WP-Safety

Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin Security & Risk Analysis

wordpress.org/plugins/ultimate-member

Membership & community plugin with user profiles, registration & login, member directories, content restriction, user roles and much more.

200K active installs v2.11.2 PHP 7.0+ WP 6.2+ Updated Feb 10, 2026
communitymembermembershipuser-profileuser-registration
76
B · Generally Safe
CVEs total70
Unpatched0
Last CVEApr 3, 2026
Plugin page Download
Safety Verdict

Is Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin Safe to Use in 2026?

Mostly Safe

Score 76/100

Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin is generally safe to use. 70 past CVEs were resolved. Keep it updated.

70 known CVEsLast CVE: Apr 3, 2026Updated 1mo ago
Risk Assessment

The "ultimate-member" plugin v2.11.2 exhibits a mixed security posture. While it demonstrates good practices in SQL query preparation (83%) and output escaping (93%), a significant concern arises from its large attack surface. With 52 total entry points, 36 of which lack authentication checks, there's a substantial opportunity for unauthenticated users to interact with sensitive plugin functionalities. This is exacerbated by taint analysis revealing 20 flows with unsanitized paths, 16 of which are deemed high severity, indicating potential for attackers to manipulate file paths and potentially gain unauthorized access or execute code.

The plugin's vulnerability history is a major red flag, with 68 known CVEs. Although there are currently no unpatched vulnerabilities, the sheer volume and severity of past issues (10 critical, 13 high) suggest a recurring pattern of security flaws. Common vulnerability types like Incorrect Authorization, Exposure of Sensitive Information, CSRF, SQL Injection, Path Traversal, and Code Injection indicate fundamental weaknesses that have been present and exploited multiple times. This history strongly implies that despite efforts, security vulnerabilities are consistently introduced.

In conclusion, while the plugin employs some secure coding practices, the high number of unprotected entry points, critical taint flows, and the extensive history of severe vulnerabilities point to an overall elevated risk. The potential for exploitation through unauthenticated access and path manipulation, coupled with past recurrent security failures, necessitates extreme caution. Users should be aware of the historical trends and the current attack surface, even in the absence of currently unpatched CVEs.

Key Concerns

  • Large attack surface without auth checks
  • High severity taint flows with unsanitized paths
  • Significant historical CVEs (68 total)
  • 10 historical critical CVEs
  • 13 historical high CVEs
  • Common vulnerability types indicate recurring flaws
  • Bundled library (Select2)
Vulnerabilities
70

Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin Security Vulnerabilities

CVEs by Year

4 CVEs in 2015
2015
3 CVEs in 2016
2016
1 CVE in 2017
2017
13 CVEs in 2018
2018
12 CVEs in 2019
2019
6 CVEs in 2020
2020
1 CVE in 2021
2021
8 CVEs in 2022
2022
3 CVEs in 2023
2023
6 CVEs in 2024
2024
10 CVEs in 2025
2025
3 CVEs in 2026
2026
Patched Has unpatched

Severity Breakdown

Critical
10
High
14
Medium
46

70 total CVEs

CVE-2025-15064medium · 6.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Ultimate Member <= 2.11.1 - Authenticated (Subscriber+) Stored Cross-Site Scripting via DOM Gadgets

Apr 3, 2026 Patched in 2.11.2 (1d)
CVE-2026-4248high · 8Improper Authorization

Ultimate Member <= 2.11.2 - Authenticated (Contributor+) Sensitive Information Exposure to Account Takeover via Shortcode Template Tag

Mar 27, 2026 Patched in 2.11.3 (1d)
CVE-2026-1404medium · 6.1Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Ultimate Member <= 2.11.1 - Reflected Cross-Site Scripting via Filter Parameters

Feb 17, 2026 Patched in 2.11.2 (2d)
CVE-2025-13220medium · 6.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Ultimate Member <= 2.11.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes

Dec 20, 2025 Patched in 2.11.1 (1d)
CVE-2025-12492medium · 5.3Exposure of Sensitive Information to an Unauthorized Actor

Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin <= 2.11.0 - Unauthenticated Sensitive Information Exposure

Dec 19, 2025 Patched in 2.11.1 (1d)
CVE-2025-13217medium · 6.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Ultimate Member <= 2.11.0 - Authenticated (Subscriber+) Stored Cross-Site Scripting via 'value'

Dec 16, 2025 Patched in 2.11.1 (2d)
CVE-2025-14081medium · 4.3Incorrect Authorization

Ultimate Member <= 2.11.0 - Authenticated (Subscriber+) Profile Privacy Setting Bypass

Dec 16, 2025 Patched in 2.11.1 (2d)
CVE-2025-47691high · 7.2Improper Control of Generation of Code ('Code Injection')

Ultimate Member <= 2.10.3 - Authenticated (Administrator+) Arbitrary Function Call

May 7, 2025 Patched in 2.10.4 (10d)
WF-8f539e25-5483-417d-a3c5-e7034c03c673-ultimate-memberhigh · 7.5Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin <= 2.10.1 - Unauthenticated Blind SQL Injection

Apr 16, 2025 Patched in 2.10.2 (1d)
CVE-2025-1702high · 7.5Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

Ultimate Member <= 2.10.0 - Unauthenticated SQL Injection via search Parameter

Mar 4, 2025 Patched in 2.10.1 (1d)
CVE-2024-12276medium · 5.3Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

Ultimate Member <= 2.9.2 - Authenticated SQL Injection

Feb 20, 2025 Patched in 2.10.0 (1d)
CVE-2025-0318medium · 5.3Exposure of Sensitive Information to an Unauthorized Actor

Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin <= 2.9.1 - Information Exposure

Jan 17, 2025 Patched in 2.9.2 (1d)
CVE-2025-0308high · 7.5Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

Ultimate Member <= 2.9.1 - Unauthenticated SQL Injection

Jan 17, 2025 Patched in 2.9.2 (1d)
CVE-2024-10528medium · 4.3Missing Authorization

Ultimate Member <= 2.8.9 - Missing Authorization to Authenticated (Subscriber+) Arbitrary User Profile Picture Update

Nov 20, 2024 Patched in 2.9.0 (1d)
CVE-2024-8520medium · 5.3Cross-Site Request Forgery (CSRF)

Ultimate Member <= 2.8.6 - Cross-Site Request Forgery to Membership Status Change

Oct 3, 2024 Patched in 2.8.7 (1d)
CVE-2024-8519medium · 6.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Ultimate Member <= 2.8.6 - Authenticated (Contributor+) Stored Cross-Site Scripting

Oct 3, 2024 Patched in 2.8.7 (1d)
CVE-2024-2765medium · 5.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Ultimate Member <= 2.8.4 - Authenticated (Subscriber+) Stored Cross-Site Scripting

Apr 10, 2024 Patched in 2.8.5 (297d)
CVE-2024-2123high · 7.2Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Ultimate Member <= 2.8.3 - Unauthenticated Stored Cross-Site Scripting

Mar 8, 2024 Patched in 2.8.4 (5d)
CVE-2024-1071critical · 9.8Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin 2.1.3 - 2.8.2 - Unauthenticated SQL Injection

Feb 23, 2024 Patched in 2.8.3 (20d)
WF-f5b08a10-f6bc-44a0-865a-5ad71a1772f7-ultimate-membermedium · 4.3Cross-Site Request Forgery (CSRF)

Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin <= 2.6.8 - Cross-Site Request Forgery

Aug 8, 2023 Patched in 2.6.9 (168d)
CVE-2023-3460critical · 9.8Incorrect Privilege Assignment

Ultimate Member <= 2.6.6 - Privilege Escalation via Arbitrary User Meta Updates

Jun 29, 2023 Patched in 2.6.7 (208d)
CVE-2023-31216medium · 4.3Cross-Site Request Forgery (CSRF)

