Does Registered Users Only have any unpatched vulnerabilities?

No. All known vulnerabilities in Registered Users Only have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Registered Users Only compatible with WordPress 6.9.4?

According to WordPress.org data, Registered Users Only 1.3.0 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

How often is Registered Users Only updated?

Registered Users Only was last updated on Feb 11, 2026. Frequent updates are generally a positive security signal.

What is Registered Users Only's security score?

Registered Users Only has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Registered Users Only Security & Risk Analysis

wordpress.org/plugins/registered-users-only

Forces all users to login before being able to view your site. Features an options page for configuration.

2K active installs v1.3.0 PHP + WP 3.2+ Updated Feb 11, 2026

registered-onlyregistrationrestriction

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Registered Users Only Safe to Use in 2026?

Generally Safe

Score 100/100

Registered Users Only has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1mo ago

Risk Assessment

The "registered-users-only" v1.3.0 plugin exhibits a very strong security posture based on the provided static analysis. The absence of any identified AJAX handlers, REST API routes, shortcodes, or cron events with unprotected entry points is a significant strength. Furthermore, the code signals are highly positive, with no dangerous functions, all SQL queries using prepared statements, and all outputs being properly escaped. The presence of nonce and capability checks further reinforces its secure design. The taint analysis also shows no flows with unsanitized paths, indicating no critical or high-severity issues from this perspective.

The vulnerability history is equally reassuring, with zero known CVEs recorded for this plugin. This, combined with the excellent static analysis results, suggests a well-maintained and secure codebase. The plugin appears to follow WordPress security best practices diligently. While the extremely limited attack surface might mean fewer complex features, it also inherently reduces the potential for vulnerabilities. The plugin's strengths lie in its robust input validation, output escaping, and permission handling where applicable. There are no apparent weaknesses identified in the provided data.

Vulnerabilities

None known

Registered Users Only Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Registered Users Only Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

0 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Data Flows

All sanitized

Data Flow Analysis

2 flows

POSTHandle (registered-users-only.php:155)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Registered Users Only Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 7

actionwpregistered-users-only.php:40

actionrest_api_initregistered-users-only.php:41

actioninitregistered-users-only.php:42

actionadmin_menuregistered-users-only.php:43

filterrest_authentication_errorsregistered-users-only.php:44

actioninitregistered-users-only.php:47

actionplugins_loadedregistered-users-only.php:240

Maintenance & Trust

Registered Users Only Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedFeb 11, 2026

PHP min version

Downloads123K

Community Trust

Rating92/100

Number of ratings13

Active installs2K

Alternatives

Registered Users Only Alternatives

Only for Registered Users

only-for-registered-users

Make post, page or partial content visible to registered users only

100 No CVEs

Only Registered Users

only-registered-users

This plugin will force visitors to register and login themselves before being able to view your site. Only registered and logged in users will be able …

0 No CVEs

User Registration & Membership – Free & Paid Memberships, Subscriptions, Content Restriction, User Profile, Custom User Registration & Login Builder

user-registration

Build membership sites with tiered plans, content restriction, drag-&-drop custom registration & login form builder, and built-in payment system.

60K 29 CVEs

WP-Members Membership Plugin

wp-members

The original WordPress membership plugin with content restriction, user login, custom registration fields, user profiles, and more.

50K 18 CVEs

Membership For WooCommerce – WordPress Membership Plugin, Restrict Content, Build Online Communities, Paywall & Content Dripping

membership-for-woocommerce

The membership plugin wordpress lets you easily restrict content, build online communities, customize user roles, & quickly manage access permissions.

900 5 CVEs

Developer Profile

Registered Users Only Developer Profile

Alex Mills

5 plugins · 1.0M total installs

trust score

Avg Security Score

95/100

Avg Patch Time

1675 days

View full developer profile

Detection Fingerprints

How We Detect Registered Users Only

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

HTML / DOM Fingerprints

FAQ