WP-Safety

Themehunk Login Registration Security & Risk Analysis

wordpress.org/plugins/themehunk-login-registration

A powerful, secure, and highly customizable frontend login, registration, and password reset plugin with popup support and WooCommerce integration.

0 active installs v1.0.2 PHP 7.4+ WP 5.8+ Updated Oct 8, 2025
frontend-loginloginregistrationregistration-formwoocommerce
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Themehunk Login Registration Safe to Use in 2026?

Generally Safe

Score 100/100

Themehunk Login Registration has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 7mo ago
Risk Assessment

The "themehunk-login-registration" plugin version 1.0.2 exhibits a generally strong security posture based on the provided static analysis. The plugin demonstrates excellent adherence to secure coding practices, with all SQL queries utilizing prepared statements and all output being properly escaped. The absence of dangerous functions, file operations, and critical or high-severity taint flows further reinforces this positive assessment.

However, a significant concern arises from the single unprotected REST API route. This entry point, if it handles user-supplied data without proper permission checks, could be a prime target for unauthorized access or manipulation. While the plugin has no recorded vulnerability history, this single exposed endpoint represents a potential weakness that requires immediate attention. The plugin's strengths lie in its secure handling of common vulnerabilities like SQL injection and output escaping, but the unprotected REST API route is a notable gap in its security defenses.

Key Concerns

  • REST API route without permission callback
Vulnerabilities
None known

Themehunk Login Registration Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Version History

Themehunk Login Registration Release Timeline

v1.0.2Current
Code Analysis
Analyzed Apr 16, 2026

Themehunk Login Registration Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
0
579 escaped
Nonce Checks
6
Capability Checks
9
File Operations
0
External Requests
1
Bundled Libraries
0

Output Escaping

100% escaped579 total outputs
Attack Surface
1 unprotected

Themehunk Login Registration Attack Surface

Entry Points6
Unprotected1

REST API Routes 1

GET/wp-json/thlogin/v1/lockoutincludes/class-thlogin-security.php:15

Shortcodes 5

[thlogin_form] includes/class-thlogin-shortcodes.php:9
[thlogin_register_form] includes/class-thlogin-shortcodes.php:10
[thlogin_forgot_password_form] includes/class-thlogin-shortcodes.php:11
[thlogin_combined_form] includes/class-thlogin-shortcodes.php:12
[thlogin_popup_auto] includes/class-thlogin-shortcodes.php:13
WordPress Hooks 29
actionadmin_menuincludes/class-thlogin-admin.php:10
actionadmin_enqueue_scriptsincludes/class-thlogin-admin.php:11
actionadmin_enqueue_scriptsincludes/class-thlogin-admin.php:12
actionwp_enqueue_scriptsincludes/class-thlogin-frontend.php:11
actionwp_footerincludes/class-thlogin-frontend.php:12
actiontemplate_redirectincludes/class-thlogin-frontend.php:13
actioninitincludes/class-thlogin-frontend.php:14
actionwp_logoutincludes/class-thlogin-frontend.php:15
actioninitincludes/class-thlogin-integrations.php:23
actiontemplate_redirectincludes/class-thlogin-integrations.php:33
actioninitincludes/class-thlogin-integrations.php:35
actioninitincludes/class-thlogin-integrations.php:46
actioninitincludes/class-thlogin-integrations.php:69
actioninitincludes/class-thlogin-integrations.php:100
filterquery_varsincludes/class-thlogin-integrations.php:118
actiontemplate_redirectincludes/class-thlogin-integrations.php:123
actionthlogin_before_modalincludes/class-thlogin-integrations.php:177
actionthlogin_after_modalincludes/class-thlogin-integrations.php:178
filterthe_contentincludes/class-thlogin-integrations.php:226
filterwp_nav_menu_itemsincludes/class-thlogin-menu-integration.php:10
actionrest_api_initincludes/class-thlogin-rest-api.php:13
actiontemplate_redirectincludes/class-thlogin-security.php:8
actionwp_login_failedincludes/class-thlogin-security.php:9
filterauthenticateincludes/class-thlogin-security.php:10
actioninitincludes/class-thlogin-security.php:11
actionrest_api_initincludes/class-thlogin-security.php:14
actionwp_enqueue_scriptsincludes/class-thlogin-shortcodes.php:15
actionplugins_loadedthemehunk-login-registration.php:50
actionwp_enqueue_scriptsthemehunk-login-registration.php:77
Maintenance & Trust

Themehunk Login Registration Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5
Last updatedOct 8, 2025
PHP min version7.4
Downloads199

Community Trust

Rating0/100
Number of ratings0
Active installs0
Alternatives

Themehunk Login Registration Alternatives

Nss Wooregistration Form

Nss Wooregistration Form

nss-wooregistration-form

A
92

Custom woocommerce login/registration form with custom fields.

70 No CVEs
UsersWP – Front-end login form, User Registration, User Profile & Members Directory plugin for WP

UsersWP – Front-end login form, User Registration, User Profile & Members Directory plugin for WP

userswp

A
89

Light weight Front-end login form, User Registration, User Profile and Members Directory plugin.

20K 17 CVEs
RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login

RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login

custom-registration-form-builder-with-submission-manager

B
76

Create customized user registration forms, accept payments, track submissions, manage users, analyze stats, assign user roles and more!

9K 48 CVEs
No CAPTCHA reCAPTCHA

No CAPTCHA reCAPTCHA

no-captcha-recaptcha

A
85

Protect WordPress login, registration, comment and BuddyPress registration forms with Google's No CAPTCHA reCAPTCHA.

5K No CVEs
Simple Registration for WooCommerce

Simple Registration for WooCommerce

woocommerce-simple-registration

A
93

A simple plugin to add a [woocommerce_simple_registration] shortcode to display the registration form on a separate page.

4K 2 CVEs
Developer Profile

Themehunk Login Registration Developer Profile

ThemeHunk

49 plugins · 64K total installs

76
trust score
Avg Security Score
95/100
Avg Patch Time
188 days
View full developer profile
Detection Fingerprints

How We Detect Themehunk Login Registration

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/themehunk-login-registration/assets/css/th-frontend.css/wp-content/plugins/themehunk-login-registration/assets/js/th-frontend.js/wp-content/plugins/themehunk-login-registration/assets/css/th-login-popup.css/wp-content/plugins/themehunk-login-registration/assets/js/th-login-popup.js
Script Paths
/wp-content/plugins/themehunk-login-registration/assets/js/th-frontend.js/wp-content/plugins/themehunk-login-registration/assets/js/th-login-popup.js
Version Parameters
themehunk-login-registration/assets/css/th-frontend.css?ver=themehunk-login-registration/assets/js/th-frontend.js?ver=themehunk-login-registration/assets/css/th-login-popup.css?ver=themehunk-login-registration/assets/js/th-login-popup.js?ver=

HTML / DOM Fingerprints

CSS Classes
thlogin-admin-wrapthlogin-loaderthlogin-loader-circlethlogin-loading-textthlogin-popup-wrapperthlogin-login-formthlogin-registration-formthlogin-password-reset-form
HTML Comments
<!-- Exit if accessed directly. -->
Data Attributes
thlogin-admin-root
JS Globals
thLoginDatathlogin_admin_data
REST Endpoints
/wp-json/thlogin/v1/
FAQ

Frequently Asked Questions about Themehunk Login Registration