Ultimate Member <= 2.6.0 - Cross-Site Request Forgery to Form Duplication

May 30, 2023 Patched in 2.6.1 (238d)
CVE-2022-2445medium · 4.7Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Ultimate Member – User Profile, User Registration, Login & Membership Plugin <= 2.5.0 - Authenticated (Admin+) Directory Traversal

Oct 28, 2022 Patched in 2.5.1 (452d)
CVE-2022-3361medium · 4.3Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Ultimate Member – User Profile, User Registration, Login & Membership Plugin <= 2.5.0 - Authenticated (Contributor+) Directory Traversal via Shortcodes

Oct 28, 2022 Patched in 2.5.1 (452d)
CVE-2022-3384high · 7.2Improper Control of Generation of Code ('Code Injection')

Ultimate Member – User Profile, User Registration, Login & Membership Plugin <= 2.5.0 - Authenticated (Admin+) Limited Remote Code Execution via um_populate_dropdown_options

Oct 28, 2022 Patched in 2.5.1 (452d)
CVE-2022-3383high · 7.2Improper Control of Generation of Code ('Code Injection')

Ultimate Member – User Profile, User Registration, Login & Membership Plugin <= 2.5.0 - Authenticated (Admin+) Remote Code Execution via Multi-Select

Oct 28, 2022 Patched in 2.5.1 (452d)
WF-45f32160-36eb-4d66-a6a6-a3d6f2f7bf1a-ultimate-membermedium · 5.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Ultimate Member <= 2.4.0 - Subscriber+ Stored Cross-Site Scripting

Jul 15, 2022 Patched in 2.4.1 (557d)
WF-f4832fbb-94ed-41c4-8434-1972f4d92476-ultimate-memberhigh · 7.5Exposure of Sensitive Information to an Unauthorized Actor

Ultimate Member <= 2.4.1 - Username Enumeration

Jul 14, 2022 Patched in 2.4.2 (558d)
CVE-2022-1209medium · 4.3URL Redirection to Untrusted Site ('Open Redirect')

Ultimate Member <= 2.3.1 - Arbitrary Redirect

Apr 29, 2022 Patched in 2.3.2 (634d)
CVE-2022-1208medium · 6.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Ultimate Member <= 2.3.2 - Stored Cross-Site Scripting

Mar 21, 2022 Patched in 2.4.0 (673d)
CVE-2021-24306medium · 6.1Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Ultimate Member <= 2.1.19 - Reflected Cross-Site Scripting

May 7, 2021 Patched in 2.1.20 (991d)
CVE-2020-36170medium · 6.5Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Ultimate Member <= 2.1.12 - Cross-Site Scripting

Dec 9, 2020 Patched in 2.1.13 (1140d)
CVE-2020-36157critical · 10Improper Privilege Management

Ultimate Member <= 2.1.11 - Unauthenticated Privilege Escalation via User Roles

Nov 9, 2020 Patched in 2.1.12 (1170d)
CVE-2020-36155critical · 10Improper Privilege Management

Ultimate Member <= 2.1.11 - Unauthenticated Privilege Escalation via User Meta

Nov 9, 2020 Patched in 2.1.12 (1170d)
CVE-2020-36156critical · 9.9Improper Privilege Management

Ultimate Member <= 2.1.11 - Authenticated Privilege Escalation via Profile Update

Nov 9, 2020 Patched in 2.1.12 (1170d)
WF-db3b206d-16c5-48fb-800d-d017a0c76630-ultimate-membermedium · 6.1URL Redirection to Untrusted Site ('Open Redirect')

Ultimate Member <= 2.1.6 - Open Redirect

Jul 23, 2020 Patched in 2.1.7 (1279d)
CVE-2020-6859medium · 5.3Improper Privilege Management

Ultimate Member <= 2.1.2 - Insecure Direct Object Reference

Jan 13, 2020 Patched in 2.1.3 (1471d)
CVE-2018-0585medium · 6.1Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Ultimate Member <= 1.3.88 - Cross Site Scripting

Aug 12, 2019 Patched in 2.0.4 (1625d)
CVE-2018-0586medium · 4.3Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Ultimate Member <= 2.0.3 - Directory Traversal

Aug 12, 2019 Patched in 2.0.4 (1625d)
CVE-2018-20965medium · 6.1Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Ultimate Member <= 2.0.3 - Cross Site Scripting

Aug 12, 2019 Patched in 2.0.4 (1625d)
CVE-2019-14945medium · 6.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Ultimate Member <= 2.0.53 - Cross-Site Scripting

Jul 22, 2019 Patched in 2.0.54 (1646d)
CVE-2019-14947medium · 5.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Ultimate Member <= 2.0.51 - Cross-Site Request Forgery and Stored Cross-Site Scripting

Jun 24, 2019 Patched in 2.0.52 (1674d)
CVE-2019-14946medium · 6.1Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Ultimate Member <= 2.0.51 - Cross-Site Request Forgery and Stored Cross-Site Scripting

Jun 24, 2019 Patched in 2.0.52 (1674d)
CVE-2019-10271medium · 4.3Missing Authorization

Ultimate Member <= 2.0.39 - Unauthorized Profile Modification

Jun 15, 2019 Patched in 2.0.40 (1683d)
CVE-2019-10270high · 8.8Improper Privilege Management

Ultimate Member <= 2.0.39 - Privilege Escalation

Jun 15, 2019 Patched in 2.0.40 (1683d)
WF-4890ec6f-ba73-48bd-8dd7-f896d6b4a140-ultimate-membermedium · 5.5Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Ultimate Member <= 2.0.45 - Admin+ Stored Cross-Site Scripting

May 13, 2019 Patched in 2.0.46 (1716d)
WF-618f644b-a92c-4f7f-aaea-c03ee7d6e0f9-ultimate-membercritical · 9.4Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Ultimate Member – User Profile, User Registration, Login & Membership Plugin <= 2.0.45 - Arbitrary File Deletion/Read

May 13, 2019 Patched in 2.0.46 (1716d)
WF-d0c0562f-1f3b-4630-bbc5-4ea2985d71d1-ultimate-membermedium · 6.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Ultimate Member <= 2.0.45 - Low-Privileged Stored Cross-Site Scripting

May 13, 2019 Patched in 2.0.46 (1716d)
CVE-2019-10673high · 8.8Cross-Site Request Forgery (CSRF)

Ultimate Member <= 2.0.39 - Cross-Site Request Forgery

Apr 1, 2019 Patched in 2.0.40 (1758d)
WF-a2e1948a-9513-43e4-aadd-369a7f4dc137-ultimate-membermedium · 6.1Cross-Site Request Forgery (CSRF)

Ultimate Member <= 2.0.32 - Cross-Site Request Forgery

Nov 27, 2018 Patched in 2.0.33 (1883d)
CVE-2018-17866medium · 6.1Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Ultimate Member <= 2.0.27 - Multiple Cross-Site Scripting vulnerabilities

Oct 6, 2018 Patched in 2.0.28 (1935d)
WF-b1be1928-a278-48d5-beb2-00e3c8df3fa9-ultimate-membermedium · 6.1Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Ultimate Member <= 2.0.21 - Cross-Site Scripting

Aug 9, 2018 Patched in 2.0.22 (1993d)
WF-5143a2d2-504a-46b8-b82b-19beba4da64d-ultimate-memberhigh · 8.8Unrestricted Upload of File with Dangerous Type

Ultimate Member <= 2.0.21 - Arbitrary File Upload

Aug 8, 2018 Patched in 2.0.22 (1994d)
CVE-2018-13136medium · 6.1Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Ultimate Member <= 2.0.17 - Authenticated Cross-Site Scripting

Jul 3, 2018 Patched in 2.0.18 (2030d)
CVE-2018-0589medium · 4.3Improper Access Control

