outputs

Attack Surface

Only for Registered Users Attack Surface

Entry Points1

Unprotected0

Shortcodes 1

[RegUserOnly] only-for-registered-users.php:68

WordPress Hooks 9

filtermce_external_pluginsonly-for-registered-users.php:50

filtermce_buttonsonly-for-registered-users.php:53

actioninitonly-for-registered-users.php:67

actionplugins_loadedonly-for-registered-users.php:69

filterthe_contentonly-for-registered-users.php:70

actionload-post.phppost_meta_box.php:11

actionload-post-new.phppost_meta_box.php:12

actionadd_meta_boxespost_meta_box.php:24

actionsave_postpost_meta_box.php:25

Maintenance & Trust

Only for Registered Users Maintenance & Trust

Maintenance Signals

WordPress version tested3.9.40

Last updatedSep 2, 2014

PHP min version

Downloads78K

Community Trust

Rating88/100

Number of ratings8

Active installs100

Alternatives

Only for Registered Users Alternatives

Registered Users Only

registered-users-only

100

Forces all users to login before being able to view your site. Features an options page for configuration.

2K No CVEs

Only Registered Users

only-registered-users

This plugin will force visitors to register and login themselves before being able to view your site. Only registered and logged in users will be able …

0 No CVEs

User Registration & Membership – Free & Paid Memberships, Subscriptions, Content Restriction, User Profile, Custom User Registration & Login Builder

user-registration

Build membership sites with tiered plans, content restriction, drag-&-drop custom registration & login form builder, and built-in payment system.

60K 29 CVEs

WP-Members Membership Plugin

wp-members

The original WordPress membership plugin with content restriction, user login, custom registration fields, user profiles, and more.

50K 18 CVEs

Force Login

wp-force-login

Force Login is a simple lightweight plugin that requires visitors to log in to interact with the website.

30K No CVEs

Developer Profile

Only for Registered Users Developer Profile

sunnyverma1984

7 plugins · 270 total installs

trust score

Avg Security Score

87/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Only for Registered Users

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/only-for-registered-users/js/tinymce-plugin.js

HTML / DOM Fingerprints

Data Attributes

id="regUserOnly-yes"id="regUserOnly-no"

Shortcode Output

<code style="color:red;border:1px solid red;padding: 3px;">Content is available only for registered users. Please <a href="

">login</a> or <a href="">register</a></code>

FAQ