Does Separate Login Form have any unpatched vulnerabilities?

No. All known vulnerabilities in Separate Login Form have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Separate Login Form compatible with WordPress 5.9.0?

According to WordPress.org data, Separate Login Form 3.1.0 has been tested up to WordPress 5.9.0. Check the plugin's changelog for the latest compatibility information.

Is Separate Login Form compatible with PHP 7.2+?

Separate Login Form requires PHP 7.2 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Separate Login Form updated?

Separate Login Form was last updated on Feb 12, 2022. Frequent updates are generally a positive security signal.

What is Separate Login Form's security score?

Separate Login Form has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Separate Login Form Security & Risk Analysis

wordpress.org/plugins/separate-login-form

Display a login form with captcha on any page, post, or custom post type.

10 active installs v3.1.0 PHP 7.2+ WP 4.8.5+ Updated Feb 12, 2022

admincaptchacustomloginuser

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Separate Login Form Safe to Use in 2026?

Generally Safe

Score 85/100

Separate Login Form has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 4yr ago

Risk Assessment

The plugin "separate-login-form" v3.1.0 exhibits a generally strong security posture, with no identified entry points in AJAX handlers, REST API, shortcodes, or cron events. The absence of known vulnerabilities in its history is also a positive indicator. However, the static analysis reveals significant concerns regarding output escaping, with 100% of identified outputs being unescaped. This presents a critical risk of Cross-Site Scripting (XSS) vulnerabilities, allowing attackers to inject malicious scripts into pages rendered by this plugin. Additionally, the complete absence of capability checks and nonce checks, combined with a file operation without clear context, could be exploited if any of the zero identified entry points were to become accessible or if the file operation itself is vulnerable. While the plugin avoids dangerous functions and uses prepared statements for SQL, the output escaping issue is a major weakness.

Key Concerns

Unescaped output detected
No capability checks present
No nonce checks present
File operation without clear context

Vulnerabilities

None known

Separate Login Form Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

Separate Login Form Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

0 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

0% escaped5 total outputs

Attack Surface

Separate Login Form Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 6

actiontemplate_redirectclasses\separate_login_form.php:8

actioninitclasses\separate_login_form.php:10

actionwp_enqueue_scriptsclasses\separate_login_form.php:11

actionwp_enqueue_scriptsclasses\separate_login_form.php:12

actionadmin_menuclasses\separate_login_form.php:13

actionadmin_initclasses\separate_login_form.php:14

Maintenance & Trust

Separate Login Form Maintenance & Trust

Maintenance Signals

WordPress version tested5.9.0

Last updatedFeb 12, 2022

PHP min version7.2

Downloads2K

Community Trust

Rating100/100

Number of ratings1

Active installs10

Alternatives

Separate Login Form Alternatives

Ace User Management

ace-user-management

It help us to create registration form with unlimted custom fields.

0 1 unpatched

Custom Login/Register Fields

custom-loginregister-fields

Custom Login/Register Fields allows you to add custom fields to the WordPress registration forms with an easy drag-and-drop interface.

0 No CVEs

All In One Login — WP Admin Login Page Security and Customization with Google reCAPTCHA, Social Login, Limit Login Attempt, 2FA, and more.

change-wp-admin-login

Do you want to secure and customize the WordPress login page? Download the All in One Login plugin for login page security and customization.

70K 3 CVEs

Ultimate Dashboard – Custom WordPress Dashboard

ultimate-dashboard

The #1 Plugin to Customize the WordPress Dashboard!

60K 8 CVEs

Login as User

100

30K No CVEs

Developer Profile

Separate Login Form Developer Profile

David Angulo

2 plugins · 20 total installs

trust score

Avg Security Score

93/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Separate Login Form

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/separate-login-form/scripts/slf-login-form-styles.css

Script Paths

https://hcaptcha.com/1/api.js

HTML / DOM Fingerprints

CSS Classes

slf-login-form

Data Attributes

data-sitekey

JS Globals

hcaptcha

Shortcode Output

[separate-login-form]

FAQ