Ultimate Member <= 2.0.3 - Improper Access Control

May 14, 2018 Patched in 2.0.4 (2080d)
CVE-2018-0590medium · 4.3Authorization Bypass Through User-Controlled Key

Ultimate Member < 2.0.4 - Insecure Direct Object Reference

May 10, 2018 Patched in 2.0.4 (2084d)
CVE-2018-0588medium · 4.3Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Ultimate Member <= 2.0.39 - Directory Traversal

May 10, 2018 Patched in 2.0.40 (2084d)
CVE-2018-0587medium · 4.3Unrestricted Upload of File with Dangerous Type

Ultimate Member < 2.0.4 - Authenticated Unrestricted File Upload

May 10, 2018 Patched in 2.0.4 (2084d)
CVE-2018-10234medium · 5.5Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Ultimate Member <= 2.0.10 - Authenticated Cross-Site Scripting

Apr 23, 2018 Patched in 2.0.11 (2101d)
CVE-2018-10233high · 8.8Cross-Site Request Forgery (CSRF)

Ultimate Member <= 2.0.6 - Multiple Cross-Site Request Forgery Issues

Apr 23, 2018 Patched in 2.0.7 (2101d)
CVE-2018-6943medium · 6.1Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Ultimate Member <= 2.0.3 - Cross-Site Scripting

Feb 14, 2018 Patched in 2.0.4 (2169d)
CVE-2018-6944medium · 6.1Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Ultimate Member <= 2.0 - Cross-Site Scripting

Feb 14, 2018 Patched in 2.0.4 (2169d)
WF-bab67a5c-3390-4423-8fa9-b5ffbc98324d-ultimate-membercritical · 9.8Missing Authorization

Ultimate Member <= 1.3.83 - Shortcode Injection

Apr 17, 2017 Patched in 1.3.84 (2472d)
WF-8911642f-6061-42a1-b733-8cc44b2870f1-ultimate-membercritical · 9.8Missing Authorization

Ultimate Member <= 1.3.75 - Missing Authorization to Password Reset

Dec 6, 2016 Patched in 1.3.76 (2604d)
WF-cc046b72-692a-4980-90ad-26c8fc2a131a-ultimate-membercritical · 9.1Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')

Ultimate Member <= 1.3.64 - Local File Inclusion

Jul 10, 2016 Patched in 1.3.65 (2753d)
CVE-2016-10872medium · 6.1Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Ultimate Member <= 1.3.39 - Cross-Site Scripting

Apr 6, 2016 Patched in 1.3.40 (2848d)
CVE-2015-8354medium · 6.1Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Ultimate Member <= 1.3.28 - Reflected Cross-Site Scripting

Dec 2, 2015 Patched in 1.3.29 (2974d)
CVE-2015-9304medium · 6.1Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Ultimate Member <= 1.3.17 - Cross-Site Scripting

Aug 20, 2015 Patched in 1.3.18 (3078d)
WF-461d5d5a-7bc2-4855-bc40-0edb9c538c33-ultimate-memberhigh · 7.1Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Ultimate Member 1.2.98 - 1.2.997 - Reflected Cross-Site Scripting

Jun 18, 2015 Patched in 1.3.0 (3141d)
WF-0ae243af-619f-4405-b1e0-9b44c1869501-ultimate-membercritical · 9.8Missing Authorization

Ultimate Member < 1.0.84 - Authorization Bypass to Arbitrary File Upload/Delete

Mar 10, 2015 Patched in 1.0.84 (3241d)
Code Analysis
Analyzed Mar 16, 2026

Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin Code Analysis

Dangerous Functions
0
Raw SQL Queries
48
237 prepared
Unescaped Output
160
2101 escaped
Nonce Checks
47
Capability Checks
76
File Operations
45
External Requests
6
Bundled Libraries
1

Bundled Libraries

Select2

SQL Query Safety

83% prepared285 total queries

Output Escaping

93% escaped2261 total outputs
Data Flows
20 unsanitized

Data Flow Analysis

25 flows20 with unsanitized paths
settings_page (includes\admin\core\class-admin-settings.php:2349)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
36 unprotected

Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin Attack Surface

Entry Points52
Unprotected36

AJAX Handlers 40

authwp_ajax_um_secure_scan_affected_usersincludes\admin\class-secure.php:52
authwp_ajax_um_do_ajax_actionincludes\admin\core\class-admin-ajax-hooks.php:23
authwp_ajax_um_update_builderincludes\admin\core\class-admin-ajax-hooks.php:24
authwp_ajax_um_update_orderincludes\admin\core\class-admin-ajax-hooks.php:25
authwp_ajax_um_update_fieldincludes\admin\core\class-admin-ajax-hooks.php:26
authwp_ajax_um_dynamic_modal_contentincludes\admin\core\class-admin-ajax-hooks.php:27
authwp_ajax_um_populate_dropdown_optionsincludes\admin\core\class-admin-ajax-hooks.php:28
authwp_ajax_um_ratedincludes\admin\core\class-admin-ajax-hooks.php:29
authwp_ajax_um_member_directory_default_filter_settingsincludes\admin\core\class-admin-ajax-hooks.php:30
authwp_ajax_um_same_page_updateincludes\admin\core\class-admin-ajax-hooks.php:32
authwp_ajax_um_dismiss_noticeincludes\admin\core\class-admin-notices.php:34
authwp_ajax_um_run_packageincludes\admin\core\class-admin-upgrade.php:83
authwp_ajax_um_get_packagesincludes\admin\core\class-admin-upgrade.php:84
authwp_ajax_um_get_iconsincludes\ajax\class-forms.php:19
authwp_ajax_um_get_pages_listincludes\ajax\class-pages.php:21
authwp_ajax_um_search_widget_requestincludes\ajax\class-pages.php:23
noprivwp_ajax_um_search_widget_requestincludes\ajax\class-pages.php:24
authwp_ajax_um_secure_scan_affected_usersincludes\ajax\class-secure.php:26
authwp_ajax_um_get_usersincludes\ajax\class-users.php:16
authwp_ajax_um_select_optionsincludes\core\class-ajax-common.php:35
noprivwp_ajax_um_select_optionsincludes\core\class-ajax-common.php:36
authwp_ajax_um_delete_profile_photoincludes\core\class-ajax-common.php:38
authwp_ajax_um_delete_cover_photoincludes\core\class-ajax-common.php:39
authwp_ajax_um_ajax_paginateincludes\core\class-ajax-common.php:41
authwp_ajax_um_ajax_paginate_postsincludes\core\class-ajax-common.php:42
authwp_ajax_um_ajax_paginate_commentsincludes\core\class-ajax-common.php:43
noprivwp_ajax_um_ajax_paginate_postsincludes\core\class-ajax-common.php:44
noprivwp_ajax_um_ajax_paginate_commentsincludes\core\class-ajax-common.php:45
authwp_ajax_um_muted_actionincludes\core\class-ajax-common.php:47
authwp_ajax_um_remove_fileincludes\core\class-ajax-common.php:49
noprivwp_ajax_um_remove_fileincludes\core\class-ajax-common.php:50
noprivwp_ajax_um_fileuploadincludes\core\class-ajax-common.php:52
authwp_ajax_um_fileuploadincludes\core\class-ajax-common.php:53
noprivwp_ajax_um_imageuploadincludes\core\class-ajax-common.php:55
authwp_ajax_um_imageuploadincludes\core\class-ajax-common.php:56
noprivwp_ajax_um_resize_imageincludes\core\class-ajax-common.php:58
authwp_ajax_um_resize_imageincludes\core\class-ajax-common.php:59
noprivwp_ajax_um_get_membersincludes\core\class-ajax-common.php:61
authwp_ajax_um_get_membersincludes\core\class-ajax-common.php:62
authwp_ajax_um_request_user_dataincludes\core\um-actions-account.php:864

Shortcodes 12

[ultimatemember_account] includes\core\class-account.php:45
[ultimatemember_password] includes\core\class-password.php:25
[ultimatemember] includes\core\class-shortcodes.php:65
[ultimatemember_login] includes\core\class-shortcodes.php:67
[ultimatemember_register] includes\core\class-shortcodes.php:68
[ultimatemember_profile] includes\core\class-shortcodes.php:69
[ultimatemember_directory] includes\core\class-shortcodes.php:70
[um_loggedin] includes\core\class-shortcodes.php:72
[um_loggedout] includes\core\class-shortcodes.php:73
[um_show_content] includes\core\class-shortcodes.php:74
[ultimatemember_searchform] includes\core\class-shortcodes.php:75
[um_author_profile_link] includes\core\class-shortcodes.php:77
WordPress Hooks 469
actioninitincludes\action-scheduler\class-init.php:45
filterum_site_health_extendincludes\action-scheduler\class-init.php:46
filterum_settings_structureincludes\action-scheduler\class-init.php:48
actionadmin_initincludes\admin\class-actions-listener.php:39
filterum_adm_action_individual_nonce_actionsincludes\admin\class-actions-listener.php:40
actionadmin_initincludes\admin\class-admin.php:60
actionum_admin_do_action__user_cacheincludes\admin\class-admin.php:65
actionum_admin_do_action__user_status_cacheincludes\admin\class-admin.php:66
actionum_admin_do_action__purge_tempincludes\admin\class-admin.php:67
actionum_admin_do_action__manual_upgrades_requestincludes\admin\class-admin.php:68
actionum_admin_do_action__duplicate_formincludes\admin\class-admin.php:69
actionum_admin_do_action__check_templates_versionincludes\admin\class-admin.php:70
actionum_admin_do_action__install_core_pagesincludes\admin\class-admin.php:72
actionum_admin_do_action__install_predefined_pageincludes\admin\class-admin.php:73
actionparent_fileincludes\admin\class-admin.php:75
filtergettextincludes\admin\class-admin.php:76
filterpost_updated_messagesincludes\admin\class-admin.php:77
filteradmin_body_classincludes\admin\class-enqueue.php:56
actionadmin_enqueue_scriptsincludes\admin\class-enqueue.php:58
actionload-customize.phpincludes\admin\class-enqueue.php:60
actionload-nav-menus.phpincludes\admin\class-enqueue.php:61
actionload-edit.phpincludes\admin\class-enqueue.php:62
actionload-post-new.phpincludes\admin\class-enqueue.php:64
actionload-post.phpincludes\admin\class-enqueue.php:65
filterblock_categories_allincludes\admin\class-enqueue.php:69
filterblock_categoriesincludes\admin\class-enqueue.php:71
actionenqueue_block_assetsincludes\admin\class-enqueue.php:73
actionadmin_enqueue_scriptsincludes\admin\class-enqueue.php:282
actionadmin_enqueue_scriptsincludes\admin\class-enqueue.php:325
actionadmin_enqueue_scriptsincludes\admin\class-enqueue.php:327
actionadmin_footerincludes\admin\class-enqueue.php:630
filterum_admin_forms_data_localizeincludes\admin\class-enqueue.php:632
actionadmin_initincludes\admin\class-extensions-updater.php:39
actionadmin_initincludes\admin\class-secure.php:44
filterum_settings_structureincludes\admin\class-secure.php:45
filtermanage_users_custom_columnincludes\admin\class-secure.php:46
filterpre_get_usersincludes\admin\class-secure.php:47
actionum_settings_before_saveincludes\admin\class-secure.php:49
actionum_settings_saveincludes\admin\class-secure.php:50
filterdebug_informationincludes\admin\class-site-health.php:38
filtersite_status_testsincludes\admin\class-site-health.php:39
filtermanage_users_columnsincludes\admin\class-users-columns.php:24
filtermanage_users_custom_columnincludes\admin\class-users-columns.php:25
actionpre_user_queryincludes\admin\class-users-columns.php:27
filterusers_list_table_query_argsincludes\admin\class-users-columns.php:28
filterviews_usersincludes\admin\class-users-columns.php:29
filteruser_row_actionsincludes\admin\class-users-columns.php:31
filterbulk_actions-usersincludes\admin\class-users-columns.php:32
filterhandle_bulk_actions-usersincludes\admin\class-users-columns.php:33
actionmanage_users_extra_tablenavincludes\admin\class-users-columns.php:35
actionpre_user_queryincludes\admin\class-users-columns.php:36
filterremovable_query_argsincludes\admin\class-users-columns.php:38
actionum_admin_field_modal_headerincludes\admin\core\class-admin-builder.php:31
actionum_admin_field_modal_footerincludes\admin\core\class-admin-builder.php:32
filterum_admin_builder_skip_field_validationincludes\admin\core\class-admin-builder.php:33
filterum_admin_pre_save_field_to_formincludes\admin\core\class-admin-builder.php:34
filterum_admin_pre_save_fields_hookincludes\admin\core\class-admin-builder.php:35
filterum_admin_field_update_error_handlingincludes\admin\core\class-admin-builder.php:36
filtermanage_edit-um_form_columnsincludes\admin\core\class-admin-columns.php:24
actionmanage_um_form_posts_custom_columnincludes\admin\core\class-admin-columns.php:25
filtermanage_edit-um_directory_columnsincludes\admin\core\class-admin-columns.php:27
actionmanage_um_directory_posts_custom_columnincludes\admin\core\class-admin-columns.php:28
filterpost_row_actionsincludes\admin\core\class-admin-columns.php:30
filterdisplay_post_statesincludes\admin\core\class-admin-columns.php:33
filterpost_row_actionsincludes\admin\core\class-admin-columns.php:35
actionadmin_footerincludes\admin\core\class-admin-dragdrop.php:30
filterwp_default_editorincludes\admin\core\class-admin-forms.php:903
actioninitincludes\admin\core\class-admin-gdpr.php:27
actionadmin_initincludes\admin\core\class-admin-gdpr.php:28
filterwp_privacy_personal_data_exportersincludes\admin\core\class-admin-gdpr.php:29
filterwp_privacy_personal_data_erasersincludes\admin\core\class-admin-gdpr.php:30
actionum_admin_custom_register_metaboxesincludes\admin\core\class-admin-gdpr.php:32
actionadmin_menuincludes\admin\core\class-admin-menu.php:29
actionadmin_menuincludes\admin\core\class-admin-menu.php:30
actionadmin_menuincludes\admin\core\class-admin-menu.php:31
actionadmin_headincludes\admin\core\class-admin-menu.php:33
filteradmin_footer_textincludes\admin\core\class-admin-menu.php:35
actionload-ultimate-member_page_um_optionsincludes\admin\core\class-admin-menu.php:37
actionadmin_headincludes\admin\core\class-admin-metabox.php:71
actionadmin_footerincludes\admin\core\class-admin-metabox.php:72
actionadmin_initincludes\admin\core\class-admin-metabox.php:74
filterenter_title_hereincludes\admin\core\class-admin-metabox.php:75
actionload-post.phpincludes\admin\core\class-admin-metabox.php:77
actionload-post-new.phpincludes\admin\core\class-admin-metabox.php:78
actionadmin_initincludes\admin\core\class-admin-metabox.php:80
actionum_roles_add_meta_boxesincludes\admin\core\class-admin-metabox.php:83
filterum_builtin_validation_types_continue_loopincludes\admin\core\class-admin-metabox.php:85
filterum_restrict_content_hide_metaboxincludes\admin\core\class-admin-metabox.php:86
filterum_member_directory_meta_value_before_saveincludes\admin\core\class-admin-metabox.php:88
actionadd_meta_boxesincludes\admin\core\class-admin-metabox.php:195
actionsave_postincludes\admin\core\class-admin-metabox.php:196
actionadd_meta_boxesincludes\admin\core\class-admin-metabox.php:198
actionsave_postincludes\admin\core\class-admin-metabox.php:199
actionadd_meta_boxesincludes\admin\core\class-admin-metabox.php:229
actionsave_postincludes\admin\core\class-admin-metabox.php:230
actionadd_attachmentincludes\admin\core\class-admin-metabox.php:234
actionedit_attachmentincludes\admin\core\class-admin-metabox.php:235
actionsave_postincludes\admin\core\class-admin-metabox.php:240
actioninitincludes\admin\core\class-admin-navmenu.php:26
actioncustomize_controls_print_footer_scriptsincludes\admin\core\class-admin-navmenu.php:28
actionwp_update_nav_menu_itemincludes\admin\core\class-admin-navmenu.php:29
actionwp_nav_menu_item_custom_fieldsincludes\admin\core\class-admin-navmenu.php:31
actionadmin_initincludes\admin\core\class-admin-notices.php:29
actionadmin_initincludes\admin\core\class-admin-notices.php:31
actionadmin_noticesincludes\admin\core\class-admin-notices.php:32
actionadmin_initincludes\admin\core\class-admin-notices.php:35
actionadmin_initincludes\admin\core\class-admin-settings.php:45
actionum_settings_page_before_email__contentincludes\admin\core\class-admin-settings.php:48
filterum_settings_section_custom_fieldsincludes\admin\core\class-admin-settings.php:49
filterum_settings_form_section_advanced_override_templates_override_templates_custom_contentincludes\admin\core\class-admin-settings.php:51
filterum_settings_section_licenses__custom_contentincludes\admin\core\class-admin-settings.php:54
filterum_settings_structureincludes\admin\core\class-admin-settings.php:56
actionadmin_initincludes\admin\core\class-admin-settings.php:59
actionum_settings_before_saveincludes\admin\core\class-admin-settings.php:62
actionum_settings_saveincludes\admin\core\class-admin-settings.php:63
filterum_change_settings_before_saveincludes\admin\core\class-admin-settings.php:65
actionum_settings_before_saveincludes\admin\core\class-admin-settings.php:68
actionum_settings_saveincludes\admin\core\class-admin-settings.php:69
filterum_change_settings_before_saveincludes\admin\core\class-admin-settings.php:71
filterum_change_settings_before_saveincludes\admin\core\class-admin-settings.php:72
filterupgrader_package_optionsincludes\admin\core\class-admin-theme-updater.php:38
actionupgrader_process_completeincludes\admin\core\class-admin-theme-updater.php:39
actionadmin_menuincludes\admin\core\class-admin-upgrade.php:68
actionwp_loadedincludes\admin\core\class-admin-upgrade.php:69
filterum_get_tabs_from_configincludes\class-config.php:743
actionplugins_loadedincludes\class-init.php:202
actionplugins_loadedincludes\class-init.php:204
actioninitincludes\class-init.php:207
actionwp_loadedincludes\class-init.php:215
actionwidgets_initincludes\class-init.php:219
filterum_action_scheduler_is_hook_enabledincludes\common\actions\class-emails.php:20
actionum_dispatch_emailincludes\common\actions\class-emails.php:21
actioninitincludes\common\actions\class-users.php:30
actioninitincludes\common\class-cpt.php:20
actiontransition_post_statusincludes\common\class-cpt.php:21
actionadmin_enqueue_scriptsincludes\common\class-enqueue.php:54
actionwp_enqueue_scriptsincludes\common\class-enqueue.php:55
actionenqueue_block_assetsincludes\common\class-enqueue.php:56
filterbody_classincludes\common\class-screen.php:21
actionsend_headersincludes\common\class-screen.php:22
actionwpincludes\common\class-secure.php:22
filterum_get_option_filter__banned_capabilitiesincludes\common\class-secure.php:23
actionum_hourly_scheduled_eventsincludes\common\class-secure.php:43
actionum_daily_scheduled_eventsincludes\common\class-secure.php:45
filtersite_status_test_php_modulesincludes\common\class-site-health.php:25
actionafter_switch_themeincludes\common\class-theme.php:16
filteruser_has_capincludes\common\class-users.php:20
filtereditable_rolesincludes\common\class-users.php:21
filterget_next_post_whereincludes\core\class-access.php:52
filterget_previous_post_whereincludes\core\class-access.php:53
filterthe_titleincludes\core\class-access.php:56
filterthe_contentincludes\core\class-access.php:58
filterget_the_excerptincludes\core\class-access.php:60
actionpre_get_commentsincludes\core\class-access.php:63
filterwp_count_commentsincludes\core\class-access.php:64
filtercomment_feed_whereincludes\core\class-access.php:66
filtercomments_openincludes\core\class-access.php:68
filterget_comments_numberincludes\core\class-access.php:69
filterwp_nav_menu_objectsincludes\core\class-access.php:72
filterrender_blockincludes\core\class-access.php:75
actiontemplate_redirectincludes\core\class-access.php:78
actiontemplate_redirectincludes\core\class-access.php:79
actionum_access_check_blog_page_settingsincludes\core\class-access.php:80
actionum_access_check_individual_term_settingsincludes\core\class-access.php:81
actionum_access_check_global_settingsincludes\core\class-access.php:82
actionplugins_loadedincludes\core\class-access.php:85
filterwp_get_attachment_urlincludes\core\class-access.php:96
filterhas_post_thumbnailincludes\core\class-access.php:97
filterwidget_posts_argsincludes\core\class-access.php:100
filterwp_list_pages_excludesincludes\core\class-access.php:102
filtergetarchives_whereincludes\core\class-access.php:104
actionpre_get_postsincludes\core\class-access.php:107
filterposts_whereincludes\core\class-access.php:108
filterwp_count_postsincludes\core\class-access.php:109
actionpre_get_termsincludes\core\class-access.php:112
filterthe_postsincludes\core\class-access.php:117
filterget_pagesincludes\core\class-access.php:119
filterhome_templateincludes\core\class-access.php:1669
filtertag_templateincludes\core\class-access.php:1724
filterarchive_templateincludes\core\class-access.php:1725
filtercategory_templateincludes\core\class-access.php:1726
filtertaxonomy_templateincludes\core\class-access.php:1727
actiontemplate_redirectincludes\core\class-account.php:46
actiontemplate_redirectincludes\core\class-account.php:47
filterum_predefined_fields_hookincludes\core\class-account.php:48
actioninitincludes\core\class-blocks.php:20
filterblock_type_metadata_settingsincludes\core\class-blocks.php:21
actioninitincludes\core\class-builtin.php:58
actioninitincludes\core\class-builtin.php:59
actioninitincludes\core\class-builtin.php:60
actioninitincludes\core\class-builtin.php:61
filtercron_schedulesincludes\core\class-cron.php:20
actionwpincludes\core\class-cron.php:21
filterum_get_core_page_filterincludes\core\class-external-integrations.php:22
filterum_admin_settings_email_section_fieldsincludes\core\class-external-integrations.php:23
filterum_email_send_subjectincludes\core\class-external-integrations.php:24
filterum_locate_email_templateincludes\core\class-external-integrations.php:25
filterum_change_email_template_fileincludes\core\class-external-integrations.php:26
filterum_email_templates_columnsincludes\core\class-external-integrations.php:27
actionum_access_fix_external_post_contentincludes\core\class-external-integrations.php:30
actionum_access_fix_external_post_contentincludes\core\class-external-integrations.php:31
actionum_access_fix_external_post_contentincludes\core\class-external-integrations.php:32
filterum_external_profile_urlincludes\core\class-external-integrations.php:34
filterum_get_current_page_urlincludes\core\class-external-integrations.php:35
filtericl_ls_languagesincludes\core\class-external-integrations.php:36
actiontemplate_redirectincludes\core\class-external-integrations.php:39
filtersingle_templateincludes\core\class-external-integrations.php:159
actiontemplate_redirectincludes\core\class-files.php:59
actiontemplate_redirectincludes\core\class-form.php:72
actioninitincludes\core\class-form.php:73
actionum_submit_form_registerincludes\core\class-gdpr.php:20
filterum_whitelisted_metakeysincludes\core\class-gdpr.php:22
filterum_before_save_filter_submittedincludes\core\class-gdpr.php:24
filterum_email_registration_dataincludes\core\class-gdpr.php:25
actionum_after_form_fieldsincludes\core\class-gdpr.php:27
actionum_after_login_fieldsincludes\core\class-login.php:26
actionum_submit_form_loginincludes\core\class-login.php:27
actiontemplate_redirectincludes\core\class-logout.php:23
filterwp_safe_redirect_fallbackincludes\core\class-logout.php:71
filterwp_safe_redirect_fallbackincludes\core\class-logout.php:109
actioninitincludes\core\class-mail.php:50
filtermandrill_nl2brincludes\core\class-mail.php:51
filterum_template_tags_patterns_hookincludes\core\class-mail.php:418
filterum_template_tags_replaces_hookincludes\core\class-mail.php:419
actionupdated_user_metaincludes\core\class-member-directory-meta.php:67
actionadded_user_metaincludes\core\class-member-directory-meta.php:68
actiondeleted_user_metaincludes\core\class-member-directory-meta.php:69
actionum_add_new_fieldincludes\core\class-member-directory-meta.php:71
actionum_delete_custom_fieldincludes\core\class-member-directory-meta.php:72
filterinitincludes\core\class-member-directory.php:125
actionwp_insert_postincludes\core\class-member-directory.php:127
actiontemplate_redirectincludes\core\class-member-directory.php:128
filterpre_user_queryincludes\core\class-member-directory.php:1645
filterpre_user_queryincludes\core\class-member-directory.php:1780
actionpre_user_queryincludes\core\class-member-directory.php:3055
actionpre_user_queryincludes\core\class-member-directory.php:3056
actionwpmu_new_blogincludes\core\class-multisite.php:24
actionwp_insert_siteincludes\core\class-multisite.php:25
actiontemplate_redirectincludes\core\class-password.php:27
actionum_reset_password_errors_hookincludes\core\class-password.php:29
actionum_reset_password_process_hookincludes\core\class-password.php:30
actionum_change_password_errors_hookincludes\core\class-password.php:32
actionum_change_password_process_hookincludes\core\class-password.php:33
actioninitincludes\core\class-permalinks.php:30
actioninitincludes\core\class-permalinks.php:32
actioninitincludes\core\class-permalinks.php:35
actionum_approve_user_on_email_confirmationincludes\core\class-permalinks.php:37
actionum_daily_scheduled_eventsincludes\core\class-plugin-updater.php:22
actionupgrader_process_completeincludes\core\class-plugin-updater.php:25
filterpre_set_site_transient_update_pluginsincludes\core\class-plugin-updater.php:28
filterplugins_apiincludes\core\class-plugin-updater.php:31
actiontemplate_redirectincludes\core\class-profile.php:44
actiontemplate_redirectincludes\core\class-profile.php:45
actionum_after_register_fieldsincludes\core\class-register.php:20
actionum_submit_form_registerincludes\core\class-register.php:21
actionwp_loadedincludes\core\class-rewrite.php:21
filterquery_varsincludes\core\class-rewrite.php:25
filterrewrite_rules_arrayincludes\core\class-rewrite.php:26
actiontemplate_redirectincludes\core\class-rewrite.php:28
actiontemplate_redirectincludes\core\class-rewrite.php:29
actionwp_roles_initincludes\core\class-roles-capabilities.php:22
actionupdate_optionincludes\core\class-roles-capabilities.php:23
actionset_user_roleincludes\core\class-roles-capabilities.php:24
filterbody_classincludes\core\class-shortcodes.php:79
filterum_shortcode_args_filterincludes\core\class-shortcodes.php:81
filterum_shortcode_args_filterincludes\core\class-shortcodes.php:82
filterum_template_tags_patterns_hookincludes\core\class-shortcodes.php:1200
filterum_template_tags_replaces_hookincludes\core\class-shortcodes.php:1201
filterupload_dirincludes\core\class-uploader.php:109
filterwp_handle_upload_prefilterincludes\core\class-uploader.php:110
filterum_upload_image_resultincludes\core\class-uploader.php:112
filterum_upload_image_process__profile_photoincludes\core\class-uploader.php:113
filterum_upload_image_process__cover_photoincludes\core\class-uploader.php:114
actionum_upload_stream_image_processincludes\core\class-uploader.php:115
actioninitincludes\core\class-uploader.php:117
actionum_after_move_temporary_filesincludes\core\class-uploader.php:120
actionum_profile_content_postsincludes\core\class-user-posts.php:22
actionum_profile_content_commentsincludes\core\class-user-posts.php:23
actioninitincludes\core\class-user.php:125
actionum_delete_userincludes\core\class-user.php:128
actionum_after_user_updatedincludes\core\class-user.php:131
actionum_after_user_account_updatedincludes\core\class-user.php:132
actionpersonal_options_updateincludes\core\class-user.php:133
actionum_when_role_is_setincludes\core\class-user.php:135
actionshow_user_profileincludes\core\class-user.php:137
actionuser_new_formincludes\core\class-user.php:138
actionedit_user_profileincludes\core\class-user.php:139
filterum_user_profile_additional_fieldsincludes\core\class-user.php:140
actionprofile_updateincludes\core\class-user.php:143
actionuser_registerincludes\core\class-user.php:148
actionuser_registerincludes\core\class-user.php:149
actionadded_existing_userincludes\core\class-user.php:152
actionwpmu_activate_userincludes\core\class-user.php:153
actioninitincludes\core\class-user.php:156
actionwpmu_delete_userincludes\core\class-user.php:159
actiondelete_userincludes\core\class-user.php:161
actionupdated_user_metaincludes\core\class-user.php:164
actionadded_user_metaincludes\core\class-user.php:165
actiondeleted_user_metaincludes\core\class-user.php:167
actionupdate_user_metaincludes\core\class-user.php:169
actionadded_user_metaincludes\core\class-user.php:170
actiondelete_user_metaincludes\core\class-user.php:171
actionupdate_user_metadataincludes\core\class-user.php:173
filterum_user_pre_updating_files_arrayincludes\core\class-validation.php:36
filterum_before_save_filter_submittedincludes\core\class-validation.php:37
filterquery_varsincludes\core\rest\class-api-v1.php:28
filterquery_varsincludes\core\rest\class-api-v2.php:27
actioninitincludes\core\rest\class-api.php:72
actiontemplate_redirectincludes\core\rest\class-api.php:73
actionum_access_profileincludes\core\um-actions-access.php:19
actionum_submit_account_errors_hookincludes\core\um-actions-account.php:210
filtersend_password_change_emailincludes\core\um-actions-account.php:232
actionum_submit_account_detailsincludes\core\um-actions-account.php:493
filtersend_email_change_emailincludes\core\um-actions-account.php:519
actionum_account_page_hidden_fieldsincludes\core\um-actions-account.php:534
actionum_before_account_deleteincludes\core\um-actions-account.php:549
actionum_before_account_notificationsincludes\core\um-actions-account.php:566
actionum_after_user_account_updatedincludes\core\um-actions-account.php:582
actionum_after_user_account_updatedincludes\core\um-actions-account.php:600
filtersend_email_change_emailincludes\core\um-actions-account.php:610
actionum_account_pre_update_profileincludes\core\um-actions-account.php:612
actionum_after_account_privacyincludes\core\um-actions-account.php:620
actionum_submit_form_errors_hook__blockedemailsincludes\core\um-actions-form.php:46
actionum_submit_form_errors_hook__blockedipsincludes\core\um-actions-form.php:68
actionum_submit_form_errors_hook__blockedwordsincludes\core\um-actions-form.php:103
actionum_submit_form_errors_hookincludes\core\um-actions-form.php:275
actionum_after_profile_fieldsincludes\core\um-actions-form.php:512
actionum_submit_form_errors_hook_includes\core\um-actions-form.php:1080
filterum_login_invalid_nonce_redirect_urlincludes\core\um-actions-form.php:1098
filterum_register_invalid_nonce_redirect_urlincludes\core\um-actions-form.php:1099
actionum_after_form_fieldsincludes\core\um-actions-global.php:25
actionum_after_form_fieldsincludes\core\um-actions-global.php:49
actionum_account_page_hidden_fieldsincludes\core\um-actions-global.php:50
actionum_submit_form_errors_hook_loginincludes\core\um-actions-login.php:87
actionum_before_login_fieldsincludes\core\um-actions-login.php:118
actionum_submit_form_errors_hook_logincheckincludes\core\um-actions-login.php:152
actionum_on_login_before_redirectincludes\core\um-actions-login.php:162
actionwp_loginincludes\core\um-actions-login.php:181
actionum_user_loginincludes\core\um-actions-login.php:278
actionum_submit_form_loginincludes\core\um-actions-login.php:328
actionum_after_login_fieldsincludes\core\um-actions-login.php:470
actionum_after_login_fieldsincludes\core\um-actions-login.php:491
actionum_main_login_fieldsincludes\core\um-actions-login.php:502
actionum_after_form_fieldsincludes\core\um-actions-misc.php:63
filterum_late_escaping_allowed_tagsincludes\core\um-actions-misc.php:189
actionum_before_formincludes\core\um-actions-misc.php:203
actionum_profile_content_mainincludes\core\um-actions-profile.php:181
actionum_user_edit_profileincludes\core\um-actions-profile.php:539
actionum_submit_form_errors_hook__profileincludes\core\um-actions-profile.php:554
filterum_user_pre_updating_files_arrayincludes\core\um-actions-profile.php:557
filterum_before_save_filter_submittedincludes\core\um-actions-profile.php:559
actionum_after_user_updatedincludes\core\um-actions-profile.php:586
actionum_after_form_fieldsincludes\core\um-actions-profile.php:601
actionwp_headincludes\core\um-actions-profile.php:625
actionwp_headincludes\core\um-actions-profile.php:628
actionget_headerincludes\core\um-actions-profile.php:633
actionwp_headincludes\core\um-actions-profile.php:842
actionum_profile_header_cover_areaincludes\core\um-actions-profile.php:983
actionum_after_profile_header_name_argsincludes\core\um-actions-profile.php:1000
actionum_profile_headerincludes\core\um-actions-profile.php:1400
actionum_pre_profile_shortcodeincludes\core\um-actions-profile.php:1451
actionum_pre_header_editprofileincludes\core\um-actions-profile.php:1558
actionum_main_profile_fieldsincludes\core\um-actions-profile.php:1580
actionum_submit_form_profileincludes\core\um-actions-profile.php:1622
actionum_after_profile_fieldsincludes\core\um-actions-profile.php:1674
actionum_profile_menuincludes\core\um-actions-profile.php:1878
actionum_post_registration_approved_hookincludes\core\um-actions-register.php:16
actionum_post_registration_checkmail_hookincludes\core\um-actions-register.php:28
actionum_post_registration_pending_hookincludes\core\um-actions-register.php:40
actionum_user_registerincludes\core\um-actions-register.php:108
actionum_registration_completeincludes\core\um-actions-register.php:147
actionum_registration_completeincludes\core\um-actions-register.php:332
actionum_submit_form_errors_hook__registrationincludes\core\um-actions-register.php:345
actionum_submit_form_registerincludes\core\um-actions-register.php:575
actionum_after_register_fieldsincludes\core\um-actions-register.php:715
actionum_main_register_fieldsincludes\core\um-actions-register.php:726
actionum_registration_set_extra_dataincludes\core\um-actions-register.php:781
actionum_registration_set_extra_dataincludes\core\um-actions-register.php:810
actionlogin_form_registerincludes\core\um-actions-register.php:824
actionum_update_profile_full_nameincludes\core\um-actions-save-profile.php:108
actionum_logout_user_linksincludes\core\um-actions-user.php:25
actioninitincludes\core\um-actions-wpadmin.php:25
filtershow_admin_barincludes\core\um-actions-wpadmin.php:42
actionwp_footerincludes\core\um-actions-wpadmin.php:51
filterum_get_field__first_nameincludes\core\um-filters-account.php:23
filterum_get_field__last_nameincludes\core\um-filters-account.php:24
filterum_account_pre_updating_profile_arrayincludes\core\um-filters-account.php:50
filterum_profile_profile_noindex_empty__filterincludes\core\um-filters-account.php:65
filteravatar_defaultsincludes\core\um-filters-avatars.php:15
filterget_avatarincludes\core\um-filters-avatars.php:53
filterget_avatar_urlincludes\core\um-filters-avatars.php:78
filterget_comment_author_linkincludes\core\um-filters-commenting.php:38
filterum_profile_field_filter_hook__oembedincludes\core\um-filters-fields.php:27
filterum_profile_field_filter_hook__soundcloud_trackincludes\core\um-filters-fields.php:62
filterum_profile_field_filter_hook__youtube_videoincludes\core\um-filters-fields.php:86
filterum_profile_field_filter_hook__spotifyincludes\core\um-filters-fields.php:113
filterum_profile_field_filter_hook__vimeo_videoincludes\core\um-filters-fields.php:136
filterum_profile_field_filter_hook__telincludes\core\um-filters-fields.php:155
filterum_profile_field_filter_hook__viberincludes\core\um-filters-fields.php:171
filterum_profile_field_filter_hook__whatsappincludes\core\um-filters-fields.php:188
filterum_profile_field_filter_hook__googlemapincludes\core\um-filters-fields.php:209
filterum_profile_field_filter_hook__user_registeredincludes\core\um-filters-fields.php:229
filterum_profile_field_filter_hook__last_loginincludes\core\um-filters-fields.php:247
filterum_profile_field_filter_hook___um_last_loginincludes\core\um-filters-fields.php:248
filterum_profile_field_filter_hook__textareaincludes\core\um-filters-fields.php:281
filterum_profile_field_filter_hook__timeincludes\core\um-filters-fields.php:319
filterum_profile_field_filter_hook__dateincludes\core\um-filters-fields.php:344
filterum_profile_field_filter_hook__fileincludes\core\um-filters-fields.php:392
filterum_profile_field_filter_hook__imageincludes\core\um-filters-fields.php:435
filterum_profile_field_filter_hook__includes\core\um-filters-fields.php:550
filterum_get_form_fieldsincludes\core\um-filters-fields.php:570
filterum_get_custom_field_arrayincludes\core\um-filters-fields.php:675
filterum_profile_field_filter_hook__includes\core\um-filters-fields.php:696
filterum_is_selected_filter_valueincludes\core\um-filters-fields.php:714
filterum_select_dropdown_dynamic_option_valueincludes\core\um-filters-fields.php:715
filterum_select_dropdown_dynamic_optionsincludes\core\um-filters-fields.php:736
filterum_field_non_utf8_valueincludes\core\um-filters-fields.php:758
filterum_select_dropdown_dynamic_optionsincludes\core\um-filters-fields.php:778
filterum_multiselect_optionsincludes\core\um-filters-fields.php:779
filterum_profile_field_filter_hook__selectincludes\core\um-filters-fields.php:798
filterum_profile_field_filter_hook__multiselectincludes\core\um-filters-fields.php:799
filterum_field_select_default_valueincludes\core\um-filters-fields.php:800
filterum_field_multiselect_default_valueincludes\core\um-filters-fields.php:801
filterum_profile_field_filter_hook__selectincludes\core\um-filters-fields.php:828
filterum_profile_field_filter_hook__multiselectincludes\core\um-filters-fields.php:829
filterum_profile_field_filter_hook__includes\core\um-filters-fields.php:922
filterum_submit_form_dataincludes\core\um-filters-fields.php:942
filterum_submit_form_dataincludes\core\um-filters-fields.php:979
filterum_edit_url_field_valueincludes\core\um-filters-fields.php:994
filterum_view_label_birth_dateincludes\core\um-filters-fields.php:1011
filterum_change_field_labelincludes\core\um-filters-fields.php:1028
filterum_upload_basedir_filterincludes\core\um-filters-files.php:70
filterum_upload_baseurl_filterincludes\core\um-filters-files.php:71
filterlogin_messageincludes\core\um-filters-login.php:32
filterauthenticateincludes\core\um-filters-login.php:54
filterauthenticateincludes\core\um-filters-login.php:94
filterlostpassword_urlincludes\core\um-filters-login.php:109
filterum_pretty_number_formattingincludes\core\um-filters-misc.php:15
filterwp_nav_menu_objectsincludes\core\um-filters-navmenu.php:42
filterwp_nav_menu_objectsincludes\core\um-filters-navmenu.php:138
filterwp_get_nav_menu_itemsincludes\core\um-filters-navmenu.php:152
filterthe_seo_framework_pro_add_titleincludes\core\um-filters-profile.php:37
filterwp_titleincludes\core\um-filters-profile.php:38
filterpre_get_document_titleincludes\core\um-filters-profile.php:39
filterthe_titleincludes\core\um-filters-profile.php:71
filterget_canonical_urlincludes\core\um-filters-profile.php:119
filterum_predefined_fields_hookincludes\core\um-filters-profile.php:140
filterum_predefined_fields_hookincludes\core\um-filters-profile.php:161
filterum_clean_user_basename_filterincludes\core\um-filters-user.php:148
filterum_before_update_profileincludes\core\um-filters-user.php:170
actionwp_loadedincludes\frontend\class-actions-listener.php:21
actioninitincludes\frontend\class-enqueue.php:32
actionwp_enqueue_scriptsincludes\frontend\class-enqueue.php:39
actionwp_footerincludes\frontend\class-modal.php:19
actioninitincludes\frontend\class-secure.php:27
actionum_before_login_fieldsincludes\frontend\class-secure.php:29
actionum_before_login_fieldsincludes\frontend\class-secure.php:31
actionum_submit_form_registerincludes\frontend\class-secure.php:33
actionum_user_loginincludes\frontend\class-secure.php:35
actionvalidate_password_resetincludes\frontend\class-secure.php:37
actionum_after_save_registration_detailsincludes\frontend\class-secure.php:53
actionum_after_save_registration_detailsincludes\frontend\class-secure.php:54
actionum_after_user_updatedincludes\frontend\class-secure.php:56
actionum_after_user_account_updatedincludes\frontend\class-secure.php:57
actiontemplate_redirectincludes\frontend\class-user-profile.php:23
filterget_edit_user_linkincludes\frontend\class-user-profile.php:24
filterget_comment_author_urlincludes\frontend\class-user-profile.php:25
filterallowed_redirect_hostsincludes\um-short-functions.php:2901
filterwp_safe_redirect_fallbackincludes\um-short-functions.php:2902

Scheduled Events 4

um_weekly_scheduled_events
um_daily_scheduled_events
um_twicedaily_scheduled_events
um_hourly_scheduled_events
Maintenance & Trust

Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedFeb 10, 2026
PHP min version7.0
Downloads12.8M

Community Trust

Rating88/100
Number of ratings1,445
Active installs200K
Alternatives

Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin Alternatives

WP User Manager – User Profile Builder & Membership

WP User Manager – User Profile Builder & Membership

wp-user-manager

A
89

The most customizable profiles & community builder WordPress plugin with front-end login, registration, profile customization and content restriction.

10K 7 CVEs
Touchsuite Payments

Touchsuite Payments

touchsuite-payments

A
100

Build a membership site that grows with you: user registration, member profiles, free or paid subscriptions.

0 No CVEs
WarmupReps

WarmupReps

warmupreps

A
85

Easily calculate and log your workout routines from popular strength training programs or create your own.

0 No CVEs
Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress

Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress

wp-user-avatar

B
76

Setup paid membership, accept payment, sell subscription & digital product, paywall, create login & registration form, user profile & member directory

100K 41 CVEs
User Registration & Membership – Free & Paid Memberships, Subscriptions, Content Restriction, User Profile, Custom User Registration & Login Builder

User Registration & Membership – Free & Paid Memberships, Subscriptions, Content Restriction, User Profile, Custom User Registration & Login Builder

user-registration

B
76

Build membership sites with tiered plans, content restriction, drag-&-drop custom registration & login form builder, and built-in payment system.

60K 30 CVEs
Developer Profile

Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin Developer Profile

Ultimate Member

3 plugins · 202K total installs

69
trust score
Avg Security Score
85/100
Avg Patch Time
1059 days
View full developer profile
Detection Fingerprints

How We Detect Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/ultimate-member/assets/css/um-admin.css/wp-content/plugins/ultimate-member/assets/css/um-members.css/wp-content/plugins/ultimate-member/assets/css/um-frontend.css/wp-content/plugins/ultimate-member/assets/css/um-loops.css/wp-content/plugins/ultimate-member/assets/css/um-form-fields.css/wp-content/plugins/ultimate-member/assets/css/um-account.css/wp-content/plugins/ultimate-member/assets/css/um-login.css/wp-content/plugins/ultimate-member/assets/css/um-register.css+28 more
Script Paths
/wp-content/plugins/ultimate-member/assets/js/um-admin-blocks-renderer.js/wp-content/plugins/ultimate-member/assets/js/um-conditional.js/wp-content/plugins/ultimate-member/assets/js/um-scripts.js/wp-content/plugins/ultimate-member/assets/js/um-dropdown.js/wp-content/plugins/ultimate-member/assets/js/um-members.js/wp-content/plugins/ultimate-member/assets/js/um-account.js+2 more
Version Parameters
/wp-content/plugins/ultimate-member/assets/css/um-members.css?ver=/wp-content/plugins/ultimate-member/assets/js/um-admin-blocks-renderer.js?ver=/wp-content/plugins/ultimate-member/assets/js/um-conditional.js?ver=/wp-content/plugins/ultimate-member/assets/js/um-scripts.js?ver=/wp-content/plugins/ultimate-member/assets/js/um-dropdown.js?ver=/wp-content/plugins/ultimate-member/assets/js/um-members.js?ver=/wp-content/plugins/ultimate-member/assets/js/um-account.js?ver=/wp-content/plugins/ultimate-member/assets/js/um-functions.js?ver=/wp-content/plugins/ultimate-member/assets/js/um-responsive.js?ver=

HTML / DOM Fingerprints

CSS Classes
um-adminum-profileum-field-type-textum-field-type-textareaum-field-type-emailum-field-type-passwordum-field-type-uploadum-field-type-heading+49 more
HTML Comments
<!-- Ultimate Member -->
Data Attributes
data-um-form-iddata-post_iddata-noncedata-actiondata-iddata-toggle+1 more
JS Globals
um_scriptsum_account_settings
REST Endpoints
/wp-json/ultimate-member/v1/
Shortcode Output
[ultimatemember][ultimatemember_login][ultimatemember_register][ultimatemember_password]
FAQ

Frequently Asked Questions about Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin