[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f7hki9jwoFeUso7MwxNFiPDvSXTuTRPRCPKed8hY9h6c":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":29,"last_vuln_date":30,"fetched_at":31,"vulnerabilities":32,"developer":790,"crawl_stats":38,"alternatives":798,"analysis":895,"fingerprints":3277},"ultimate-member","Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin","2.11.2","Ultimate Member","https:\u002F\u002Fprofiles.wordpress.org\u002Fultimatemember\u002F","\u003Ch4>User Profile & Membership Plugin for WordPress\u003C\u002Fh4>\n\u003Cp>The ultimate user profile & membership plugin for WordPress. The plugin makes it a breeze for users to sign-up and become members of your website. The plugin allows you to add beautiful user profiles to your site and is designed for creating advanced online communities and membership sites. Lightweight and highly extendible, Ultimate Member will enable you to create almost any type of site where users can join and become members with absolute ease.\u003C\u002Fp>\n\u003Ch4>Features of the plugin include:\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Front-end user profiles\u003C\u002Fli>\n\u003Cli>Front-end user registration\u003C\u002Fli>\n\u003Cli>Front-end user login\u003C\u002Fli>\n\u003Cli>Custom form fields\u003C\u002Fli>\n\u003Cli>Conditional logic for form fields\u003C\u002Fli>\n\u003Cli>Drag and drop form builder\u003C\u002Fli>\n\u003Cli>User account page\u003C\u002Fli>\n\u003Cli>Custom user roles\u003C\u002Fli>\n\u003Cli>Member directories\u003C\u002Fli>\n\u003Cli>User emails\u003C\u002Fli>\n\u003Cli>Content restriction\u003C\u002Fli>\n\u003Cli>Conditional nav menus\u003C\u002Fli>\n\u003Cli>Show author posts & comments on user profiles\u003C\u002Fli>\n\u003Cli>Developer friendly with dozens of actions and filters\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Read about all of the plugin’s features at \u003Ca href=\"https:\u002F\u002Fultimatemember.com\" rel=\"nofollow ugc\">Ultimate Member\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>Paid Extensions\u003C\u002Fh4>\n\u003Cp>Ultimate Member has a range of extensions that allow you to extend the power of the plugin. You can purchase all of these extensions at a significant discount with one of our \u003Ca href=\"https:\u002F\u002Fultimatemember.com\u002Fpricing\u002F\" rel=\"nofollow ugc\">paid plans\u003C\u002Fa> or you can purchase extensions individually.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fultimatemember.com\u002Fextensions\u002Fzapier\u002F\" rel=\"nofollow ugc\">Zapier\u003C\u002Fa> – Allow to integrate the Zapier popular apps with Ultimate Member\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fultimatemember.com\u002Fextensions\u002Fstripe\u002F\" rel=\"nofollow ugc\">Stripe\u003C\u002Fa> – Sell paid memberships to access your website via Stripe subscriptions\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fultimatemember.com\u002Fextensions\u002Fuser-notes\u002F\" rel=\"nofollow ugc\">User Notes\u003C\u002Fa> – Allow users to create public and private notes from their profile\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fultimatemember.com\u002Fextensions\u002Fprofile-tabs\u002F\" rel=\"nofollow ugc\">Profile Tabs\u003C\u002Fa> – Allow to add the custom tabs to profiles\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fultimatemember.com\u002Fextensions\u002Fuser-locations\u002F\" rel=\"nofollow ugc\">User Locations\u003C\u002Fa> – Allow to display users on a map on the member directory page and allow users to add their location via their profile\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fultimatemember.com\u002Fextensions\u002Funsplash\u002F\" rel=\"nofollow ugc\">Unsplash\u003C\u002Fa> – Allow users to select a profile cover photo from \u003Ca href=\"https:\u002F\u002Funsplash.com\u002F\" rel=\"nofollow ugc\">Unsplash\u003C\u002Fa> from their profile\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fultimatemember.com\u002Fextensions\u002Fuser-bookmarks\u002F\" rel=\"nofollow ugc\">User Bookmarks\u003C\u002Fa> – Allow users to bookmark content from your website\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fultimatemember.com\u002Fextensions\u002Fuser-photos\u002F\" rel=\"nofollow ugc\">User Photos\u003C\u002Fa> – Allow users to upload photos to their profile\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fultimatemember.com\u002Fextensions\u002Fgroups\u002F\" rel=\"nofollow ugc\">Groups\u003C\u002Fa> – Allow users to create and join groups around shared topics, interests etc.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fultimatemember.com\u002Fextensions\u002Fprivate-content\u002F\" rel=\"nofollow ugc\">Private Content\u003C\u002Fa> – Display private content to logged in users that only they can access\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fultimatemember.com\u002Fextensions\u002Fuser-tags\u002F\" rel=\"nofollow ugc\">User Tags\u003C\u002Fa> – Lets you add a user tag system to your website\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fultimatemember.com\u002Fextensions\u002Fsocial-activity\u002F\" rel=\"nofollow ugc\">Social Activity\u003C\u002Fa> – Let users create public wall posts & see the activity of other users\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fultimatemember.com\u002Fextensions\u002Fwoocommerce\u002F\" rel=\"nofollow ugc\">WooCommerce\u003C\u002Fa> – Allow you to integrate WooCommerce with Ultimate Member\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fultimatemember.com\u002Fextensions\u002Fprivate-messages\u002F\" rel=\"nofollow ugc\">Private Messages\u003C\u002Fa> – Add a private messaging system to your site & allow users to message each other\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fultimatemember.com\u002Fextensions\u002Ffollowers\u002F\" rel=\"nofollow ugc\">Followers\u003C\u002Fa> – Allow users to follow each other on your site and protect their profile information\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fultimatemember.com\u002Fextensions\u002Freal-time-notifications\u002F\" rel=\"nofollow ugc\">Real-time Notifications\u003C\u002Fa> – Add a notifications system to your site so users can receive real-time notifications\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fultimatemember.com\u002Fextensions\u002Fsocial-login\u002F\" rel=\"nofollow ugc\">Social Login\u003C\u002Fa> – Let users register & login to your site via Facebook, Twitter, G+, LinkedIn, Instagram and Vkontakte (VK.com)\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fultimatemember.com\u002Fextensions\u002Fbbpress\u002F\" rel=\"nofollow ugc\">bbPress\u003C\u002Fa> – With the bbPress extension you can beautifully integrate Ultimate Member with bbPress\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fultimatemember.com\u002Fextensions\u002Fmailchimp\u002F\" rel=\"nofollow ugc\">MailChimp\u003C\u002Fa> – Allow users to subscribe to your MailChimp lists when they signup on your site and sync user meta to MailChimp\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fultimatemember.com\u002Fextensions\u002Fuser-reviews\u002F\" rel=\"nofollow ugc\">User Reviews\u003C\u002Fa> – Allow users to rate & review each other using a 5 star rate\u002Freview system\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fultimatemember.com\u002Fextensions\u002Fverified-users\u002F\" rel=\"nofollow ugc\">Verified Users\u003C\u002Fa> – Add a user verification system to your site so user accounts can be verified\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fultimatemember.com\u002Fextensions\u002Fmycred\u002F\" rel=\"nofollow ugc\">myCRED\u003C\u002Fa> – With the myCRED extension you can integrate Ultimate Member with the popular myCRED points management plugin\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fultimatemember.com\u002Fextensions\u002Fnotices\u002F\" rel=\"nofollow ugc\">Notices\u003C\u002Fa> – Alert users to important information using conditional notices\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fultimatemember.com\u002Fextensions\u002Fprofile-completeness\u002F\" rel=\"nofollow ugc\">Profile Completeness\u003C\u002Fa> – Encourage or force users to complete their profiles with the profile completeness extension\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fultimatemember.com\u002Fextensions\u002Ffriends\u002F\" rel=\"nofollow ugc\">Friends\u003C\u002Fa> – Allows users to become friends by sending & accepting\u002Frejecting friend requests\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Free Extensions\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fultimatemember.com\u002Fextensions\u002Fjobboardwp\u002F\" rel=\"nofollow ugc\">JobsBoardWP\u003C\u002Fa> – This free extension integrates Ultimate Member with the job board plugin \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fjobboardwp\" rel=\"ugc\">JobBoardWP\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fultimatemember.com\u002Fextensions\u002Fforumwp\u002F\" rel=\"nofollow ugc\">ForumWP\u003C\u002Fa> – This free extension integrates Ultimate Member with the forum plugin \u003Ca href=\"https:\u002F\u002Fforumwpplugin.com\" rel=\"nofollow ugc\">ForumWP\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fultimatemember.com\u002Fextensions\u002Fterms-conditions\u002F\" rel=\"nofollow ugc\">Terms & Conditions\u003C\u002Fa> – Add a terms and condition checkbox to your registration forms & require users to agree to your T&Cs before registering on your site.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fultimatemember.com\u002Fextensions\u002Fgoogle-recaptcha\u002F\" rel=\"nofollow ugc\">Google reCAPTCHA\u003C\u002Fa> – Stop bots on your registration & login forms with Google reCAPTCHA\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fultimatemember.com\u002Fextensions\u002Fonline-users\u002F\" rel=\"nofollow ugc\">Online Users\u003C\u002Fa> – Display what users are online with this extension\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Theme\u003C\u002Fh4>\n\u003Cp>Our official \u003Ca href=\"https:\u002F\u002Fultimatemember.com\u002Ftheme\u002F\" rel=\"nofollow ugc\">theme\u003C\u002Fa> is purpose built for websites that have logged in and out users. The \u003Ca href=\"https:\u002F\u002Fultimatemember.com\u002Ftheme\u002F\" rel=\"nofollow ugc\">theme\u003C\u002Fa> has deep integration with Ultimate Member plugin and the extensions, different header designs for logged-in\u002Fout users and works alongside the Beaver Builder and Elementor page builders.\u003C\u002Fp>\n\u003Ch4>Our other plugins\u003C\u002Fh4>\n\u003Cp>In addition to Ultimate Member, we also have two other plugins: \u003Ca href=\"https:\u002F\u002Fforumwpplugin.com\u002F\" rel=\"nofollow ugc\">ForumWP\u003C\u002Fa> and \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fjobboardwp\" rel=\"ugc\">JobBoardWP\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>ForumWP\u003C\u002Fh4>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fforumwpplugin.com\u002F\" rel=\"nofollow ugc\">ForumWP\u003C\u002Fa> is a forum plugin which adds an online forum to your website, allowing users to create topics and write replies. Forums are a great way to build and grow an online community.\u003C\u002Fp>\n\u003Ch4>JobBoardWP\u003C\u002Fh4>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fjobboardwp\" rel=\"ugc\">JobBoardWP\u003C\u002Fa> is a job board plugin which adds a modern job board to your website. Display job listings and allow employers to submit and manage jobs all from the front-end.\u003C\u002Fp>\n\u003Ch4>Development * Translations\u003C\u002Fh4>\n\u003Cp>If you’re a developer and would like to contribute to the source code of the plugin you can do so via our \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fultimatemember\u002Fultimatemember\" rel=\"nofollow ugc\">GitHub Repository\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>Want to add a new language to Ultimate Member? Great! You can contribute via \u003Ca href=\"https:\u002F\u002Ftranslate.wordpress.org\u002Fprojects\u002Fwp-plugins\u002Fultimate-member\" rel=\"nofollow ugc\">translate.wordpress.org\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>If you are a developer and you need to know the list of UM Hooks, make this via our \u003Ca href=\"https:\u002F\u002Fdocs.ultimatemember.com\u002Farticle\u002F1324-hooks-list\" rel=\"nofollow ugc\">Hooks Documentation\u003C\u002Fa> or \u003Ca href=\"https:\u002F\u002Fultimatemember.github.io\u002Fultimatemember\u002Fhooks\u002F\" rel=\"nofollow ugc\">Hooks Documentation v2\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>If you are a developer and you need to know the structure of our code, make this via our \u003Ca href=\"https:\u002F\u002Fultimatemember.github.io\u002Fultimatemember\u002Fphpdoc\u002F\" rel=\"nofollow ugc\">Documentation API\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>Documentation & Support\u003C\u002Fh4>\n\u003Cp>Got a problem or need help with Ultimate Member? Head over to our \u003Ca href=\"http:\u002F\u002Fdocs.ultimatemember.com\u002F\" rel=\"nofollow ugc\">documentation\u003C\u002Fa> and perform a search of the knowledge base. If you can’t find a solution to your issue then you can create a topic on the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fultimate-member\" rel=\"ugc\">support forum\u003C\u002Fa>.\u003C\u002Fp>\n","Membership & community plugin with user profiles, registration & login, member directories, content restriction, user roles and much more.",200000,12785521,88,1445,"2026-02-10T13:30:00.000Z","6.9.4","6.2","7.0",[20,21,22,23,24],"community","member","membership","user-profile","user-registration","http:\u002F\u002Fultimatemember.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fultimate-member.2.11.2.zip",76,70,0,"2026-04-03 19:29:29","2026-03-15T15:16:48.613Z",[33,48,63,75,86,98,107,118,133,147,158,170,181,188,200,213,220,234,247,262,275,287,298,312,321,328,335,347,358,370,381,392,405,418,425,434,445,456,467,475,483,494,505,511,522,531,544,554,561,572,583,594,605,615,626,636,646,653,660,671,680,689,697,708,719,733,744,755,766,779],{"id":34,"url_slug":35,"title":36,"description":37,"plugin_slug":4,"theme_slug":38,"affected_versions":39,"patched_in_version":6,"severity":40,"cvss_score":41,"cvss_vector":42,"vuln_type":43,"published_date":30,"updated_date":44,"references":45,"days_to_patch":47},"CVE-2025-15064","ultimate-member-authenticated-subscriber-stored-cross-site-scripting-via-dom-gadgets","Ultimate Member \u003C= 2.11.1 - Authenticated (Subscriber+) Stored Cross-Site Scripting via DOM Gadgets","The Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the user description field in all versions up to, and including, 2.11.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with subscriber level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. The vulnerability is only exploitable when \"HTML support for user description\" is enabled in Ultimate Member settings.",null,"\u003C=2.11.1","medium",6.4,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:N\u002FS:C\u002FC:L\u002FI:L\u002FA:N","Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')","2026-04-04 07:41:57",[46],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F2a7f070a-b67c-4e65-a928-a6116266c54d?source=api-prod",1,{"id":49,"url_slug":50,"title":51,"description":52,"plugin_slug":4,"theme_slug":38,"affected_versions":53,"patched_in_version":54,"severity":55,"cvss_score":56,"cvss_vector":57,"vuln_type":58,"published_date":59,"updated_date":60,"references":61,"days_to_patch":47},"CVE-2026-4248","ultimate-member-authenticated-contributor-sensitive-information-exposure-to-account-takeover-via-shortcode-template-tag","Ultimate Member \u003C= 2.11.2 - Authenticated (Contributor+) Sensitive Information Exposure to Account Takeover via Shortcode Template Tag","The Ultimate Member plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.11.2. This is due to the '{usermeta:password_reset_link}' template tag being processed within post content via the '[um_loggedin]' shortcode, which generates a valid password reset token for the currently logged-in user viewing the page. This makes it possible for authenticated attackers, with Contributor-level access and above, to craft a malicious pending post that, when previewed by an Administrator, generates a password reset token for the Administrator and exfiltrates it to an attacker-controlled server, leading to full account takeover.","\u003C=2.11.2","2.11.3","high",8,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:R\u002FS:U\u002FC:H\u002FI:H\u002FA:H","Improper Authorization","2026-03-27 09:48:30","2026-03-27 22:26:22",[62],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fbaafd001-144d-4ee4-b7e6-28c0931e6e10?source=api-prod",{"id":64,"url_slug":65,"title":66,"description":67,"plugin_slug":4,"theme_slug":38,"affected_versions":39,"patched_in_version":6,"severity":40,"cvss_score":68,"cvss_vector":69,"vuln_type":43,"published_date":70,"updated_date":71,"references":72,"days_to_patch":74},"CVE-2026-1404","ultimate-member-reflected-cross-site-scripting-via-filter-parameters","Ultimate Member \u003C= 2.11.1 - Reflected Cross-Site Scripting via Filter Parameters","The Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the filter parameters (e.g., 'filter_first_name') in all versions up to, and including, 2.11.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.",6.1,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:R\u002FS:C\u002FC:L\u002FI:L\u002FA:N","2026-02-17 00:00:00","2026-02-18 14:25:01",[73],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fba62b804-f101-4e29-8304-fb2b7dad333c?source=api-prod",2,{"id":76,"url_slug":77,"title":78,"description":79,"plugin_slug":4,"theme_slug":38,"affected_versions":80,"patched_in_version":81,"severity":40,"cvss_score":41,"cvss_vector":42,"vuln_type":43,"published_date":82,"updated_date":83,"references":84,"days_to_patch":47},"CVE-2025-13220","ultimate-member-authenticated-contributor-stored-cross-site-scripting-via-shortcode-attributes","Ultimate Member \u003C= 2.11.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes","The Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcode attributes in all versions up to, and including, 2.11.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.","\u003C=2.11.0","2.11.1","2025-12-20 14:20:39","2025-12-21 03:20:06",[85],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fb4c06548-238d-4b75-8f20-d7de6fc21539?source=api-prod",{"id":87,"url_slug":88,"title":89,"description":90,"plugin_slug":4,"theme_slug":38,"affected_versions":80,"patched_in_version":81,"severity":40,"cvss_score":91,"cvss_vector":92,"vuln_type":93,"published_date":94,"updated_date":95,"references":96,"days_to_patch":47},"CVE-2025-12492","ultimate-member-user-profile-registration-login-member-directory-content-restriction-membership-plugin-unauthenticated-s-2","Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin \u003C= 2.11.0 - Unauthenticated Sensitive Information Exposure","The Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.11.0 via the ajax_get_members function. This is due to the use of a predictable low-entropy token (5 hex characters derived from md5 of post ID) to identify member directories and insufficient authorization checks on the unauthenticated AJAX endpoint. This makes it possible for unauthenticated attackers to extract sensitive data including usernames, display names, user roles (including administrator accounts), profile URLs, and user IDs by enumerating predictable directory_id values or brute-forcing the small 16^5 token space.",5.3,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:N\u002FS:U\u002FC:L\u002FI:N\u002FA:N","Exposure of Sensitive Information to an Unauthorized Actor","2025-12-19 19:56:17","2025-12-20 08:22:10",[97],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F61337d2d-d15a-45f2-b730-fc034eb3cd31?source=api-prod",{"id":99,"url_slug":100,"title":101,"description":102,"plugin_slug":4,"theme_slug":38,"affected_versions":80,"patched_in_version":81,"severity":40,"cvss_score":41,"cvss_vector":42,"vuln_type":43,"published_date":103,"updated_date":104,"references":105,"days_to_patch":74},"CVE-2025-13217","ultimate-member-authenticated-subscriber-stored-cross-site-scripting-via-value","Ultimate Member \u003C= 2.11.0 - Authenticated (Subscriber+) Stored Cross-Site Scripting via 'value'","The Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the YouTube Video 'value' field in all versions up to, and including, 2.11.0. This is due to insufficient input sanitization and output escaping on user-supplied YouTube video URLs in the `um_profile_field_filter_hook__youtube_video()` function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to inject arbitrary web scripts in pages that execute whenever a user accesses the injected user's profile page.","2025-12-16 00:00:00","2025-12-17 18:21:34",[106],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F876b57e0-cf1e-4ce9-ba85-a5d4554797bd?source=api-prod",{"id":108,"url_slug":109,"title":110,"description":111,"plugin_slug":4,"theme_slug":38,"affected_versions":80,"patched_in_version":81,"severity":40,"cvss_score":112,"cvss_vector":113,"vuln_type":114,"published_date":103,"updated_date":115,"references":116,"days_to_patch":74},"CVE-2025-14081","ultimate-member-authenticated-subscriber-profile-privacy-setting-bypass","Ultimate Member \u003C= 2.11.0 - Authenticated (Subscriber+) Profile Privacy Setting Bypass","The Ultimate Member plugin for WordPress is vulnerable to Profile Privacy Setting Bypass in all versions up to, and including, 2.11.0. This is due to a flaw in the secure fields mechanism where field keys are stored in the allowed fields list before the `required_perm` check is applied during rendering. This makes it possible for authenticated attackers with Subscriber-level access to modify their profile privacy settings (e.g., setting profile to \"Only me\") via direct parameter manipulation, even when the administrator has explicitly disabled the option for their role.",4.3,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:N\u002FS:U\u002FC:N\u002FI:L\u002FA:N","Incorrect Authorization","2025-12-17 18:21:35",[117],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Faad57a68-c385-491f-a5a2-32906df4b52b?source=api-prod",{"id":119,"url_slug":120,"title":121,"description":122,"plugin_slug":4,"theme_slug":38,"affected_versions":123,"patched_in_version":124,"severity":55,"cvss_score":125,"cvss_vector":126,"vuln_type":127,"published_date":128,"updated_date":129,"references":130,"days_to_patch":132},"CVE-2025-47691","ultimate-member-authenticated-administrator-arbitrary-function-call","Ultimate Member \u003C= 2.10.3 - Authenticated (Administrator+) Arbitrary Function Call","The Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin plugin for WordPress is vulnerable to Arbitrary Function Calls in all versions up to, and including, 2.10.3. This is due to the plugin not properly restricting functions that can be called. This makes it possible for authenticated attackers, with Administrator-level access and above, to execute arbitrary functions making remote code execution possible.","\u003C=2.10.3","2.10.4",7.2,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:H\u002FUI:N\u002FS:U\u002FC:H\u002FI:H\u002FA:H","Improper Control of Generation of Code ('Code Injection')","2025-05-07 00:00:00","2025-05-16 14:16:24",[131],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fdc8b33c7-23ef-4b5c-bdb9-b4e548d18832?source=api-prod",10,{"id":134,"url_slug":135,"title":136,"description":137,"plugin_slug":4,"theme_slug":38,"affected_versions":138,"patched_in_version":139,"severity":55,"cvss_score":140,"cvss_vector":141,"vuln_type":142,"published_date":143,"updated_date":144,"references":145,"days_to_patch":47},"WF-8f539e25-5483-417d-a3c5-e7034c03c673-ultimate-member","ultimate-member-user-profile-registration-login-member-directory-content-restriction-membership-plugin-unauthenticated-b","Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin \u003C= 2.10.1 - Unauthenticated Blind SQL Injection","The Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin plugin for WordPress is vulnerable to blind SQL Injection via the search parameter in all versions up to, and including, 2.10.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query.  This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. This vulnerability was partially patched in version 2.9.2 when initially addressing CVE-2025-0308.","\u003C=2.10.1","2.10.2",7.5,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:N\u002FS:U\u002FC:H\u002FI:N\u002FA:N","Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')","2025-04-16 00:00:00","2025-04-16 21:28:15",[146],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F8f539e25-5483-417d-a3c5-e7034c03c673?source=api-prod",{"id":148,"url_slug":149,"title":150,"description":151,"plugin_slug":4,"theme_slug":38,"affected_versions":152,"patched_in_version":153,"severity":55,"cvss_score":140,"cvss_vector":141,"vuln_type":142,"published_date":154,"updated_date":155,"references":156,"days_to_patch":47},"CVE-2025-1702","ultimate-member-unauthenticated-sql-injection-via-search-parameter","Ultimate Member \u003C= 2.10.0 - Unauthenticated SQL Injection via search Parameter","The Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin plugin for WordPress is vulnerable to time-based SQL Injection via the 'search' parameter in all versions up to, and including, 2.10.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query.  This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.","\u003C=2.10.0","2.10.1","2025-03-04 21:53:45","2025-03-05 11:22:10",[157],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F34adbae5-d615-4f8d-a845-6741d897f06c?source=api-prod",{"id":159,"url_slug":160,"title":161,"description":162,"plugin_slug":4,"theme_slug":38,"affected_versions":163,"patched_in_version":164,"severity":40,"cvss_score":91,"cvss_vector":165,"vuln_type":142,"published_date":166,"updated_date":167,"references":168,"days_to_patch":47},"CVE-2024-12276","ultimate-member-authenticated-sql-injection","Ultimate Member \u003C= 2.9.2 - Authenticated SQL Injection","The Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin plugin for WordPress is vulnerable to second-order SQL Injection via filenames in all versions up to, and including, 2.9.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with  access to upload files and manage filenames through a third-party plugin like a File Manager, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. The risk of this vulnerability is very minimal as it requires a user to be able to manipulate filenames in order to successfully exploit.","\u003C=2.9.2","2.10.0","CVSS:3.1\u002FAV:N\u002FAC:H\u002FPR:L\u002FUI:N\u002FS:U\u002FC:H\u002FI:N\u002FA:N","2025-02-20 21:16:05","2025-02-21 09:21:07",[169],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F846f9828-2f1f-4d08-abfb-909b8d634d8a?source=api-prod",{"id":171,"url_slug":172,"title":173,"description":174,"plugin_slug":4,"theme_slug":38,"affected_versions":175,"patched_in_version":176,"severity":40,"cvss_score":91,"cvss_vector":92,"vuln_type":93,"published_date":177,"updated_date":178,"references":179,"days_to_patch":47},"CVE-2025-0318","ultimate-member-user-profile-registration-login-member-directory-content-restriction-membership-plugin-information-expos","Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin \u003C= 2.9.1 - Information Exposure","The Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 2.9.1 through different error messages in the responses. This makes it possible for unauthenticated attackers to exfiltrate data from wp_usermeta table.","\u003C=2.9.1","2.9.2","2025-01-17 16:40:14","2025-01-18 05:33:50",[180],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F4ee149bf-ffa3-4906-8be2-9c3c40b28287?source=api-prod",{"id":182,"url_slug":183,"title":184,"description":185,"plugin_slug":4,"theme_slug":38,"affected_versions":175,"patched_in_version":176,"severity":55,"cvss_score":140,"cvss_vector":141,"vuln_type":142,"published_date":177,"updated_date":178,"references":186,"days_to_patch":47},"CVE-2025-0308","ultimate-member-unauthenticated-sql-injection","Ultimate Member \u003C= 2.9.1 - Unauthenticated SQL Injection","The Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin plugin for WordPress is vulnerable to time-based SQL Injection via the search parameter in all versions up to, and including, 2.9.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query.  This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.",[187],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fe3e5bb98-2652-499a-b8cd-4ebfe1c1d890?source=api-prod",{"id":189,"url_slug":190,"title":191,"description":192,"plugin_slug":4,"theme_slug":38,"affected_versions":193,"patched_in_version":194,"severity":40,"cvss_score":112,"cvss_vector":113,"vuln_type":195,"published_date":196,"updated_date":197,"references":198,"days_to_patch":47},"CVE-2024-10528","ultimate-member-missing-authorization-to-authenticated-subscriber-arbitrary-user-profile-picture-update","Ultimate Member \u003C= 2.8.9 - Missing Authorization to Authenticated (Subscriber+) Arbitrary User Profile Picture Update","The Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin plugin for WordPress is vulnerable to unauthorized profile picture updates due to a missing capability check on the wp_ajax_um_resize_image() and ajax_resize_image() functions in all versions up to, and including, 2.8.9. This makes it possible for authenticated attackers, with subscriber-level access and above, to update the profile pictures of other users.","\u003C=2.8.9","2.9.0","Missing Authorization","2024-11-20 00:00:00","2024-11-21 05:33:48",[199],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F0a9793b6-2186-46ef-b204-d8f8f154ebf3?source=api-prod",{"id":201,"url_slug":202,"title":203,"description":204,"plugin_slug":4,"theme_slug":38,"affected_versions":205,"patched_in_version":206,"severity":40,"cvss_score":91,"cvss_vector":207,"vuln_type":208,"published_date":209,"updated_date":210,"references":211,"days_to_patch":47},"CVE-2024-8520","ultimate-member-cross-site-request-forgery-to-membership-status-change","Ultimate Member \u003C= 2.8.6 - Cross-Site Request Forgery to Membership Status Change","The Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.8.6. This is due to missing or incorrect nonce validation on the admin_init or user_action_hook function. This makes it possible for unauthenticated attackers to modify a users membership status via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.","\u003C=2.8.6","2.8.7","CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:N\u002FS:U\u002FC:N\u002FI:L\u002FA:N","Cross-Site Request Forgery (CSRF)","2024-10-03 00:00:00","2024-10-04 02:32:23",[212],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F7ffddc03-d4ae-460e-972a-98804d947d09?source=api-prod",{"id":214,"url_slug":215,"title":216,"description":217,"plugin_slug":4,"theme_slug":38,"affected_versions":205,"patched_in_version":206,"severity":40,"cvss_score":41,"cvss_vector":42,"vuln_type":43,"published_date":209,"updated_date":210,"references":218,"days_to_patch":47},"CVE-2024-8519","ultimate-member-authenticated-contributor-stored-cross-site-scripting","Ultimate Member \u003C= 2.8.6 - Authenticated (Contributor+) Stored Cross-Site Scripting","The Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'um_loggedin' shortcode in all versions up to, and including, 2.8.6 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.",[219],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F9e394bb2-d505-4bf1-b672-fea3504bf936?source=api-prod",{"id":221,"url_slug":222,"title":223,"description":224,"plugin_slug":4,"theme_slug":38,"affected_versions":225,"patched_in_version":226,"severity":40,"cvss_score":227,"cvss_vector":228,"vuln_type":43,"published_date":229,"updated_date":230,"references":231,"days_to_patch":233},"CVE-2024-2765","ultimate-member-authenticated-subscriber-stored-cross-site-scripting","Ultimate Member \u003C= 2.8.4 - Authenticated (Subscriber+) Stored Cross-Site Scripting","The Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Skype and Spotify URL parameters in all versions up to, and including, 2.8.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with subscriber-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.","\u003C=2.8.4","2.8.5",5.4,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:N\u002FS:U\u002FC:L\u002FI:L\u002FA:N","2024-04-10 00:00:00","2025-01-31 20:30:19",[232],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F86ddd5fd-137b-478e-952e-b36fc6a5c28d?source=api-prod",297,{"id":235,"url_slug":236,"title":237,"description":238,"plugin_slug":4,"theme_slug":38,"affected_versions":239,"patched_in_version":240,"severity":55,"cvss_score":125,"cvss_vector":241,"vuln_type":43,"published_date":242,"updated_date":243,"references":244,"days_to_patch":246},"CVE-2024-2123","ultimate-member-unauthenticated-stored-cross-site-scripting","Ultimate Member \u003C= 2.8.3 - Unauthenticated Stored Cross-Site Scripting","The Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the several parameters in all versions up to, and including, 2.8.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.","\u003C=2.8.3","2.8.4","CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:N\u002FS:C\u002FC:L\u002FI:L\u002FA:N","2024-03-08 00:00:00","2024-03-13 09:35:14",[245],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fc8bc1653-8fee-468a-bb6d-f24959846ee5?source=api-prod",5,{"id":248,"url_slug":249,"title":250,"description":251,"plugin_slug":4,"theme_slug":38,"affected_versions":252,"patched_in_version":253,"severity":254,"cvss_score":255,"cvss_vector":256,"vuln_type":142,"published_date":257,"updated_date":258,"references":259,"days_to_patch":261},"CVE-2024-1071","ultimate-member-user-profile-registration-login-member-directory-content-restriction-membership-plugin-unauthenticated-s","Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin 2.1.3 - 2.8.2 - Unauthenticated SQL Injection","The Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin plugin for WordPress is vulnerable to SQL Injection via the 'sorting' parameter in versions 2.1.3 to 2.8.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query.  This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.",">=2.1.3 \u003C=2.8.2","2.8.3","critical",9.8,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:N\u002FS:U\u002FC:H\u002FI:H\u002FA:H","2024-02-23 00:00:00","2024-03-13 15:26:32",[260],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F005fa621-3c49-4c23-add5-d6b7a9110055?source=api-prod",20,{"id":263,"url_slug":264,"title":265,"description":266,"plugin_slug":4,"theme_slug":38,"affected_versions":267,"patched_in_version":268,"severity":40,"cvss_score":112,"cvss_vector":269,"vuln_type":208,"published_date":270,"updated_date":271,"references":272,"days_to_patch":274},"WF-f5b08a10-f6bc-44a0-865a-5ad71a1772f7-ultimate-member","ultimate-member-user-profile-registration-login-member-directory-content-restriction-membership-plugin-cross-site-reques","Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin \u003C= 2.6.8 - Cross-Site Request Forgery","The Ultimate Member plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.6.8. This is due to missing or incorrect nonce validation on the admin_init function. This makes it possible for unauthenticated attackers to invoke select functions using the 'um_admin_do_action__' hook via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.","\u003C=2.6.8","2.6.9","CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:R\u002FS:U\u002FC:N\u002FI:L\u002FA:N","2023-08-08 00:00:00","2024-01-22 19:56:02",[273],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Ff5b08a10-f6bc-44a0-865a-5ad71a1772f7?source=api-prod",168,{"id":276,"url_slug":277,"title":278,"description":279,"plugin_slug":4,"theme_slug":38,"affected_versions":280,"patched_in_version":281,"severity":254,"cvss_score":255,"cvss_vector":256,"vuln_type":282,"published_date":283,"updated_date":271,"references":284,"days_to_patch":286},"CVE-2023-3460","ultimate-member-privilege-escalation-via-arbitrary-user-meta-updates","Ultimate Member \u003C= 2.6.6 - Privilege Escalation via Arbitrary User Meta Updates","The Ultimate Member plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 2.6.6. This is due to the plugin using a predefined list of user meta keys that are banned which can be bypassed via a few method like adding slashes to the user meta key. This makes it possible for unauthenticated attackers to register on a site as an administrator.","\u003C=2.6.6","2.6.7","Incorrect Privilege Assignment","2023-06-29 00:00:00",[285],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F4b0e763e-f03e-41fb-8c6c-4de5d3acae00?source=api-prod",208,{"id":288,"url_slug":289,"title":290,"description":291,"plugin_slug":4,"theme_slug":38,"affected_versions":292,"patched_in_version":293,"severity":40,"cvss_score":112,"cvss_vector":269,"vuln_type":208,"published_date":294,"updated_date":271,"references":295,"days_to_patch":297},"CVE-2023-31216","ultimate-member-cross-site-request-forgery-to-form-duplication","Ultimate Member \u003C= 2.6.0 - Cross-Site Request Forgery to Form Duplication","The Ultimate Member plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.6.0. This is due to missing or incorrect nonce validation on the duplicate_form function. This makes it possible for unauthenticated attackers to duplicate forms created with the plugin via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.","\u003C=2.6.0","2.6.1","2023-05-30 00:00:00",[296],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F97ced4ed-915b-4234-b59d-75db983f90e8?source=api-prod",238,{"id":299,"url_slug":300,"title":301,"description":302,"plugin_slug":4,"theme_slug":38,"affected_versions":303,"patched_in_version":304,"severity":40,"cvss_score":305,"cvss_vector":306,"vuln_type":307,"published_date":308,"updated_date":271,"references":309,"days_to_patch":311},"CVE-2022-2445","ultimate-member-user-profile-user-registration-login-membership-plugin-authenticated-admin-directory-traversal","Ultimate Member – User Profile, User Registration, Login & Membership Plugin \u003C= 2.5.0 - Authenticated (Admin+) Directory Traversal","The Ultimate Member plugin for WordPress is vulnerable to directory traversal in versions up to, and including 2.5.0 due to insufficient input validation on the 'pack' parameter. This makes it possible for attackers with administrative privileges to supply arbitrary paths using traversal (..\u002F..\u002F) to access and include files outside of the intended directory. If an attacker can successfully upload a file with the exact name 'init.php' then remote code execution may also be possible.",">=1.0 \u003C=2.5.0","2.5.1",4.7,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:H\u002FUI:N\u002FS:U\u002FC:L\u002FI:L\u002FA:L","Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')","2022-10-28 00:00:00",[310],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F04cd8da4-9da3-4c80-a77e-c2f792391593?source=api-prod",452,{"id":313,"url_slug":314,"title":315,"description":316,"plugin_slug":4,"theme_slug":38,"affected_versions":317,"patched_in_version":304,"severity":40,"cvss_score":112,"cvss_vector":318,"vuln_type":307,"published_date":308,"updated_date":271,"references":319,"days_to_patch":311},"CVE-2022-3361","ultimate-member-user-profile-user-registration-login-membership-plugin-authenticated-contributor-directory-traversal-via","Ultimate Member – User Profile, User Registration, Login & Membership Plugin \u003C= 2.5.0 - Authenticated (Contributor+) Directory Traversal via Shortcodes","The Ultimate Member plugin for WordPress is vulnerable to directory traversal in versions up to, and including 2.5.0 due to insufficient input validation on the 'template' attribute used in shortcodes. This makes it possible for attackers with administrative privileges to supply arbitrary paths using traversal (..\u002F..\u002F) to access and include files outside of the intended directory. If an attacker can successfully upload a php file then remote code execution via inclusion may also be possible. Note: for users with less than administrative capabilities, \u002Fwp-admin access needs to be enabled for that user in order for this to be exploitable by those users.","\u003C=2.5.0","CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:N\u002FS:U\u002FC:L\u002FI:N\u002FA:N",[320],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F8c7d5fbe-d272-46d4-9b33-889ba77dcc52?source=api-prod",{"id":322,"url_slug":323,"title":324,"description":325,"plugin_slug":4,"theme_slug":38,"affected_versions":317,"patched_in_version":304,"severity":55,"cvss_score":125,"cvss_vector":126,"vuln_type":127,"published_date":308,"updated_date":271,"references":326,"days_to_patch":311},"CVE-2022-3384","ultimate-member-user-profile-user-registration-login-membership-plugin-authenticated-admin-limited-remote-code-execution","Ultimate Member – User Profile, User Registration, Login & Membership Plugin \u003C= 2.5.0 - Authenticated (Admin+) Limited Remote Code Execution via um_populate_dropdown_options","The Ultimate Member plugin for WordPress is vulnerable to Remote Code Execution in versions up to, and including, 2.5.0 via the populate_dropdown_options function that accepts user supplied input and passes it through call_user_func(). This is restricted to non-parameter PHP functions like phpinfo(); since user supplied parameters are not passed through the function. This makes it possible for authenticated attackers, with administrative privileges, to execute code on the server.",[327],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fcdcdbba7-8280-457b-a511-66a486978a31?source=api-prod",{"id":329,"url_slug":330,"title":331,"description":332,"plugin_slug":4,"theme_slug":38,"affected_versions":317,"patched_in_version":304,"severity":55,"cvss_score":125,"cvss_vector":126,"vuln_type":127,"published_date":308,"updated_date":271,"references":333,"days_to_patch":311},"CVE-2022-3383","ultimate-member-user-profile-user-registration-login-membership-plugin-authenticated-admin-remote-code-execution-via-mul","Ultimate Member – User Profile, User Registration, Login & Membership Plugin \u003C= 2.5.0 - Authenticated (Admin+) Remote Code Execution via Multi-Select","The Ultimate Member plugin for WordPress is vulnerable to Remote Code Execution in versions up to, and including, 2.5.0 via the get_option_value_from_callback function that accepts user supplied input and passes it through call_user_func(). This makes it possible for authenticated attackers, with administrative capabilities, to execute code on the server.",[334],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fed28fe16-0835-4e94-a30e-305e7ba03740?source=api-prod",{"id":336,"url_slug":337,"title":338,"description":339,"plugin_slug":4,"theme_slug":38,"affected_versions":340,"patched_in_version":341,"severity":40,"cvss_score":227,"cvss_vector":342,"vuln_type":43,"published_date":343,"updated_date":271,"references":344,"days_to_patch":346},"WF-45f32160-36eb-4d66-a6a6-a3d6f2f7bf1a-ultimate-member","ultimate-member-subscriber-stored-cross-site-scripting","Ultimate Member \u003C= 2.4.0 - Subscriber+ Stored Cross-Site Scripting","The Ultimate Member plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘website’ parameter in versions up to, and including, 2.4.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user clicks on the username of an affected user.",">=2.4.0 \u003C=2.4.0","2.4.1","CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:R\u002FS:C\u002FC:L\u002FI:L\u002FA:N","2022-07-15 00:00:00",[345],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F45f32160-36eb-4d66-a6a6-a3d6f2f7bf1a?source=api-prod",557,{"id":348,"url_slug":349,"title":350,"description":351,"plugin_slug":4,"theme_slug":38,"affected_versions":352,"patched_in_version":353,"severity":55,"cvss_score":140,"cvss_vector":141,"vuln_type":93,"published_date":354,"updated_date":271,"references":355,"days_to_patch":357},"WF-f4832fbb-94ed-41c4-8434-1972f4d92476-ultimate-member","ultimate-member-username-enumeration","Ultimate Member \u003C= 2.4.1 - Username Enumeration","The Ultimate Member plugin for WordPress is vulnerable to Username Enumeration in versions up to, and including, 2.4.1 via the um_get_members ajax action. This allows unauthenticated attackers to obtain a list of users including user names on that site.","\u003C=2.4.1","2.4.2","2022-07-14 00:00:00",[356],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Ff4832fbb-94ed-41c4-8434-1972f4d92476?source=api-prod",558,{"id":359,"url_slug":360,"title":361,"description":362,"plugin_slug":4,"theme_slug":38,"affected_versions":363,"patched_in_version":364,"severity":40,"cvss_score":112,"cvss_vector":269,"vuln_type":365,"published_date":366,"updated_date":271,"references":367,"days_to_patch":369},"CVE-2022-1209","ultimate-member-arbitrary-redirect","Ultimate Member \u003C= 2.3.1 - Arbitrary Redirect","The Ultimate Member plugin for WordPress is vulnerable to arbitrary redirects due to insufficient validation on supplied URLs in the social fields of the Profile Page, which makes it possible for attackers to redirect unsuspecting victims in versions up to, and including, 2.3.1.","\u003C=2.3.1","2.3.2","URL Redirection to Untrusted Site ('Open Redirect')","2022-04-29 00:00:00",[368],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fd638120b-5396-408b-8273-d003ff9dd01d?source=api-prod",634,{"id":371,"url_slug":372,"title":373,"description":374,"plugin_slug":4,"theme_slug":38,"affected_versions":375,"patched_in_version":376,"severity":40,"cvss_score":41,"cvss_vector":42,"vuln_type":43,"published_date":377,"updated_date":271,"references":378,"days_to_patch":380},"CVE-2022-1208","ultimate-member-stored-cross-site-scripting","Ultimate Member \u003C= 2.3.2 - Stored Cross-Site Scripting","The Ultimate Member plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Biography field featured on individual user profile pages due to insufficient input sanitization and output escaping that allows users to encode malicious web scripts with HTML encoding that is reflected back on the page. This affects versions up to, and including, 2.3.2. Please note this issue was only partially fixed in version 2.3.2.","\u003C=2.3.2","2.4.0","2022-03-21 00:00:00",[379],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F93cf6dce-892e-4106-bb37-b7952e5ea5a1?source=api-prod",673,{"id":382,"url_slug":383,"title":384,"description":385,"plugin_slug":4,"theme_slug":38,"affected_versions":386,"patched_in_version":387,"severity":40,"cvss_score":68,"cvss_vector":69,"vuln_type":43,"published_date":388,"updated_date":271,"references":389,"days_to_patch":391},"CVE-2021-24306","ultimate-member-reflected-cross-site-scripting-3","Ultimate Member \u003C= 2.1.19 - Reflected Cross-Site Scripting","The Ultimate Member – User Profile, User Registration, Login & Membership Plugin WordPress plugin before 2.1.20 did not properly sanitise, validate or encode the query string when generating a link to edit user's own profile, leading to an authenticated reflected Cross-Site Scripting issue. Knowledge of the targeted username is required to exploit this, and attackers would then need to make the related logged in user open a malicious link.","\u003C2.1.20","2.1.20","2021-05-07 00:00:00",[390],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fc340b7c0-35ab-4707-a999-261a721a9a37?source=api-prod",991,{"id":393,"url_slug":394,"title":395,"description":396,"plugin_slug":4,"theme_slug":38,"affected_versions":397,"patched_in_version":398,"severity":40,"cvss_score":399,"cvss_vector":400,"vuln_type":43,"published_date":401,"updated_date":271,"references":402,"days_to_patch":404},"CVE-2020-36170","ultimate-member-cross-site-scripting-8","Ultimate Member \u003C= 2.1.12 - Cross-Site Scripting","The Ultimate Member plugin before 2.1.13 for WordPress mishandles hidden name=\"timestamp\" fields in forms.","\u003C2.1.13","2.1.13",6.5,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:N\u002FS:U\u002FC:L\u002FI:L\u002FA:N","2020-12-09 00:00:00",[403],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fbd46a2c3-f24d-4dff-b899-a95acb6310f7?source=api-prod",1140,{"id":406,"url_slug":407,"title":408,"description":409,"plugin_slug":4,"theme_slug":38,"affected_versions":410,"patched_in_version":411,"severity":254,"cvss_score":132,"cvss_vector":412,"vuln_type":413,"published_date":414,"updated_date":271,"references":415,"days_to_patch":417},"CVE-2020-36157","ultimate-member-unauthenticated-privilege-escalation-via-user-roles","Ultimate Member \u003C= 2.1.11 - Unauthenticated Privilege Escalation via User Roles","An issue was discovered in the Ultimate Member plugin before 2.1.12 for WordPress, aka Unauthenticated Privilege Escalation via User Roles. Due to the lack of filtering on the role parameter that could be supplied during the registration process, an attacker could supply the role parameter with a WordPress capability (or any custom Ultimate Member role) and effectively be granted those privileges.","\u003C2.1.12","2.1.12","CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:N\u002FS:C\u002FC:H\u002FI:H\u002FA:H","Improper Privilege Management","2020-11-09 00:00:00",[416],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F1081eeb1-3240-478d-8679-7bf9293b5a95?source=api-prod",1170,{"id":419,"url_slug":420,"title":421,"description":422,"plugin_slug":4,"theme_slug":38,"affected_versions":410,"patched_in_version":411,"severity":254,"cvss_score":132,"cvss_vector":412,"vuln_type":413,"published_date":414,"updated_date":271,"references":423,"days_to_patch":417},"CVE-2020-36155","ultimate-member-unauthenticated-privilege-escalation-via-user-meta","Ultimate Member \u003C= 2.1.11 - Unauthenticated Privilege Escalation via User Meta","An issue was discovered in the Ultimate Member plugin before 2.1.12 for WordPress, aka Unauthenticated Privilege Escalation via User Meta. An attacker could supply an array parameter for sensitive metadata, such as the wp_capabilities user meta that defines a user's role. During the registration process, submitted registration details were passed to the update_profile function, and any metadata was accepted, e.g., wp_capabilities[administrator] for Administrator access.",[424],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fef2ac5c8-9e76-40b8-a2a4-8cb4291871f2?source=api-prod",{"id":426,"url_slug":427,"title":428,"description":429,"plugin_slug":4,"theme_slug":38,"affected_versions":410,"patched_in_version":411,"severity":254,"cvss_score":430,"cvss_vector":431,"vuln_type":413,"published_date":414,"updated_date":271,"references":432,"days_to_patch":417},"CVE-2020-36156","ultimate-member-authenticated-privilege-escalation-via-profile-update","Ultimate Member \u003C= 2.1.11 - Authenticated Privilege Escalation via Profile Update","An issue was discovered in the Ultimate Member plugin before 2.1.12 for WordPress, aka Authenticated Privilege Escalation via Profile Update. Any user with wp-admin access to the profile.php page could supply the parameter um-role with a value set to any role (e.g., Administrator) during a profile update, and effectively escalate their privileges.",9.9,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:N\u002FS:C\u002FC:H\u002FI:H\u002FA:H",[433],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Ff3805936-675e-474f-a3f7-acea69bd72f0?source=api-prod",{"id":435,"url_slug":436,"title":437,"description":438,"plugin_slug":4,"theme_slug":38,"affected_versions":439,"patched_in_version":440,"severity":40,"cvss_score":68,"cvss_vector":69,"vuln_type":365,"published_date":441,"updated_date":271,"references":442,"days_to_patch":444},"WF-db3b206d-16c5-48fb-800d-d017a0c76630-ultimate-member","ultimate-member-open-redirect","Ultimate Member \u003C= 2.1.6 - Open Redirect","The Ultimate Member plugin for WordPress is vulnerable to open redirects in versions up to, and including, 2.1.6 This is due to insufficient redirect location validation which makes it possible for unauthenticated attackers to trick victims into accessing malicious sites granted they can trick the victim into performing an action such as clicking on a link.","\u003C2.1.7","2.1.7","2020-07-23 00:00:00",[443],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fdb3b206d-16c5-48fb-800d-d017a0c76630?source=api-prod",1279,{"id":446,"url_slug":447,"title":448,"description":449,"plugin_slug":4,"theme_slug":38,"affected_versions":450,"patched_in_version":451,"severity":40,"cvss_score":91,"cvss_vector":207,"vuln_type":413,"published_date":452,"updated_date":271,"references":453,"days_to_patch":455},"CVE-2020-6859","ultimate-member-insecure-direct-object-reference-2","Ultimate Member \u003C= 2.1.2 - Insecure Direct Object Reference","Multiple Insecure Direct Object Reference vulnerabilities in includes\u002Fcore\u002Fclass-files.php in the Ultimate Member plugin through 2.1.2 for WordPress allow remote attackers to change other users' profiles and cover photos via a modified user_id parameter. This is related to ajax_image_upload and ajax_resize_image.","\u003C2.1.3","2.1.3","2020-01-13 00:00:00",[454],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F65a0033d-2266-429c-aab2-80bd46c93b91?source=api-prod",1471,{"id":457,"url_slug":458,"title":459,"description":460,"plugin_slug":4,"theme_slug":38,"affected_versions":461,"patched_in_version":462,"severity":40,"cvss_score":68,"cvss_vector":69,"vuln_type":43,"published_date":463,"updated_date":271,"references":464,"days_to_patch":466},"CVE-2018-0585","ultimate-member-cross-site-scripting","Ultimate Member \u003C= 1.3.88 - Cross Site Scripting","Cross-site scripting vulnerability in Ultimate Member plugin prior to version 2.0.4 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.","\u003C=1.3.88","2.0.4","2019-08-12 00:00:00",[465],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F0549acd5-686b-4505-af68-f3f854096f63?source=api-prod",1625,{"id":468,"url_slug":469,"title":470,"description":471,"plugin_slug":4,"theme_slug":38,"affected_versions":472,"patched_in_version":462,"severity":40,"cvss_score":112,"cvss_vector":318,"vuln_type":307,"published_date":463,"updated_date":271,"references":473,"days_to_patch":466},"CVE-2018-0586","ultimate-member-directory-traversal-2","Ultimate Member \u003C= 2.0.3 - Directory Traversal","Directory traversal vulnerability in the shortcodes function of Ultimate Member plugin prior to version 2.0.4 for WordPress allows remote authenticated attackers to read arbitrary files via unspecified vectors.","\u003C2.0.4",[474],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Ff24cfefe-f671-456d-a378-44a41fc81c0e?source=api-prod",{"id":476,"url_slug":477,"title":478,"description":479,"plugin_slug":4,"theme_slug":38,"affected_versions":480,"patched_in_version":462,"severity":40,"cvss_score":68,"cvss_vector":69,"vuln_type":43,"published_date":463,"updated_date":271,"references":481,"days_to_patch":466},"CVE-2018-20965","ultimate-member-cross-site-scripting-9","Ultimate Member \u003C= 2.0.3 - Cross Site Scripting","The ultimate-member plugin before 2.0.4 for WordPress has XSS.","\u003C=2.0.3",[482],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Ff9b6c62f-b53f-44f7-8fe2-22bac0074f9d?source=api-prod",{"id":484,"url_slug":485,"title":486,"description":487,"plugin_slug":4,"theme_slug":38,"affected_versions":488,"patched_in_version":489,"severity":40,"cvss_score":41,"cvss_vector":42,"vuln_type":43,"published_date":490,"updated_date":271,"references":491,"days_to_patch":493},"CVE-2019-14945","ultimate-member-cross-site-scripting-3","Ultimate Member \u003C= 2.0.53 - Cross-Site Scripting","The ultimate-member plugin before 2.0.54 for WordPress has XSS.","\u003C=2.0.53","2.0.54","2019-07-22 00:00:00",[492],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F6eedf009-116c-4a98-8b84-e01bd35e7e60?source=api-prod",1646,{"id":495,"url_slug":496,"title":497,"description":498,"plugin_slug":4,"theme_slug":38,"affected_versions":499,"patched_in_version":500,"severity":40,"cvss_score":227,"cvss_vector":342,"vuln_type":43,"published_date":501,"updated_date":271,"references":502,"days_to_patch":504},"CVE-2019-14947","ultimate-member-cross-site-request-forgery-and-stored-cross-site-scripting","Ultimate Member \u003C= 2.0.51 - Cross-Site Request Forgery and Stored Cross-Site Scripting","The ultimate-member plugin before 2.0.52 for WordPress has XSS during an account upgrade.","\u003C=2.0.51","2.0.52","2019-06-24 00:00:00",[503],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Facbe1c36-04e7-49af-90fa-d8acbe351b57?source=api-prod",1674,{"id":506,"url_slug":507,"title":497,"description":508,"plugin_slug":4,"theme_slug":38,"affected_versions":499,"patched_in_version":500,"severity":40,"cvss_score":68,"cvss_vector":69,"vuln_type":43,"published_date":501,"updated_date":271,"references":509,"days_to_patch":504},"CVE-2019-14946","ultimate-member-cross-site-request-forgery-and-stored-cross-site-scripting-2","The ultimate-member plugin before 2.0.52 for WordPress has XSS related to UM Roles create and edit operations.",[510],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fbf238e9d-be91-4c9a-8506-ee01927f5173?source=api-prod",{"id":512,"url_slug":513,"title":514,"description":515,"plugin_slug":4,"theme_slug":38,"affected_versions":516,"patched_in_version":517,"severity":40,"cvss_score":112,"cvss_vector":113,"vuln_type":195,"published_date":518,"updated_date":271,"references":519,"days_to_patch":521},"CVE-2019-10271","ultimate-member-unauthorized-profile-modification","Ultimate Member \u003C= 2.0.39 - Unauthorized Profile Modification","An issue was discovered in the Ultimate Member plugin 2.0.39 for WordPress. It allows unauthorized profile and cover picture modification. It is possible to modify the profile and cover picture of any user once one is connected. One can also modify the profiles and cover pictures of privileged users. To perform such a modification, one first needs to (for example) intercept an upload-picture request and modify the user_id parameter.","\u003C=2.0.39","2.0.40","2019-06-15 00:00:00",[520],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F00b4b903-4682-458b-9681-751179460b75?source=api-prod",1683,{"id":523,"url_slug":524,"title":525,"description":526,"plugin_slug":4,"theme_slug":38,"affected_versions":516,"patched_in_version":517,"severity":55,"cvss_score":527,"cvss_vector":528,"vuln_type":413,"published_date":518,"updated_date":271,"references":529,"days_to_patch":521},"CVE-2019-10270","ultimate-member-privilege-escalation","Ultimate Member \u003C= 2.0.39 - Privilege Escalation","An arbitrary password reset issue was discovered in the Ultimate Member plugin 2.0.39 for WordPress. It is possible (due to lack of verification and correlation between the reset password key sent by mail and the user_id parameter) to reset the password of another user. One only needs to know the user_id, which is publicly available. One just has to intercept the password modification request and modify user_id. It is possible to modify the passwords for any users or admin WordPress Ultimate Members. This could lead to account compromise and privilege escalation.",8.8,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:N\u002FS:U\u002FC:H\u002FI:H\u002FA:H",[530],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fe556d8c9-3ca5-4bec-a840-7a6d67532e59?source=api-prod",{"id":532,"url_slug":533,"title":534,"description":535,"plugin_slug":4,"theme_slug":38,"affected_versions":536,"patched_in_version":537,"severity":40,"cvss_score":538,"cvss_vector":539,"vuln_type":43,"published_date":540,"updated_date":271,"references":541,"days_to_patch":543},"WF-4890ec6f-ba73-48bd-8dd7-f896d6b4a140-ultimate-member","ultimate-member-admin-stored-cross-site-scripting","Ultimate Member \u003C= 2.0.45 - Admin+ Stored Cross-Site Scripting","The Ultimate Member plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the several of the plugin's form parameter in versions up to, and including,2.0.45 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers with administrative level capabilities to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled.","\u003C2.0.46","2.0.46",5.5,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:H\u002FUI:N\u002FS:C\u002FC:L\u002FI:L\u002FA:N","2019-05-13 00:00:00",[542],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F4890ec6f-ba73-48bd-8dd7-f896d6b4a140?source=api-prod",1716,{"id":545,"url_slug":546,"title":547,"description":548,"plugin_slug":4,"theme_slug":38,"affected_versions":549,"patched_in_version":537,"severity":254,"cvss_score":550,"cvss_vector":551,"vuln_type":307,"published_date":540,"updated_date":271,"references":552,"days_to_patch":543},"WF-618f644b-a92c-4f7f-aaea-c03ee7d6e0f9-ultimate-member","ultimate-member-user-profile-user-registration-login-membership-plugin-arbitrary-file-deletionread","Ultimate Member – User Profile, User Registration, Login & Membership Plugin \u003C= 2.0.45 - Arbitrary File Deletion\u002FRead","The Ultimate Member – User Profile, User Registration, Login & Membership Plugin plugin for WordPress is vulnerable to arbitrary file deletion and reading when the file upload functionality is enabled for the user profile and registration forms in versions up to, and including 2.0.45. This is due to the fact that the plugin did not perform sufficient file path validation or restrict the files that users had access to when performing a file download or deletion. This makes it possible for low-level privileged attackers to delete arbitrary files such as the wp-config.php file and ultimately achieve remote code execution.","\u003C=2.0.45",9.4,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:N\u002FS:U\u002FC:H\u002FI:H\u002FA:L",[553],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F618f644b-a92c-4f7f-aaea-c03ee7d6e0f9?source=api-prod",{"id":555,"url_slug":556,"title":557,"description":558,"plugin_slug":4,"theme_slug":38,"affected_versions":549,"patched_in_version":537,"severity":40,"cvss_score":41,"cvss_vector":42,"vuln_type":43,"published_date":540,"updated_date":271,"references":559,"days_to_patch":543},"WF-d0c0562f-1f3b-4630-bbc5-4ea2985d71d1-ultimate-member","ultimate-member-low-privileged-stored-cross-site-scripting","Ultimate Member \u003C= 2.0.45 - Low-Privileged Stored Cross-Site Scripting","The Ultimate Member plugin for WordPress is vulnerable to Stored Cross-Site Scripting via an uploaded file's name from a user profile upload in versions up to, and including, 2.0.45 due to insufficient input sanitization and output escaping. This makes it possible for low-level authenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.",[560],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fd0c0562f-1f3b-4630-bbc5-4ea2985d71d1?source=api-prod",{"id":562,"url_slug":563,"title":564,"description":565,"plugin_slug":4,"theme_slug":38,"affected_versions":566,"patched_in_version":517,"severity":55,"cvss_score":527,"cvss_vector":567,"vuln_type":208,"published_date":568,"updated_date":271,"references":569,"days_to_patch":571},"CVE-2019-10673","ultimate-member-cross-site-request-forgery-2","Ultimate Member \u003C= 2.0.39 - Cross-Site Request Forgery","A CSRF vulnerability in a logged-in user's profile edit form in the Ultimate Member plugin before 2.0.40 for WordPress allows attackers to become admin and subsequently extract sensitive information and execute arbitrary code. This occurs because the attacker can change the e-mail address in the administrator profile, and then the attacker is able to reset the administrator password using the WordPress \"password forget\" form.","\u003C2.0.40","CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:R\u002FS:U\u002FC:H\u002FI:H\u002FA:H","2019-04-01 00:00:00",[570],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Ffa0881ab-d731-4e57-8323-c49b9306bf50?source=api-prod",1758,{"id":573,"url_slug":574,"title":575,"description":576,"plugin_slug":4,"theme_slug":38,"affected_versions":577,"patched_in_version":578,"severity":40,"cvss_score":68,"cvss_vector":69,"vuln_type":208,"published_date":579,"updated_date":271,"references":580,"days_to_patch":582},"WF-a2e1948a-9513-43e4-aadd-369a7f4dc137-ultimate-member","ultimate-member-cross-site-request-forgery","Ultimate Member \u003C= 2.0.32 - Cross-Site Request Forgery","The Ultimate Member plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.0.32. This is due to missing or incorrect nonce validation on several functions. This makes it possible for unauthenticated attackers to execute arbitrary actions via forged requests granted they can trick a site administrator into performing an action such as clicking on a link.","\u003C=2.0.32","2.0.33","2018-11-27 00:00:00",[581],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fa2e1948a-9513-43e4-aadd-369a7f4dc137?source=api-prod",1883,{"id":584,"url_slug":585,"title":586,"description":587,"plugin_slug":4,"theme_slug":38,"affected_versions":588,"patched_in_version":589,"severity":40,"cvss_score":68,"cvss_vector":69,"vuln_type":43,"published_date":590,"updated_date":271,"references":591,"days_to_patch":593},"CVE-2018-17866","ultimate-member-multiple-cross-site-scripting-vulnerabilities","Ultimate Member \u003C= 2.0.27 - Multiple Cross-Site Scripting vulnerabilities","Multiple cross-site scripting (XSS) vulnerabilities in includes\u002Fcore\u002Fum-actions-login.php in the \"Ultimate Member - User Profile & Membership\" plugin before 2.0.28 for WordPress allow remote attackers to inject arbitrary web script or HTML via the \"Primary button Text\" or \"Second button text\" field.","\u003C=2.0.27","2.0.28","2018-10-06 00:00:00",[592],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fbaab325d-58c2-446b-af70-6951eeef3bb1?source=api-prod",1935,{"id":595,"url_slug":596,"title":597,"description":598,"plugin_slug":4,"theme_slug":38,"affected_versions":599,"patched_in_version":600,"severity":40,"cvss_score":68,"cvss_vector":69,"vuln_type":43,"published_date":601,"updated_date":271,"references":602,"days_to_patch":604},"WF-b1be1928-a278-48d5-beb2-00e3c8df3fa9-ultimate-member","ultimate-member-cross-site-scripting-6","Ultimate Member \u003C= 2.0.21 - Cross-Site Scripting","The Ultimate Member plugin for WordPress is vulnerable to Cross-Site Scripting in versions up to, and including, 2.0.21 due to insufficient input sanitization and output escaping. This makes it possible for attackers to inject arbitrary web scripts that execute in a victim's browser.","\u003C2.0.22","2.0.22","2018-08-09 00:00:00",[603],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fb1be1928-a278-48d5-beb2-00e3c8df3fa9?source=api-prod",1993,{"id":606,"url_slug":607,"title":608,"description":609,"plugin_slug":4,"theme_slug":38,"affected_versions":599,"patched_in_version":600,"severity":55,"cvss_score":527,"cvss_vector":528,"vuln_type":610,"published_date":611,"updated_date":271,"references":612,"days_to_patch":614},"WF-5143a2d2-504a-46b8-b82b-19beba4da64d-ultimate-member","ultimate-member-arbitrary-file-upload","Ultimate Member \u003C= 2.0.21 - Arbitrary File Upload","The Arbitrary File Upload plugin for WordPress is vulnerable to arbitrary file uploads in versions up to, and including, 2.0.21. This makes it possible for attackers to upload arbitrary files on the affected sites server which may make remote code execution possible.","Unrestricted Upload of File with Dangerous Type","2018-08-08 00:00:00",[613],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F5143a2d2-504a-46b8-b82b-19beba4da64d?source=api-prod",1994,{"id":616,"url_slug":617,"title":618,"description":619,"plugin_slug":4,"theme_slug":38,"affected_versions":620,"patched_in_version":621,"severity":40,"cvss_score":68,"cvss_vector":69,"vuln_type":43,"published_date":622,"updated_date":271,"references":623,"days_to_patch":625},"CVE-2018-13136","ultimate-member-authenticated-cross-site-scripting-2","Ultimate Member \u003C= 2.0.17 - Authenticated Cross-Site Scripting","The Ultimate Member (aka ultimatemember) plugin before 2.0.18 for WordPress has XSS via the wp-admin settings screen.","\u003C=2.0.17","2.0.18","2018-07-03 00:00:00",[624],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F561c8bcf-30b0-4ee6-b507-4cacf22c1e58?source=api-prod",2030,{"id":627,"url_slug":628,"title":629,"description":630,"plugin_slug":4,"theme_slug":38,"affected_versions":480,"patched_in_version":462,"severity":40,"cvss_score":112,"cvss_vector":113,"vuln_type":631,"published_date":632,"updated_date":271,"references":633,"days_to_patch":635},"CVE-2018-0589","ultimate-member-improper-access-control","Ultimate Member \u003C= 2.0.3 - Improper Access Control","Ultimate Member plugin prior to version 2.0.4 for WordPress allows remote authenticated attackers to bypass access restriction to add a new form in the 'Forms' page via unspecified vectors.","Improper Access Control","2018-05-14 00:00:00",[634],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fd3221af7-13ea-4c90-b2ca-75eb3d373ed3?source=api-prod",2080,{"id":637,"url_slug":638,"title":639,"description":640,"plugin_slug":4,"theme_slug":38,"affected_versions":472,"patched_in_version":462,"severity":40,"cvss_score":112,"cvss_vector":113,"vuln_type":641,"published_date":642,"updated_date":271,"references":643,"days_to_patch":645},"CVE-2018-0590","ultimate-member-insecure-direct-object-reference","Ultimate Member \u003C 2.0.4 - Insecure Direct Object Reference","The Ultimate Member plugin for WordPress is vulnerable to Insecure Direct Object Reference in versions prior to version 2.0.4. This is due to bypass access restriction via unspecified vectors. This makes it possible for authenticated attackers to modify the other users profiles via unspecified vectors.","Authorization Bypass Through User-Controlled Key","2018-05-10 00:00:00",[644],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F13033a3c-f020-4821-a7ad-bfcfca407df0?source=api-prod",2084,{"id":647,"url_slug":648,"title":649,"description":650,"plugin_slug":4,"theme_slug":38,"affected_versions":516,"patched_in_version":517,"severity":40,"cvss_score":112,"cvss_vector":318,"vuln_type":307,"published_date":642,"updated_date":271,"references":651,"days_to_patch":645},"CVE-2018-0588","ultimate-member-directory-traversal","Ultimate Member \u003C= 2.0.39 - Directory Traversal","Directory traversal vulnerability in the AJAX function of Ultimate Member plugin prior to version 2.0.4 for WordPress allows remote attackers to read arbitrary files via unspecified vectors.",[652],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F3cec3799-cf44-412b-8590-b8fc60c58535?source=api-prod",{"id":654,"url_slug":655,"title":656,"description":657,"plugin_slug":4,"theme_slug":38,"affected_versions":472,"patched_in_version":462,"severity":40,"cvss_score":112,"cvss_vector":113,"vuln_type":610,"published_date":642,"updated_date":271,"references":658,"days_to_patch":645},"CVE-2018-0587","ultimate-member-authenticated-unrestricted-file-upload","Ultimate Member \u003C 2.0.4 - Authenticated Unrestricted File Upload","The Ultimate Member plugin for WordPress is vulnerable to unrestricted file uploads in versions prior to version 2.0.4. This makes it possible for authenticated attackers to upload arbitrary image files via unspecified vectors.",[659],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fbc2af96c-09c5-4ddf-a910-04291aeeef49?source=api-prod",{"id":661,"url_slug":662,"title":663,"description":664,"plugin_slug":4,"theme_slug":38,"affected_versions":665,"patched_in_version":666,"severity":40,"cvss_score":538,"cvss_vector":539,"vuln_type":43,"published_date":667,"updated_date":271,"references":668,"days_to_patch":670},"CVE-2018-10234","ultimate-member-authenticated-cross-site-scripting","Ultimate Member \u003C= 2.0.10 - Authenticated Cross-Site Scripting","Authenticated Cross site Scripting exists in the User Profile & Membership plugin before 2.0.11 for WordPress via the \"Account Deletion Custom Text\" input field on the wp-admin\u002Fadmin.php?page=um_options&section=account page.","\u003C2.0.11","2.0.11","2018-04-23 00:00:00",[669],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F244a23a2-8899-4ab4-8f8d-62756e4ea56b?source=api-prod",2101,{"id":672,"url_slug":673,"title":674,"description":675,"plugin_slug":4,"theme_slug":38,"affected_versions":676,"patched_in_version":677,"severity":55,"cvss_score":527,"cvss_vector":567,"vuln_type":208,"published_date":667,"updated_date":271,"references":678,"days_to_patch":670},"CVE-2018-10233","ultimate-member-multiple-cross-site-request-forgery-issues","Ultimate Member \u003C= 2.0.6 - Multiple Cross-Site Request Forgery Issues","The User Profile & Membership plugin before 2.0.7 for WordPress has no mitigations implemented against cross site request forgery attacks. This is a structural finding throughout the entire plugin.","\u003C2.0.7","2.0.7",[679],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F9742a4d0-34b0-4f7f-aa2b-a6f7cb6aacd4?source=api-prod",{"id":681,"url_slug":682,"title":683,"description":684,"plugin_slug":4,"theme_slug":38,"affected_versions":472,"patched_in_version":462,"severity":40,"cvss_score":68,"cvss_vector":69,"vuln_type":43,"published_date":685,"updated_date":271,"references":686,"days_to_patch":688},"CVE-2018-6943","ultimate-member-cross-site-scripting-2","Ultimate Member \u003C= 2.0.3 - Cross-Site Scripting","core\u002Flib\u002Fupload\u002Fum-image-upload.php in the UltimateMember plugin 2.0 for WordPress has a cross-site scripting vulnerability because it fails to properly sanitize user input passed to the $temp variable.","2018-02-14 00:00:00",[687],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F43b5a321-c82e-4d0b-9def-b74c3cf439d3?source=api-prod",2169,{"id":690,"url_slug":691,"title":692,"description":693,"plugin_slug":4,"theme_slug":38,"affected_versions":694,"patched_in_version":462,"severity":40,"cvss_score":68,"cvss_vector":69,"vuln_type":43,"published_date":685,"updated_date":271,"references":695,"days_to_patch":688},"CVE-2018-6944","ultimate-member-cross-site-scripting-7","Ultimate Member \u003C= 2.0 - Cross-Site Scripting","core\u002Flib\u002Fupload\u002Fum-file-upload.php in the UltimateMember plugin 2.0 for WordPress has a cross-site scripting vulnerability because it fails to properly sanitize user input passed to the $temp variable.","\u003C=2.0",[696],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fb7162b78-65b7-4f80-83f0-47d9afc2ed65?source=api-prod",{"id":698,"url_slug":699,"title":700,"description":701,"plugin_slug":4,"theme_slug":38,"affected_versions":702,"patched_in_version":703,"severity":254,"cvss_score":255,"cvss_vector":256,"vuln_type":195,"published_date":704,"updated_date":271,"references":705,"days_to_patch":707},"WF-bab67a5c-3390-4423-8fa9-b5ffbc98324d-ultimate-member","ultimate-member-shortcode-injection","Ultimate Member \u003C= 1.3.83 - Shortcode Injection","The Ultimate Member plugin for WordPress is vulnerable to Executing Arbitrary WordPress Shortcodes in versions up to, and including, 1.3.83. This is due to 'ultimatemember_frontend_modal' AJAX action allowing for the execution of the 'do_shortcode()' function. This makes it possible for unauthenticated attackers to execute arbitrary shortcodes.","\u003C=1.3.83","1.3.84","2017-04-17 00:00:00",[706],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fbab67a5c-3390-4423-8fa9-b5ffbc98324d?source=api-prod",2472,{"id":709,"url_slug":710,"title":711,"description":712,"plugin_slug":4,"theme_slug":38,"affected_versions":713,"patched_in_version":714,"severity":254,"cvss_score":255,"cvss_vector":256,"vuln_type":195,"published_date":715,"updated_date":271,"references":716,"days_to_patch":718},"WF-8911642f-6061-42a1-b733-8cc44b2870f1-ultimate-member","ultimate-member-missing-authorization-to-password-reset","Ultimate Member \u003C= 1.3.75 - Missing Authorization to Password Reset","The Ultimate Member plugin for WordPress is vulnerable to authorization bypass due to a missing capability check in versions up to, and including, 1.3.75. This makes it possible for unauthenticated attackers to change the passwords of any user within the vulnerabilities scope.","\u003C=1.3.75","1.3.76","2016-12-06 00:00:00",[717],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F8911642f-6061-42a1-b733-8cc44b2870f1?source=api-prod",2604,{"id":720,"url_slug":721,"title":722,"description":723,"plugin_slug":4,"theme_slug":38,"affected_versions":724,"patched_in_version":725,"severity":254,"cvss_score":726,"cvss_vector":727,"vuln_type":728,"published_date":729,"updated_date":271,"references":730,"days_to_patch":732},"WF-cc046b72-692a-4980-90ad-26c8fc2a131a-ultimate-member","ultimate-member-local-file-inclusion","Ultimate Member \u003C= 1.3.64 - Local File Inclusion","The Ultimate Member plugin for WordPress is vulnerable to Local File Inclusion in versions up to, and including, 1.3.64 via the 'page' parameter. This allows unauthenticated attackers to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where images and other “safe” file types can be uploaded and included.","\u003C1.3.65","1.3.65",9.1,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:H\u002FUI:N\u002FS:C\u002FC:H\u002FI:H\u002FA:H","Improper Control of Filename for Include\u002FRequire Statement in PHP Program ('PHP Remote File Inclusion')","2016-07-10 00:00:00",[731],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fcc046b72-692a-4980-90ad-26c8fc2a131a?source=api-prod",2753,{"id":734,"url_slug":735,"title":736,"description":737,"plugin_slug":4,"theme_slug":38,"affected_versions":738,"patched_in_version":739,"severity":40,"cvss_score":68,"cvss_vector":69,"vuln_type":43,"published_date":740,"updated_date":271,"references":741,"days_to_patch":743},"CVE-2016-10872","ultimate-member-cross-site-scripting-5","Ultimate Member \u003C= 1.3.39 - Cross-Site Scripting","The ultimate-member plugin before 1.3.40 for WordPress has XSS on the login form.","\u003C1.3.40","1.3.40","2016-04-06 00:00:00",[742],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fa8d4dc12-ae17-477f-a8d2-da9747672a26?source=api-prod",2848,{"id":745,"url_slug":746,"title":747,"description":748,"plugin_slug":4,"theme_slug":38,"affected_versions":749,"patched_in_version":750,"severity":40,"cvss_score":68,"cvss_vector":69,"vuln_type":43,"published_date":751,"updated_date":271,"references":752,"days_to_patch":754},"CVE-2015-8354","ultimate-member-reflected-cross-site-scripting-2","Ultimate Member \u003C= 1.3.28 - Reflected Cross-Site Scripting","Cross-site scripting (XSS) vulnerability in the Ultimate Member WordPress plugin before 1.3.29 for WordPress allows remote attackers to inject arbitrary web script or HTML via the _refer parameter to wp-admin\u002Fusers.php.","\u003C1.3.29","1.3.29","2015-12-02 00:00:00",[753],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F97fd7952-a7f0-4797-82cd-840c0a3e5fbe?source=api-prod",2974,{"id":756,"url_slug":757,"title":758,"description":759,"plugin_slug":4,"theme_slug":38,"affected_versions":760,"patched_in_version":761,"severity":40,"cvss_score":68,"cvss_vector":69,"vuln_type":43,"published_date":762,"updated_date":271,"references":763,"days_to_patch":765},"CVE-2015-9304","ultimate-member-cross-site-scripting-4","Ultimate Member \u003C= 1.3.17 - Cross-Site Scripting","The ultimate-member plugin before 1.3.18 for WordPress has XSS via text input.","\u003C=1.3.17","1.3.18","2015-08-20 00:00:00",[764],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F7d8bee60-33f8-465b-80a9-90bc7a4d2054?source=api-prod",3078,{"id":767,"url_slug":768,"title":769,"description":770,"plugin_slug":4,"theme_slug":38,"affected_versions":771,"patched_in_version":772,"severity":55,"cvss_score":773,"cvss_vector":774,"vuln_type":43,"published_date":775,"updated_date":271,"references":776,"days_to_patch":778},"WF-461d5d5a-7bc2-4855-bc40-0edb9c538c33-ultimate-member","ultimate-member-reflected-cross-site-scripting","Ultimate Member 1.2.98 - 1.2.997 - Reflected Cross-Site Scripting","The Ultimate Member plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘url’ parameter in versions 1.2.98 through 1.2.997 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.",">=1.2.98 \u003C=1.2.997","1.3.0",7.1,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:R\u002FS:C\u002FC:L\u002FI:L\u002FA:L","2015-06-18 00:00:00",[777],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F461d5d5a-7bc2-4855-bc40-0edb9c538c33?source=api-prod",3141,{"id":780,"url_slug":781,"title":782,"description":783,"plugin_slug":4,"theme_slug":38,"affected_versions":784,"patched_in_version":785,"severity":254,"cvss_score":255,"cvss_vector":256,"vuln_type":195,"published_date":786,"updated_date":271,"references":787,"days_to_patch":789},"WF-0ae243af-619f-4405-b1e0-9b44c1869501-ultimate-member","ultimate-member-authorization-bypass-to-arbitrary-file-uploaddelete","Ultimate Member \u003C 1.0.84 - Authorization Bypass to Arbitrary File Upload\u002FDelete","The Ultimate Member plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the ultimatemember_remove_file() function in versions up to, and including, 1.0.83. This makes it possible for unauthenticated attackers to delete or upload arbitrary files.","\u003C1.0.84","1.0.84","2015-03-10 00:00:00",[788],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F0ae243af-619f-4405-b1e0-9b44c1869501?source=api-prod",3241,{"slug":791,"display_name":7,"profile_url":8,"plugin_count":792,"total_installs":793,"avg_security_score":794,"avg_patch_time_days":795,"trust_score":796,"computed_at":797},"ultimatemember",3,201900,85,1059,69,"2026-04-05T16:33:54.324Z",[799,821,840,855,875],{"slug":800,"name":801,"version":802,"author":803,"author_profile":804,"description":805,"short_description":806,"active_installs":807,"downloaded":808,"rating":809,"num_ratings":810,"last_updated":811,"tested_up_to":16,"requires_at_least":812,"requires_php":813,"tags":814,"homepage":816,"download_link":817,"security_score":818,"vuln_count":819,"unpatched_count":29,"last_vuln_date":820,"fetched_at":31},"wp-user-manager","WP User Manager – User Profile Builder & Membership","2.9.15","WP User Manager","https:\u002F\u002Fprofiles.wordpress.org\u002Fwpusermanager\u002F","\u003Ch4>The most customizable profiles & community builder WordPress plugin\u003C\u002Fh4>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwpusermanager.com?utm_source=wordpress.org&utm_medium=free%20plugin%20listing&utm_campaign=WP%20User%20Manager\" rel=\"nofollow ugc\">WP User Manager\u003C\u002Fa> lets you create highly customizable user profiles together with custom user registration, login, password recovery and account customization forms to your WordPress website.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwpusermanager.com?utm_source=wordpress.org&utm_medium=free%20plugin%20listing&utm_campaign=WP%20User%20Manager\" rel=\"nofollow ugc\">WP User Manager\u003C\u002Fa> is the best solution to manage your community. Powerful and flexible, yet easy to setup and use. With WP User Manager you can create almost any type of WordPress membership website where your visitors can join and become members.\u003C\u002Fp>\n\u003Cp>Create a custom login page, have full control over the registration form, give your site a member area, let the users manage their user data.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwpusermanager.com?utm_source=wordpress.org&utm_medium=free%20plugin%20listing&utm_campaign=WP%20User%20Manager\" rel=\"nofollow ugc\">Website\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fwpusermanager.com\u002Faddons?utm_source=wordpress.org&utm_medium=free%20plugin%20listing&utm_campaign=WP%20User%20Manager\" rel=\"nofollow ugc\">Addons\u003C\u002Fa> | \u003Ca href=\"http:\u002F\u002Fdocs.wpusermanager.com\u002F?utm_source=wordpress.org&utm_medium=free%20plugin%20listing&utm_campaign=WP%20User%20Manager\" rel=\"nofollow ugc\">Documentation\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fwpusermanager.com\u002Fsupport\u002F?utm_source=wordpress.org&utm_medium=free%20plugin%20listing&utm_campaign=WP%20User%20Manager\" rel=\"nofollow ugc\">Support\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>Features included\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpusermanager.com\u002Ffeatures\u002Ffront-end-forms\u002F?utm_source=wordpress.org&utm_medium=free%20plugin%20listing&utm_campaign=WP%20User%20Manager\" rel=\"nofollow ugc\">Frontend forms\u003C\u002Fa>: Allow users to register and login from the front of the site. Customize the registration form with custom fields to collect data\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpusermanager.com\u002Farticles\u002F332-stripe\u002F?utm_source=wordpress.org&utm_medium=free%20plugin%20listing&utm_campaign=WP%20User%20Manager\" rel=\"nofollow ugc\">Stripe integration\u003C\u002Fa>: Customize the emails sent to users when the register, reset their password and more\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpusermanager.com\u002Ffeatures\u002Fcustom-email-notifications\u002F?utm_source=wordpress.org&utm_medium=free%20plugin%20listing&utm_campaign=WP%20User%20Manager\" rel=\"nofollow ugc\">Custom email notifications\u003C\u002Fa>: Customize the emails sent to users when the register, reset their password and more\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpusermanager.com\u002Ffeatures\u002Fcustom-avatars\u002F?utm_source=wordpress.org&utm_medium=free%20plugin%20listing&utm_campaign=WP%20User%20Manager\" rel=\"nofollow ugc\">Custom avatars\u003C\u002Fa>: Users can edit their site avatar by uploading an image from the account page\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpusermanager.com\u002Ffeatures\u002Felegant-user-profiles\u002F?utm_source=wordpress.org&utm_medium=free%20plugin%20listing&utm_campaign=WP%20User%20Manager\" rel=\"nofollow ugc\">Elegant user profiles\u003C\u002Fa>: All users have a public profile page to display their data\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpusermanager.com\u002Ffeatures\u002Fshortcodes\u002F?utm_source=wordpress.org&utm_medium=free%20plugin%20listing&utm_campaign=WP%20User%20Manager\" rel=\"nofollow ugc\">Shortcodes editor\u003C\u002Fa>: Easily add the plugin shortcodes to pages or posts with the shortcode generator and editor\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpusermanager.com\u002Ffeatures\u002Froles-and-permissions-editor\u002F?utm_source=wordpress.org&utm_medium=free%20plugin%20listing&utm_campaign=WP%20User%20Manager\" rel=\"nofollow ugc\">Roles editor\u003C\u002Fa>: Edit roles and their capabilities. Create new roles and duplicate existing ones\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpusermanager.com\u002Ffeatures\u002Fuser-directories\u002F?utm_source=wordpress.org&utm_medium=free%20plugin%20listing&utm_campaign=WP%20User%20Manager\" rel=\"nofollow ugc\">Beautiful user directories\u003C\u002Fa>: Display users in a directories that can be displayed anywhere on the site\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpusermanager.com\u002Ffeatures\u002Fseo\u002F?utm_source=wordpress.org&utm_medium=free%20plugin%20listing&utm_campaign=WP%20User%20Manager\" rel=\"nofollow ugc\">SEO URLs\u003C\u002Fa>: All the URLs are SEO friendly\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpusermanager.com\u002Ffeatures\u002Fcontent-restriction\u002F?utm_source=wordpress.org&utm_medium=free%20plugin%20listing&utm_campaign=WP%20User%20Manager\" rel=\"nofollow ugc\">Content restriction\u003C\u002Fa>: Restrict content for certain users, by logged in status, or by role\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpusermanager.com\u002Ffeatures\u002Fpasswords-management\u002F?utm_source=wordpress.org&utm_medium=free%20plugin%20listing&utm_campaign=WP%20User%20Manager\" rel=\"nofollow ugc\">Passwords management\u003C\u002Fa>: Allow users to update their password from their account page\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpusermanager.com\u002Ffeatures\u002Fcustom-fields\u002F?utm_source=wordpress.org&utm_medium=free%20plugin%20listing&utm_campaign=WP%20User%20Manager\" rel=\"nofollow ugc\">Custom fields editor\u003C\u002Fa>: Create custom user fields that can be used to collect data on registration\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpusermanager.com\u002Ffeatures\u002Fcustom-widgets\u002F?utm_source=wordpress.org&utm_medium=free%20plugin%20listing&utm_campaign=WP%20User%20Manager\" rel=\"nofollow ugc\">Custom widgets\u003C\u002Fa>: Display user data and forms in sidebars using widgets\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpusermanager.com\u002Ffeatures\u002Fcustom-redirects\u002F?utm_source=wordpress.org&utm_medium=free%20plugin%20listing&utm_campaign=WP%20User%20Manager\" rel=\"nofollow ugc\">Custom redirects\u003C\u002Fa>: Control where the users are redirected to on login, registration and more\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpusermanager.com\u002Ffeatures\u002Ftools\u002F?utm_source=wordpress.org&utm_medium=free%20plugin%20listing&utm_campaign=WP%20User%20Manager\" rel=\"nofollow ugc\">Powerful tools\u003C\u002Fa>: Tools to be in control of your site and who registers\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpusermanager.com\u002Ffeatures\u002Fdevelopers-friendly\u002F?utm_source=wordpress.org&utm_medium=free%20plugin%20listing&utm_campaign=WP%20User%20Manager\" rel=\"nofollow ugc\">Developers friendly\u003C\u002Fa>: Customize and integrate with other plugins with a large number of hooks and filters\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fdocs.wpusermanager.com?utm_source=wordpress.org&utm_medium=free%20plugin%20listing&utm_campaign=WP%20User%20Manager\" rel=\"nofollow ugc\">Extensive documentation\u003C\u002Fa>: Full documentation and expert support\u003C\u002Fli>\n\u003Cli>Translation Ready – The plugin and addons are fully localized ready for translation\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Read more about our features on \u003Ca href=\"https:\u002F\u002Fwpusermanager.com\u002Ffeatures\u002F?utm_source=wordpress.org&utm_medium=free%20plugin%20listing&utm_campaign=WP%20User%20Manager\" rel=\"nofollow ugc\">wpusermanager.com\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>Premium Features\u003C\u002Fh4>\n\u003Cp>For more advanced functionality check out the \u003Ca href=\"https:\u002F\u002Fwpusermanager.com\u002Fpricing\u002F?utm_source=wordpress.org&utm_medium=free%20plugin%20listing&utm_campaign=WP%20User%20Manager\" rel=\"nofollow ugc\">pricing page\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpusermanager.com\u002Faddons\u002Fcustom-fields\u002F?utm_source=wordpress.org&utm_medium=free%20plugin%20listing&utm_campaign=WP%20User%20Manager\" rel=\"nofollow ugc\">Custom Fields\u003C\u002Fa>: Add custom fields to members profiles and registration forms\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpusermanager.com\u002Faddons\u002Fwoocommerce\u002F?utm_source=wordpress.org&utm_medium=free%20plugin%20listing&utm_campaign=WP%20User%20Manager\" rel=\"nofollow ugc\">WooCommerce\u003C\u002Fa>: Integration with WooCommerce. Collect payment at registration, allow members to update their billing and shipping addresses, display product purchases, reviews and more!\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpusermanager.com\u002Faddons\u002Fstripe-pro\u002F?utm_source=wordpress.org&utm_medium=free%20plugin%20listing&utm_campaign=WP%20User%20Manager\" rel=\"nofollow ugc\">Stripe Pro\u003C\u002Fa>: Integration with Stripe. Collect payment at registration with Stripe, restrict access to your site, remove the commission fees.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpusermanager.com\u002Faddons\u002Fuser-verification\u002F?utm_source=wordpress.org&utm_medium=free%20plugin%20listing&utm_campaign=WP%20User%20Manager\" rel=\"nofollow ugc\">User Verification\u003C\u002Fa>: Send a verification link via email upon registration or manually approve users before they can login\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpusermanager.com\u002Faddons\u002Fgroups\u002F?utm_source=wordpress.org&utm_medium=free%20plugin%20listing&utm_campaign=WP%20User%20Manager\" rel=\"nofollow ugc\">Groups\u003C\u002Fa>: Give your users the ability to create and join groups\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpusermanager.com\u002Faddons\u002Fsecurity\u002F?utm_source=wordpress.org&utm_medium=free%20plugin%20listing&utm_campaign=WP%20User%20Manager\" rel=\"nofollow ugc\">Security\u003C\u002Fa>: Add password security features and user login management features\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpusermanager.com\u002Faddons\u002Fregistration-forms\u002F?utm_source=wordpress.org&utm_medium=free%20plugin%20listing&utm_campaign=WP%20User%20Manager\" rel=\"nofollow ugc\">Registration Forms\u003C\u002Fa>: Create unlimited registration forms, create multi-step forms, customize forms with HTML, and have full control over form settings\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpusermanager.com\u002Faddons\u002Ffrontend-posting\u002F?utm_source=wordpress.org&utm_medium=free%20plugin%20listing&utm_campaign=WP%20User%20Manager\" rel=\"nofollow ugc\">Frontend Posting\u003C\u002Fa>: Allow your users to submit posts and other content from the frontend\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpusermanager.com\u002Faddons\u002Facf\u002F?utm_source=wordpress.org&utm_medium=free%20plugin%20listing&utm_campaign=WP%20User%20Manager\" rel=\"nofollow ugc\">Advanced Custom Fields\u003C\u002Fa>: Collect \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fadvanced-custom-fields\u002F\" rel=\"ugc\">ACF\u003C\u002Fa> user data at registration and allow users to see and edit the data on their profile\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpusermanager.com\u002Faddons\u002Fsocial-login\u002F?utm_source=wordpress.org&utm_medium=free%20plugin%20listing&utm_campaign=WP%20User%20Manager\" rel=\"nofollow ugc\">Social Login & Registration\u003C\u002Fa>: Allow your users to quickly login and register with their favorite social network account, Facebook, Twitter, Instagram, LinkedIn & Instagram\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpusermanager.com\u002Faddons\u002Fprivate-content\u002F?utm_source=wordpress.org&utm_medium=free%20plugin%20listing&utm_campaign=WP%20User%20Manager\" rel=\"nofollow ugc\">Private Content\u003C\u002Fa>: Provide private content for all your users, as well as user specific content so you can tailor for each member\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpusermanager.com\u002Faddons\u002Fmailchimp\u002F?utm_source=wordpress.org&utm_medium=free%20plugin%20listing&utm_campaign=WP%20User%20Manager\" rel=\"nofollow ugc\">Mailchimp\u003C\u002Fa>: Sync users with Mailchimp upon registration & more\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpusermanager.com\u002Faddons\u002Frecaptcha?utm_source=wordpress.org&utm_medium=free%20plugin%20listing&utm_campaign=WP%20User%20Manager\" rel=\"nofollow ugc\">Google reCAPTCHA\u003C\u002Fa>: Stop spam registrations on your website for free\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpusermanager.com\u002Faddons\u002Fcontent-restriction\u002F?utm_source=wordpress.org&utm_medium=free%20plugin%20listing&utm_campaign=WP%20User%20Manager\" rel=\"nofollow ugc\">Content Restriction Plus\u003C\u002Fa>: One-click restriction to posts, pages and custom post types\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpusermanager.com\u002Faddons\u002Flikes\u002F?utm_source=wordpress.org&utm_medium=free%20plugin%20listing&utm_campaign=WP%20User%20Manager\" rel=\"nofollow ugc\">Likes\u003C\u002Fa>: Allow your users to like posts, pages and other content\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpusermanager.com\u002Faddons\u002Fhcaptcha\u002F?utm_source=wordpress.org&utm_medium=free%20plugin%20listing&utm_campaign=WP%20User%20Manager\" rel=\"nofollow ugc\">hCaptcha\u003C\u002Fa>: Stop more bots. Start protecting user privacy with hCaptcha\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpusermanager.com\u002Faddons\u002Fwpml\u002F?utm_source=wordpress.org&utm_medium=free%20plugin%20listing&utm_campaign=WP%20User%20Manager\" rel=\"nofollow ugc\">WPML\u003C\u002Fa>: Translate your custom fields, field groups, registration forms, and emails using \u003Ca href=\"https:\u002F\u002Fwpml.org\u002F\" rel=\"nofollow ugc\">WPML\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpusermanager.com\u002Faddons\u002Fpersonal-data?utm_source=wordpress.org&utm_medium=free%20plugin%20listing&utm_campaign=WP%20User%20Manager\" rel=\"nofollow ugc\">Personal Data\u003C\u002Fa>: Allows the user to request an export of personal data and request erasure of personal data from the account page for GDPR compliance\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpusermanager.com\u002Faddons\u002Fdelete-account?utm_source=wordpress.org&utm_medium=free%20plugin%20listing&utm_campaign=WP%20User%20Manager\" rel=\"nofollow ugc\">Delete Account\u003C\u002Fa>: Allows the user to delete their own profile from the frontend account page\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Free Extensions\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwpum-newsletter\" rel=\"ugc\">Newsletter\u003C\u002Fa>: Subscribe your members to your Newsletter plugin lists easily during registration\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwpum-username-length\" rel=\"ugc\">Username Length\u003C\u002Fa>: Set minimum and maximum characters length for usernames\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Translations\u003C\u002Fh4>\n\u003Cp>Want to add a new language to WP User Manager? Awesome! You can contribute via \u003Ca href=\"https:\u002F\u002Ftranslate.wordpress.org\u002Fprojects\u002Fwp-plugins\u002Fwp-user-manager\" rel=\"nofollow ugc\">translate.wordpress.org\u003C\u002Fa>. Please read the official \u003Ca href=\"https:\u002F\u002Fdocs.wpusermanager.com\u002Farticle\u002F67-translate-wp-user-manager\u002F?utm_source=wordpress.org&utm_medium=free%20plugin%20listing&utm_campaign=WP%20User%20Manager\" rel=\"nofollow ugc\">translation tutorial\u003C\u002Fa> for more information.\u003C\u002Fp>\n\u003Ch4>Support\u003C\u002Fh4>\n\u003Cp>Support is provided only through the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fwp-user-manager\" rel=\"ugc\">support forum\u003C\u002Fa>. Join the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fwp-user-manager\" rel=\"ugc\">support forum\u003C\u002Fa> to ask questions and get help regarding WP User Manager. Free support is provided exclusively for bugs and help using the plugin. Please read the support policy \u003Ca href=\"https:\u002F\u002Fwpusermanager.com\u002Fsupport-policy\u002F?utm_source=wordpress.org&utm_medium=free%20plugin%20listing&utm_campaign=WP%20User%20Manager\" rel=\"nofollow ugc\">https:\u002F\u002Fwpusermanager.com\u002Fsupport-policy\u002F\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>Before opening a \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fwp-user-manager\" rel=\"ugc\">support topic\u003C\u002Fa> please read the \u003Ca href=\"http:\u002F\u002Fdocs.wpusermanager.com\u002Fcategory\u002F66-faq-tutorials\u002F?utm_source=wordpress.org&utm_medium=free%20plugin%20listing&utm_campaign=WP%20User%20Manager\" rel=\"nofollow ugc\">faqs\u003C\u002Fa> and \u003Ca href=\"http:\u002F\u002Fdocs.wpusermanager.com\u002F?utm_source=wordpress.org&utm_medium=free%20plugin%20listing&utm_campaign=WP%20User%20Manager\" rel=\"nofollow ugc\">documentation\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>Support for premium addons is provided exclusively \u003Ca href=\"https:\u002F\u002Fwpusermanager.com\u002Fsupport\u002F?utm_source=wordpress.org&utm_medium=free%20plugin%20listing&utm_campaign=WP%20User%20Manager\" rel=\"nofollow ugc\">through the premium support platform\u003C\u002Fa>. Support for premium addons cannot be provided through WordPress.org due to the rules put in place by the WordPress.org team.\u003C\u002Fp>\n","The most customizable profiles & community builder WordPress plugin with front-end login, registration, profile customization and content restriction.",10000,688068,94,347,"2026-02-26T17:56:00.000Z","4.9","7.4",[20,815,22,23,24],"members","https:\u002F\u002Fwpusermanager.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-user-manager.2.9.15.zip",89,7,"2025-12-11 15:08:20",{"slug":822,"name":823,"version":824,"author":825,"author_profile":826,"description":827,"short_description":828,"active_installs":29,"downloaded":829,"rating":29,"num_ratings":29,"last_updated":830,"tested_up_to":831,"requires_at_least":832,"requires_php":833,"tags":834,"homepage":836,"download_link":837,"security_score":838,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":839},"touchsuite-payments","Touchsuite Payments","1.0.5","TouchSuite","https:\u002F\u002Fprofiles.wordpress.org\u002Ftouchsuite\u002F","\u003Ch3>Complete Subscription & Membership Management Solution\u003C\u002Fh3>\n\u003Cp>Get our powerful WordPress plugin completely free. Create unlimited membership plans, manage subscribers, and track payments with our comprehensive solution.\u003C\u002Fp>\n\u003Cp>Just sign up for a merchant account to get started.\u003C\u002Fp>\n\u003Cp>Read about all of the plugin’s features at \u003Ca href=\"https:\u002F\u002Ftouchsuite.com\u002Fwordpress\u002F\" rel=\"nofollow ugc\">Touchsuite Payments\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Essential Features at No Cost\u003C\u002Fh3>\n\u003Cp>Everything you need to create and manage a successful membership platform, completely free\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\n\u003Cp>\u003Cstrong>Complete Member Management\u003C\u002Fstrong>\u003Cbr \u002F>\nManage all subscribers from a single dashboard. Update passwords, usernames, and billing information with ease.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>20 Ready-Made Templates\u003C\u002Fstrong>\u003Cbr \u002F>\nPre-built pages for sign-up, login, account management, security, invoices, checkout, orders, and billing information.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Complete Admin Control\u003C\u002Fstrong>\u003Cbr \u002F>\nFull control over features, plans, pages, and users. Process refunds and manage all subscriber data from one place.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Comprehensive Reporting\u003C\u002Fstrong>\u003Cbr \u002F>\nView and download daily, monthly, and annual reports. Track all transactions and member activities easily.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Included Extended Features\u003C\u002Fstrong>\u003Cbr \u002F>\nCreate custom discount codes and coupons. Integrate with multiple SMTP platforms for email communications.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Flexible Memberships\u003C\u002Fstrong>\u003Cbr \u002F>\nSet up unlimited monthly and annual membership plans. Customize pricing and features for each plan.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Ready-Made Pages for Your Membership Site\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Authentication Pages\u003C\u002Fli>\n\u003Cli>Sign up, login, and registration pages with secure authentication\u003C\u002Fli>\n\u003Cli>Account Management\u003C\u002Fli>\n\u003Cli>Member account management and security settings pages\u003C\u002Fli>\n\u003Cli>Transaction Pages\u003C\u002Fli>\n\u003Cli>Checkout pages, success transaction pages, and invoice downloads\u003C\u002Fli>\n\u003Cli>Billing Pages\u003C\u002Fli>\n\u003Cli>Billing information management and order history pages\u003C\u002Fli>\n\u003Cli>Member Dashboard\u003C\u002Fli>\n\u003Cli>Customizable member dashboard with account overview and settings\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Trialware and license checks are not permitted\u003C\u002Fh3>\n\u003Col>\n\u003Cli>The plugin user can not do this service on their own servers. The plugin is free to use and a website owner can set manual memberships and use all of the features of the plugin. It is serviceware creating functionality to charge for subscriptions and memberships to a website owner’s website.\u003C\u002Fli>\n\u003Cli>For setting up billing\u002Fsubscriptions the website owner is required to open a merchant account through our company, American Bancard DBA Touchsuite\u003C\u002Fli>\n\u003Cli>The website owner is required to enter an authorization\u002Factivation code as we are only allowing 1 plugin install per website as it is free to use.\u003C\u002Fli>\n\u003Cli>We use NMI as the payment gateway (similar to Stripe).\u003C\u002Fli>\n\u003Cli>We are an AUTHORIZED partner\u002Freseller of NMI services. We have over 5,000 active merchants processing credit cards transactions through American Bancard DBA Touchsuite\u003C\u002Fli>\n\u003Cli>You’ve already approved 2 of our competitors. There is no difference between this plugin and 2 other competitors other than they require and annual fee to use the plugin. (competitors: Paid Memberships Pro and WP Members)\u003C\u002Fli>\n\u003Cli>We only require the user to open an NMI account with American Bancard DBA Touchsuite\u003C\u002Fli>\n\u003Cli>To open a merchant account using NMI the user must go through our company which is why we have a link to our website for them to fill out a request for a validation key.\u003C\u002Fli>\n\u003Cli>The free plugin features never expire and can be used in perpetuity setting up free subscriptions and memberships.\u003C\u002Fli>\n\u003Cli>To use it for paid memberships you must open an NMI merchant account via American Bancard DBA Touchsuite.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>External services\u003C\u002Fh3>\n\u003Cp>This plugin connects to a third party processor, NMI. The NMI API is used to process credit cards for subscriptions and memberships via NMI payment gateway. All credit card transactions are secure and encrypted via the NMI service. American Bancard DBA Touchsuite is an authorized partner\u002Freseller of NMI services. The plugin enables a visitor to set up one-time and recurring billing for various subscriptions and memberships.\u003C\u002Fp>\n\u003Cp>This service is provided by “American Bancard DBA Touchsuite”: Terms of Use (https:\u002F\u002Ftouchsuite.com\u002Fterms-and-conditions), Privacy Policy (https:\u002F\u002Ftouchsuite.com\u002Fprivacy-policy).\u003C\u002Fp>\n\u003Col>\n\u003Cli>\n\u003Cp>\u003Cstrong>NMI Payment Gateway\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>This plugin integrates with the \u003Cstrong>NMI Payment Gateway\u003C\u002Fstrong> to process transactions.\u003C\u002Fli>\n\u003Cli>Data sent: transaction details (amount, currency, payment method, and customer information).\u003C\u002Fli>\n\u003Cli>Data is sent only when a user initiates a payment.\u003C\u002Fli>\n\u003Cli>Service provider: \u003Ca href=\"https:\u002F\u002Fwww.nmi.com\" rel=\"nofollow ugc\">NMI (Network Merchants Inc.)\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Terms of Service: \u003Ca href=\"https:\u002F\u002Fwww.nmi.com\u002Fterms\u002F\" rel=\"nofollow ugc\">https:\u002F\u002Fwww.nmi.com\u002Fterms\u002F\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Privacy Policy: \u003Ca href=\"https:\u002F\u002Fwww.nmi.com\u002Fprivacy-policy\u002F\" rel=\"nofollow ugc\">https:\u002F\u002Fwww.nmi.com\u002Fprivacy-policy\u002F\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>TouchSuite License Activation\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>This plugin connects to TouchSuite’s license activation API to verify valid plugin usage.\u003C\u002Fli>\n\u003Cli>Data sent: license key and website URL.\u003C\u002Fli>\n\u003Cli>Data is sent when activating or validating a license.\u003C\u002Fli>\n\u003Cli>Service provider: \u003Ca href=\"https:\u002F\u002Ftouchsuite.com\" rel=\"nofollow ugc\">TouchSuite\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Terms of Service: \u003Ca href=\"https:\u002F\u002Ftouchsuite.com\u002Fterms-and-conditions\" rel=\"nofollow ugc\">https:\u002F\u002Ftouchsuite.com\u002Fterms-and-conditions\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Privacy Policy: \u003Ca href=\"https:\u002F\u002Ftouchsuite.com\u002Fprivacy-policy\u002F\" rel=\"nofollow ugc\">https:\u002F\u002Ftouchsuite.com\u002Fprivacy-policy\u002F\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Fol>\n","Build a membership site that grows with you: user registration, member profiles, free or paid subscriptions.",835,"","6.7.5","6.6","8.0",[20,21,835,23,24],"memberships","https:\u002F\u002Ftouchsuite.com\u002Fwordpress","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ftouchsuite-payments.1.0.5.zip",100,"2026-03-15T10:48:56.248Z",{"slug":841,"name":842,"version":843,"author":844,"author_profile":845,"description":846,"short_description":847,"active_installs":29,"downloaded":848,"rating":29,"num_ratings":29,"last_updated":849,"tested_up_to":850,"requires_at_least":851,"requires_php":830,"tags":852,"homepage":853,"download_link":854,"security_score":794,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"warmupreps","WarmupReps","1.0.0.0","powersurge","https:\u002F\u002Fprofiles.wordpress.org\u002Fpowersurge\u002F","\u003Cp>Easily calculate and log your workout routines from popular strength training programs or create your own.\u003C\u002Fp>\n","Easily calculate and log your workout routines from popular strength training programs or create your own.",940,"2022-02-20T22:34:00.000Z","5.9.13","3.0.1",[20,815,22,23,24],"https:\u002F\u002Funiquehosting.net\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwarmupreps.zip",{"slug":856,"name":857,"version":858,"author":859,"author_profile":860,"description":861,"short_description":862,"active_installs":863,"downloaded":864,"rating":865,"num_ratings":866,"last_updated":867,"tested_up_to":16,"requires_at_least":868,"requires_php":813,"tags":869,"homepage":871,"download_link":872,"security_score":27,"vuln_count":873,"unpatched_count":29,"last_vuln_date":874,"fetched_at":31},"wp-user-avatar","Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress","4.16.12","properfraction","https:\u002F\u002Fprofiles.wordpress.org\u002Fproperfraction\u002F","\u003Ch4>Modern WordPress Membership Plugin for Ecommerce, Digital Downloads, User Profile, Registration & Login Form\u003C\u002Fh4>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fprofilepress.com\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=liteversion\" rel=\"nofollow ugc\">ProfilePress\u003C\u002Fa> is a powerful ecommerce and paid membership plugin for accepting one-time and recurring payments, selling subscriptions and digital products or digital downloads (downloadable files) via Bank Transfer, Stripe, PayPal, RazorPay, Mollie & Paystack, paywall & restrict content and control user access.\u003C\u002Fp>\n\u003Cp>ProfilePress is the best Stripe (Credit Card), PayPal, RazorPay, Paystack & Mollie payment forms and WooCommerce membership plugin for to quickly accept payments, sell memberships and provide your users the ultimate member experience.\u003C\u002Fp>\n\u003Cp>ProfilePress lets you create beautiful user profiles, member directories, frontend login, and user registration forms, member password reset and edit profile forms.\u003C\u002Fp>\n\u003Cp>Our Drag-and-Drop form builder makes building forms easy. It is the perfect solution for creating online communities and membership sites where users can register or signup to become members.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fprofilepress.com\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=liteversion\" rel=\"nofollow ugc\">Website\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fprofilepress.com\u002Faddons\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=liteversion\" rel=\"nofollow ugc\">Addons\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fprofilepress.com\u002Fdocs\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=liteversion\" rel=\"nofollow ugc\">Documentation\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fprofilepress.com\u002Fsupport\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=liteversion\" rel=\"nofollow ugc\">Support\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FOXkWVm53Xzo?version=3&rel=0&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Ch3>Excellent Membership Features\u003C\u002Fh3>\n\u003Cp>ProfilePress ecommerce plugin is suited for selling non-physical goods, including online courses, digital downloads, downloadable files, paid memberships, subscriptions, services, accepting donations, selling digital downloads, etc.\u003C\u002Fp>\n\u003Cp>Our WordPress membership plugin is a perfect alternative to MemberPress, Paid Memberships Pro, MemberMouse, Thrive Apprentice, WishList Member, Ultimate Membership Pro and more!\u003C\u002Fp>\n\u003Ch4>Protect Registration Forms Against Banned Email Addresses\u003C\u002Fh4>\n\u003Cp>Prevent spam registrations and abuse by \u003Ca href=\"https:\u002F\u002Fprofilepress.com\u002Fblock-wordpress-registration-specific-email-domains\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=liteversion\" rel=\"nofollow ugc\">blocking user registration from a banned email address or email domain\u003C\u002Fa> or restricting user registration to specific email addresses.\u003C\u002Fp>\n\u003Ch4>Multiple Payment Processors\u003C\u002Fh4>\n\u003Cp>Easily connect to Stripe (supports Stripe-hosted checkout page and on-site payment form), PayPal, RazorPay, Paystack, Mollie, Bank Transfer to collect payments.\u003C\u002Fp>\n\u003Cp>Because we use the Stripe payment element, our integration gives your users the option to pay via Apple Pay, Google Pay, Microsoft Pay, Stripe Link, ACH Direct Debit, Alipay, Bancontact, Bank transfers, BLIK, EPS, FPX, Giropay, iDEAL, Sofort, P24, Affirm, Afterpay, Clearpay, Klarna, CashApp Pay, GrabPay, WeChat Pay, SEPA debit, Bacs Direct Debit and more.\u003C\u002Fp>\n\u003Ch4>Custom Frontend Forms\u003C\u002Fh4>\n\u003Cp>Create checkout page, member login form, user registration form, password reset and edit profile forms with our drag-and-drop builder.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Conversion Optimized Checkout Form\u003C\u002Fstrong> – Let users make payments to you and subscribe to your membership plans.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>User Registration Forms\u003C\u002Fstrong> – Let users signup via a custom registration form.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Login & Password Reset Forms\u003C\u002Fstrong> – Allow users to log in and reset their passwords via custom frontent forms.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>User Dashboard\u003C\u002Fstrong> – My Account page and edit profile forms for users to manage their profile details, account settings, change password and delete their account account.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Automatic Registration & Login Redirect\u003C\u002Fstrong> – Auto login users after they register and redirect them after they sign in, log out and reset their passwords.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>User Profiles & Member Directories\u003C\u002Fh4>\n\u003Cp>Add beautiful user profiles to your site that display your users’ profile pictures and information. And create searchable and filterable member directories allowing users to find each other on your membership website.\u003C\u002Fp>\n\u003Ch4>Drag-and-Drop Form Builder\u003C\u002Fh4>\n\u003Cp>We took out the pain of creating user profiles, member directories, and forms with our intuitive drag-and-drop builder.\u003C\u002Fp>\n\u003Ch4>Customisable Pre-Built Templates\u003C\u002Fh4>\n\u003Cp>ProfilePress comes with beautiful, customizable pre-built templates for user profiles, member directory, and forms to help you save even more time.\u003C\u002Fp>\n\u003Ch4>Access Control, Paywall & Content Restriction\u003C\u002Fh4>\n\u003Cp>Hide any article, post and content behind a paywall. With a few clicks, you can set up a \u003Ca href=\"https:\u002F\u002Fprofilepress.com\u002Fadd-wordpress-paywall-content\u002F\" rel=\"nofollow ugc\">WordPress paywall\u003C\u002Fa> to protect members-only content.\u003C\u002Fp>\n\u003Cp>It gives you control over what content your users can see based on your \u003Ca href=\"https:\u002F\u002Fprofilepress.com\u002Farticle\u002Fadding-content-protection-rules\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=liteversion\" rel=\"nofollow ugc\">protection rules\u003C\u002Fa> and \u003Ca href=\"https:\u002F\u002Fprofilepress.com\u002Farticle\u002Fwordpress-content-restriction-shortcodes\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=liteversion\" rel=\"nofollow ugc\">shortcodes\u003C\u002Fa>. You can restrict content including pages, child pages, posts, custom post types, categories, tags and custom taxonomies based on their membership plans, user roles, usernames, and logged-in status.\u003C\u002Fp>\n\u003Cp>You can also control the visibility of \u003Ca href=\"https:\u002F\u002Fprofilepress.com\u002Farticle\u002Fwordpress-navigation-menu-restriction\u002F\" rel=\"nofollow ugc\">navigation menus\u003C\u002Fa> and widgets, modules & contents in the \u003Ca href=\"https:\u002F\u002Fprofilepress.com\u002Farticle\u002Frestrict-visibility-contents-wordpress-block-editor\u002F\" rel=\"nofollow ugc\">block editor\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fprofilepress.com\u002Farticle\u002Frestrict-elementor-sections-widgets\u002F\" rel=\"nofollow ugc\">Elementor\u003C\u002Fa> & \u003Ca href=\"https:\u002F\u002Fprofilepress.com\u002Farticle\u002Frestrict-content-beaver-builder-visibility\u002F\" rel=\"nofollow ugc\">Beaver Builder\u003C\u002Fa> page builders.\u003C\u002Fp>\n\u003Ch4>Detailed Ecommerce & Membership Reports\u003C\u002Fh4>\n\u003Cp>We provide a complete reports section where you can Keep track of your earnings, refunds, sales, download logs and more. You can view and export reports for any period.\u003C\u002Fp>\n\u003Ch4>Login Redirect\u003C\u002Fh4>\n\u003Cp>Do you want to redirect WordPress users after login to a specific page or URL? This feature lets you setup login redirect based on user role and subscribed membership plan.\u003C\u002Fp>\n\u003Ch4>Email Customizer\u003C\u002Fh4>\n\u003Cp>Customize the email templates for each email that can be sent to users and administrators.\u003C\u002Fp>\n\u003Ch4>Tutor LMS & Academy LMS Integrations\u003C\u002Fh4>\n\u003Cp>The \u003Ca href=\"https:\u002F\u002Fprofilepress.com\u002Faddons\u002Ftutor-lms\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=liteversion\" rel=\"nofollow ugc\">Tutor LMS integration\u003C\u002Fa> lets you sell access to Tutor LMS courses, enroll users after registration to specific courses and create custom student and instructor WordPress registration forms.\u003C\u002Fp>\n\u003Cp>The \u003Ca href=\"https:\u002F\u002Fprofilepress.com\u002Faddons\u002Facademy-lms\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=liteversion\" rel=\"nofollow ugc\">Academy LMS integration\u003C\u002Fa> lets you sell your courses in Academy LMS plugin, enroll users to courses after registration and create custom registration forms for students and instructors.\u003C\u002Fp>\n\u003Ch4>Other Payment & Membership Plugin Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Accept one-time, recurring payments and charge for subscriptions via Bank Transfer, Stripe, PayPal, Paystack, RazorPay and Mollie.\u003C\u002Fli>\n\u003Cli>Smart fraud protection & spam prevention on the user registration form, login form and checkout page.\u003C\u002Fli>\n\u003Cli>Complete customer management to view and manage detailed records of all customers and their order history.\u003C\u002Fli>\n\u003Cli>Collect EU Vat or Tax from your users with our ecommerce plugin depending on their location, with complete control over tax rates and who to charge.\u003C\u002Fli>\n\u003Cli>Disable the admin bar and restrict access to the WordPress dashboard based on user roles.\u003C\u002Fli>\n\u003Cli>Redirect the WordPress default login page (wp-login.php) to your custom login, registration page, and password reset pages.\u003C\u002Fli>\n\u003Cli>Disable concurrent logins to prevent users from being logged into the same account from multiple computers at the same time.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Powerful Premium Features\u003C\u002Fh3>\n\u003Cp>Extend the capabilities of ProfilePress with our powerful addons and remove the additional 2% Stripe processing fee.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fprofilepress.com\u002Faddons\u002Ffixed-subscription-expiration\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=liteversion\" rel=\"nofollow ugc\">Fixed Subscription Expiration\u003C\u002Fa> – Allows subscriptions of non-recurring plans to end at a specific date or after a specified duration of time.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fprofilepress.com\u002Faddons\u002Fpaypal\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=liteversion\" rel=\"nofollow ugc\">PayPal Checkout\u003C\u002Fa> – Accept Visa, Mastercard, Venmo, Discover, iDEAL, American Express, Bancontact, BLIK, giropay, MyBank and Przelewy24 payments via PayPal.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fprofilepress.com\u002Faddons\u002FrazorPay\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=liteversion\" rel=\"nofollow ugc\">RazorPay Checkout\u003C\u002Fa> – Accept Credit\u002FDebit cards, Netbanking, UPI, Wallets and more from Indian customers via RazorPay.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fprofilepress.com\u002Faddons\u002Fmollie\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=liteversion\" rel=\"nofollow ugc\">Mollie Checkout\u003C\u002Fa> – Accept payments via Credit Card, iDEAL, SEPA Direct Debit, Apple Pay, PayPal, Klarna, Bancontact, Bank transfer & Gift Card with Mollie.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fprofilepress.com\u002Faddons\u002Fpaystack\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=liteversion\" rel=\"nofollow ugc\">Paystack Checkout\u003C\u002Fa> – Accept payments via Credit Card, Bank Transfer, Mobile Money, USSD and more with Paystack.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fprofilepress.com\u002Faddons\u002Fcustom-fields\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=liteversion\" rel=\"nofollow ugc\">Custom Fields\u003C\u002Fa> – Collect additional information from users besides the standard profile data during user registration and payment checkout.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fprofilepress.com\u002Faddons\u002Femail-confirmation\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=liteversion\" rel=\"nofollow ugc\">Email Confirmation\u003C\u002Fa> – Ensure registered users confirm their email addresses before they can sign in via the login form or social login.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fprofilepress.com\u002Faddons\u002Fuser-moderation\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=liteversion\" rel=\"nofollow ugc\">User Moderation\u003C\u002Fa> – Decide whether to approve newly registered users or not. You can also block and unblock users at any time.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fprofilepress.com\u002Faddons\u002Fmetered-paywall\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=liteversion\" rel=\"nofollow ugc\">Metered Paywall\u003C\u002Fa> –  Let guest and visitors view limited number of restricted content using the best leaky paywall plugin. Metered paywalls allows free readers to access a few articles before restricting the rest to subscribers only.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fprofilepress.com\u002Faddons\u002Finvite-codes\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=liteversion\" rel=\"nofollow ugc\">Invite Codes\u003C\u002Fa> –  Restrict WordPress registration to only users with invitation codes.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fprofilepress.com\u002Faddons\u002Freceipt\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=liteversion\" rel=\"nofollow ugc\">PDF Receipt\u003C\u002Fa> –  Allow customers to view, print and download as PDF, the receipt or invoice of their orders after payment.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fprofilepress.com\u002Faddons\u002Fsocial-login\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=liteversion\" rel=\"nofollow ugc\">Social Login\u003C\u002Fa> – Let users checkout, register & login to your site with social login via Facebook, Twitter, Google, LinkedIn, Yahoo, Microsoft, Amazon, GitHub, VK and WordPress.com.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fprofilepress.com\u002Faddons\u002F2fa\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=liteversion\" rel=\"nofollow ugc\">Two-Factor Authentication (2FA)\u003C\u002Fa> – Adds an additional layer of security to users accounts by requiring more than just a password to log in.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fprofilepress.com\u002Faddons\u002Fpasswordless-login\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=liteversion\" rel=\"nofollow ugc\">Passwordless Login\u003C\u002Fa> – Let users log in to your site via a one-time URL sent to their email addresses.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fprofilepress.com\u002Faddons\u002Fwoocommerce\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=liteversion\" rel=\"nofollow ugc\">WooCommerce Memberships & Integration\u003C\u002Fa> – Create WooCommerce membership sites, members-only discounts and stores, manage WooCommerce billing and shipping fields, replace WooCommerce login and edit account forms in checkout and “My Account” pages with that of ProfilePress.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fprofilepress.com\u002Faddons\u002Flearndash\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=liteversion\" rel=\"nofollow ugc\">LearnDash\u003C\u002Fa> – Sell access to LearnDash courses and groups, enroll users after signup via a custom LearnDash registration form, and let users view their enrolled courses on the My Account page.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fprofilepress.com\u002Faddons\u002Flifterlms\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=liteversion\" rel=\"nofollow ugc\">LifterLMS\u003C\u002Fa> – Sell access to LifterLMS courses and memberships, enroll users after signup via a custom LifterLMS registration form, and let users view their enrolled courses on the My Account page.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fprofilepress.com\u002Faddons\u002Fsensei-lms\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=liteversion\" rel=\"nofollow ugc\">Sensei LMS\u003C\u002Fa> – Sell access to Sensei LMS courses and groups, enroll users after registration, and let users view their enrolled courses on the My Account page.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fprofilepress.com\u002Faddons\u002Fmasterstudy-lms\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=liteversion\" rel=\"nofollow ugc\">MasterStudy LMS\u003C\u002Fa> – Restrict access to Masterstudy LMS courses until after payment and enroll users after registration.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fprofilepress.com\u002Faddons\u002Ffluentcommunity\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=liteversion\" rel=\"nofollow ugc\">FluentCommunity\u003C\u002Fa> – Sell access to FluentCommunity spaces and courses, and enroll users after WordPress registration to specific courses and spaces.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fprofilepress.com\u002Faddons\u002Frecaptcha\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=liteversion\" rel=\"nofollow ugc\">Google reCAPTCHA\u003C\u002Fa> – Protect your user registration, login, checkout and password reset forms against spam and bot attacks using Google reCAPTCHA.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fprofilepress.com\u002Faddons\u002Fcloudflare-turnstile\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=liteversion\" rel=\"nofollow ugc\">Cloudflare Turnstile\u003C\u002Fa> – Stop spam registrations and bot attacks on your WordPress login, registration, and checkout forms by implementing Cloudflare Turnstile.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fprofilepress.com\u002Faddons\u002Fsite-creation\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=liteversion\" rel=\"nofollow ugc\">Site Creation\u003C\u002Fa> – Allow users to create new sites on a multisite network via a user registration form powered by ProfilePress.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fprofilepress.com\u002Faddons\u002Fmailchimp\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=liteversion\" rel=\"nofollow ugc\">Mailchimp\u003C\u002Fa> – Subscribe members to your Mailchimp audiences after they register, made a purchase and payment, subscribe to membership plans and automatically sync profile changes with Mailchimp.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fprofilepress.com\u002Faddons\u002Fcampaign-monitor\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=liteversion\" rel=\"nofollow ugc\">Campaign Monitor\u003C\u002Fa> – Subscribe members to your Campaign Monitor lists when they register, subscribe to membership plans via checkout form, and automatically sync profile changes with Campaign Monitor.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fprofilepress.com\u002Faddons\u002Fmailerlite\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=liteversion\" rel=\"nofollow ugc\">MailerLite\u003C\u002Fa> – Add WordPress users to MailerLite groups when they register, subscribe to membership plans via checkout form, and automatically sync profile changes with MailerLite.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fprofilepress.com\u002Faddons\u002Faffiliatewp\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=liteversion\" rel=\"nofollow ugc\">AffiliateWP\u003C\u002Fa> – Launch an affiliate program for your WordPress membership website using AffiliateWP plugin.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fprofilepress.com\u002Faddons\u002Fslicewp\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=liteversion\" rel=\"nofollow ugc\">SliceWP\u003C\u002Fa> – Use SliceWP affiliate plugin to add an affiliate program to your WordPress membership website.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fprofilepress.com\u002Faddons\u002Fbuddypress\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=liteversion\" rel=\"nofollow ugc\">BuddyBoss\u002FBuddyPress\u003C\u002Fa> –  Sell access to groups, let users select groups to join during registration and sync WordPress profile fields with BuddyPress\u002FBuddyBoss extended profile.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fprofilepress.com\u002Faddons\u002Fakismet\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=liteversion\" rel=\"nofollow ugc\">Akismet\u003C\u002Fa> –  Block spam and bot user registrations with Akismet and keep your membership site safe and secured.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fprofilepress.com\u002Faddons\u002Fpolylang\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=liteversion\" rel=\"nofollow ugc\">Polylang\u003C\u002Fa> –  Build multilingual login, registration, password reset, and edit profile forms.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>ProfilePress is the Ecommerce platform and WooCommerce memberships plugin of your dreams. It delivers a complete experience with everything needed for selling digital products online.\u003C\u002Fp>\n\u003Cp>If you’re looking to build a business out of your membership site by creating paid memberships, there’s no better way than to use ProfilePress membership plugin which provide the ultimate member experience and will help you start and profit from your WordPress membership sites.\u003C\u002Fp>\n\u003Ch4>What’s Next\u003C\u002Fh4>\n\u003Cp>If you like this plugin, then consider checking out our other products:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fmailoptin.io\u002F\" rel=\"nofollow ugc\">MailOptin\u003C\u002Fa> – Create popups and optin forms for capturing email newsletter subscribers. Integrates with Mailchimp, ConvertKit, Infusionsoft, ActiveCampaign, Campaign Monitor, Constant Contact & more.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Ffusewp.com\u002F\" rel=\"nofollow ugc\">FuseWP\u003C\u002Fa> – Connect wordPress to marketing platforms and sync users to your email list.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Ffeedbackwp.com\u002F\" rel=\"nofollow ugc\">FeedbackWP\u003C\u002Fa> – Add star rating to WordPress posts and collect user feedbacks.\u003C\u002Fli>\n\u003C\u002Ful>\n","Setup paid membership, accept payment, sell subscription & digital product, paywall, create login & registration form, user profile & member directory",100000,14909843,62,932,"2026-03-04T12:07:00.000Z","6.0",[870,22,835,23,24],"ecommerce","https:\u002F\u002Fprofilepress.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-user-avatar.4.16.12.zip",41,"2026-04-03 22:12:00",{"slug":24,"name":876,"version":877,"author":878,"author_profile":879,"description":880,"short_description":881,"active_installs":882,"downloaded":883,"rating":884,"num_ratings":885,"last_updated":886,"tested_up_to":16,"requires_at_least":887,"requires_php":813,"tags":888,"homepage":891,"download_link":892,"security_score":27,"vuln_count":893,"unpatched_count":29,"last_vuln_date":894,"fetched_at":31},"User Registration & Membership – Free & Paid Memberships, Subscriptions, Content Restriction, User Profile, Custom User Registration & Login Builder","5.1.4","wpeverest","https:\u002F\u002Fprofiles.wordpress.org\u002Fwpeverest\u002F","\u003Cp>Build membership sites with tiered plans, content restriction, drag-&-drop custom registration & login form builder, and built-in payment system.\u003C\u002Fp>\n\u003Ch3>The Complete Membership Solution for WordPress\u003C\u002Fh3>\n\u003Cp>Tired of juggling separate plugins for membership plans, user management, payment gateways, and user profile?\u003C\u002Fp>\n\u003Cp>User Registration & Membership (URM) helps you monetize your site by creating membership plans and accepting payments for gated content.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\n\u003Cp>Membership: Build membership plans, setup billing, and manage user access in a single connected flow.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Custom User Registration Forms: Design custom registration form and for your users with drag-and-drop form builder.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Payment Integration: Monetize your membership site with one-time fee, recurring subscription, and upgrade paths. Accept subscription payments through Stripe, PayPal, and bank transfer.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Content Restriction: Restrict complete site, or individual pages and posts by membership subscription.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwpuserregistration.com\u002F?utm_source=wporg&utm_medium=readme&utm_campaign=urm-free\" rel=\"nofollow ugc\">👉 Get Started Today\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fuserregistration.demoswp.net\u002F?utm_source=wporg&utm_medium=readme&utm_campaign=try-demo\" rel=\"nofollow ugc\">👉 Try Our Demo\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Complete Membership Solution\u003C\u002Fh3>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FczohMTVfLrw?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\n\u003Cp>\u003Cstrong>Membership Groups and Plans\u003C\u002Fstrong>: Create membership tiers with different access levels and benefits. Combine related plans into membership groups for organized front-end listing.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Pre-Installed Membership Pages\u003C\u002Fstrong>: Launch your membership site in minutes instead of hours with professional pages ready to use or customize: Registration, Login, My Account, Lost Password, Reset Password, Pricing, and Thank You pages.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Content Restriction\u003C\u002Fstrong>: Set restrictions globally, per page\u002Fpost, or for specific content blocks within pages. Build complex access rules using membership plans, user roles, registration and login status.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Membership Upgrade Path\u003C\u002Fstrong>: Define clear upgrade paths between membership tiers and let users switch seamlessly without interrupting their access or membership status.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Masteriyo Course Integration\u003C\u002Fstrong>: Sell courses through memberships using our Masteriyo LMS integration.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>10+ Membership Gutenberg Blocks\u003C\u002Fstrong>: Create custom membership pages using our custom blocks: registration, my account, membership pricing, buy now block etc.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Membership Analytics\u003C\u002Fstrong>: Quickly glance over total registration, approved users, and pending requests with dedicated analytics dashboard.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Custom User Registration\u003C\u002Fstrong>\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FjbiBJdowxG0?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\n\u003Cp>\u003Cstrong>Registration Form Builder\u003C\u002Fstrong>: Build custom WordPress registration forms. Drag fields onto the canvas, arrange them visually, and configure settings with simple clicks.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Login Form\u003C\u002Fstrong>: Start with a pre-built login form and customize it to your needs. Choose form styles, configure login methods, add CAPTCHA, and set login\u002Flogout redirects.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Live Form Preview\u003C\u002Fstrong>: Preview registration and login forms in real-time to ensure everything looks and functions properly.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Pre-built Form Templates\u003C\u002Fstrong>: Save hours of setup time with professionally designed registration form templates. Use them as-is or customize fields and styling to match your specific needs. View All Form Templates\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Ajax Form Submission\u003C\u002Fstrong>: Say goodbye to slow form submissions that reload the entire page. Users get instant confirmation or error messages.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>User Role Assignment\u003C\u002Fstrong>: Assignment WordPress user roles (Administrator, Editor, Author, Contributor, Subscriber) to members during registration.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Flexible Approval Method\u003C\u002Fstrong>: Choose from auto-approval, email verification, and manual admin approval for new registration for quality control.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Payment and Monetization\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\n\u003Cp>\u003Cstrong>Multiple Revenue Modules\u003C\u002Fstrong>: Offer fixed-term memberships, recurring subscription or lifetime access.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Trusted Payment Gateways\u003C\u002Fstrong>: Accept secure payment with trusted global payment gateways even in the free version:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>PayPal\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Stripe\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Bank Transfer\u003C\u002Fstrong>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Payment History\u003C\u002Fstrong>: Comprehensive transaction tracking with payment status, date, gateway, and more. complete history accessible to admins and members.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>User Registration & Membership PRO Features\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>Membership and User Management\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Membership plans with tiered access control\u003C\u002Fli>\n\u003Cli>Admin approval for new registrations\u003C\u002Fli>\n\u003Cli>Member Directory with search filters searchable directories\u003C\u002Fli>\n\u003Cli>Role-based redirection after login\u003C\u002Fli>\n\u003Cli>Profile completeness indicator\u003C\u002Fli>\n\u003Cli>Advanced content restriction with complex rules\u003C\u002Fli>\n\u003Cli>User journey tracking\u003C\u002Fli>\n\u003Cli>Payment history tracking\u003C\u002Fli>\n\u003Cli>Social Connect (Facebook, Google, Twitter, LinkedIn login)\u003C\u002Fli>\n\u003Cli>Profile Connect (sync with other plugins)\u003C\u002Fli>\n\u003Cli>Block simultaneous logins\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Advanced Content Restriction\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Content drop for membership content\u003C\u002Fli>\n\u003Cli>URL-based restriction\u003C\u002Fli>\n\u003Cli>File download protection\u003C\u002Fli>\n\u003Cli>Conditional Content Restriction using AND, OR, and NOT logic.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Registration Form Fields & Functionality\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>60+  form fields\u003C\u002Fli>\n\u003Cli>Conditional logic (show\u002Fhide fields based on user input)\u003C\u002Fli>\n\u003Cli>Multi-step forms with progress indicators\u003C\u002Fli>\n\u003Cli>Conversational forms (chat-like layout)\u003C\u002Fli>\n\u003Cli>Field visibility control\u003C\u002Fli>\n\u003Cli>Form restriction by custom rules\u003C\u002Fli>\n\u003Cli>Popup forms (modal display)\u003C\u002Fli>\n\u003Cli>Calculations\u003C\u002Fli>\n\u003Cli>Signature field\n\u003Cul>\n\u003Cli>Invite codes\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>Repeater field (multiple entries per field group)\u003C\u002Fli>\n\u003Cli>Save and Continue (save partial progress)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Monetization and Payment Processing\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Trial Period\u003C\u002Fli>\n\u003Cli>Multiple memberships per user\u003C\u002Fli>\n\u003Cli>Sell memberships to team\u003C\u002Fli>\n\u003Cli>Authorize.net\u003C\u002Fli>\n\u003Cli>Mollie integration\u003C\u002Fli>\n\u003Cli>Registration coupons and discounts\u003C\u002Fli>\n\u003Cli>Payment history dashboard\u003C\u002Fli>\n\u003Cli>Membership plan upgrades with pro-rated billing\u003C\u002Fli>\n\u003Cli>Discount coupon and codes\u003C\u002Fli>\n\u003Cli>Tax and EU VAT\u003C\u002Fli>\n\u003Cli>Sell in local currency\u003C\u002Fli>\n\u003Cli>Invoice generation\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Security & Spam Protection\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Email verification\u003C\u002Fli>\n\u003Cli>Google reCAPTCHA (V2, V3)\u003C\u002Fli>\n\u003Cli>hCaptcha\u003C\u002Fli>\n\u003Cli>Cloudflare Turnstile\u003C\u002Fli>\n\u003Cli>Akismet\u003C\u002Fli>\n\u003Cli>Honeypot spam protection\u003C\u002Fli>\n\u003Cli>SMS verification via Twilio\u003C\u002Fli>\n\u003Cli>Two-factor authentication (2FA)\u003C\u002Fli>\n\u003Cli>Auto-generated passwords\u003C\u002Fli>\n\u003Cli>Passwordless login\u003C\u002Fli>\n\u003Cli>Custom CAPTCHA field (math\u002FQ&A)\u003C\u002Fli>\n\u003Cli>Whitelisted domains\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Design & Customization\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Email customizer\u003C\u002Fli>\n\u003Cli>Customize My Account page\u003C\u002Fli>\n\u003Cli>Style Customizer (visual form designer)\u003C\u002Fli>\n\u003Cli>Email Templates\u003C\u002Fli>\n\u003Cli>Advanced styling options for forms\u003C\u002Fli>\n\u003Cli>Analytics & Tracking\u003C\u002Fli>\n\u003Cli>Advanced analytics dashboard\u003C\u002Fli>\n\u003Cli>User journey tracking\u003C\u002Fli>\n\u003Cli>Advanced user\u002Fform analytics\u003C\u002Fli>\n\u003Cli>Dashboard with views, submissions, conversions\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Advanced Features\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>PDF form submission (auto-generate PDFs)\u003C\u002Fli>\n\u003Cli>Frontend post submission\u003C\u002Fli>\n\u003Cli>Bulk user import (CSV)\u003C\u002Fli>\n\u003Cli>Invite codes for registration\u003C\u002Fli>\n\u003Cli>Geolocation data collection\u003C\u002Fli>\n\u003Cli>Private admin notes\u003C\u002Fli>\n\u003Cli>Form access by user role\u003C\u002Fli>\n\u003Cli>Cloud storage (Google Drive, Dropbox)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Marketing and CRM Integrations\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Custom Email Notifications\u003C\u002Fli>\n\u003Cli>Mailchimp\u003C\u002Fli>\n\u003Cli>MailerLite\u003C\u002Fli>\n\u003Cli>MailPoet\u003C\u002Fli>\n\u003Cli>ActiveCampaign\u003C\u002Fli>\n\u003Cli>Klaviyo\u003C\u002Fli>\n\u003Cli>Brevo (formerly Sendinblue)\u003C\u002Fli>\n\u003Cli>Kit (formerly ConvertKit)\u003C\u002Fli>\n\u003Cli>Salesforce\u003C\u002Fli>\n\u003Cli>Zapier (5,000+ apps)\u003C\u002Fli>\n\u003Cli>Google Sheets\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Webhooks\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwpuserregistration.com\u002Fpricing\u002F?utm_source=wporg&utm_medium=readme&utm_campaign=pro_features&utm_content=get_pro\" rel=\"nofollow ugc\">👉 Get User Registration & Membership Pro\u003C\u002Fa>\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Know your way around user registration with our tutorials\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpuserregistration.com\u002Fblog\u002Fhow-to-create-a-membership-website-in-wordpress\u002F?utm_source=wporg&utm_medium=readme&utm_campaign=tutorials\" rel=\"nofollow ugc\">How to Create a Membership Website in WordPress for Free (with Content Restriction)\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpuserregistration.com\u002Fblog\u002Fcreate-user-profile-page-in-wordpress\u002F?utm_source=wporg&utm_medium=readme&utm_campaign=tutorials\" rel=\"nofollow ugc\">How to Create a Custom User Profile Page in WordPress?\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpuserregistration.com\u002Fblog\u002Fcreate-user-registration-form-in-wordpress\u002F?utm_source=wporg&utm_medium=readme&utm_campaign=tutorials\" rel=\"nofollow ugc\">How to Create User Registration Form in WordPress Easily?\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpuserregistration.com\u002Fblog\u002Fregister-users-with-invitation-code\u002F?utm_source=wporg&utm_medium=readme&utm_campaign=tutorials\" rel=\"nofollow ugc\">How to Register Users with an Invitation Code in WordPress?\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpuserregistration.com\u002Fblog\u002Fdefault-wordpress-login-page-url-change\u002F?utm_source=wporg&utm_medium=readme&utm_campaign=tutorials\" rel=\"nofollow ugc\">How to Change Default WordPress Login URL to Custom URL?\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Get in Touch with us: \u003Ca href=\"https:\u002F\u002Fwww.facebook.com\u002Fgroups\u002Fuserregistration\" rel=\"nofollow ugc\">Official Community\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Ftwitter.com\u002Fuser_register\" rel=\"nofollow ugc\">Twitter\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Important: Version 5.0 and above is a major update with significant improvements\u003C\u002Fh3>\n\u003Cp>We strongly recommend backing up your site before updating. This update includes architectural changes that make your membership management more powerful and easier to use.\u003Cbr \u002F>\nRead the full blog post to see what’s new: \u003Ca href=\"https:\u002F\u002Fwpuserregistration.com\u002Fblog\u002Fuser-registration-membership-pro-6\u002F\" rel=\"nofollow ugc\">User Registration & Membership v5.0\u003C\u002Fa>\u003C\u002Fp>\n","Build membership sites with tiered plans, content restriction, drag-&-drop custom registration & login form builder, and built-in payment system.",60000,4160300,96,813,"2026-02-25T07:44:00.000Z","5.5",[889,22,890,23,24],"content-restriction","subscription","https:\u002F\u002Fwpuserregistration.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fuser-registration.5.1.4.zip",30,"2026-03-23 11:24:15",{"attackSurface":896,"codeSignals":2479,"taintFlows":2865,"riskAssessment":3259,"analyzedAt":3276},{"hooks":897,"ajaxHandlers":2335,"restRoutes":2445,"shortcodes":2446,"cronEvents":2472,"entryPointCount":1377,"unprotectedCount":1080},[898,904,909,913,918,922,925,929,933,937,941,944,947,951,955,959,961,964,969,972,975,978,981,985,987,990,993,997,1000,1003,1006,1010,1014,1017,1020,1022,1026,1030,1034,1038,1042,1045,1049,1051,1055,1059,1063,1066,1070,1074,1078,1081,1084,1088,1091,1094,1097,1099,1101,1105,1107,1110,1112,1115,1118,1120,1123,1128,1131,1133,1136,1139,1142,1146,1149,1151,1154,1156,1160,1162,1164,1167,1169,1171,1173,1176,1180,1183,1187,1190,1194,1198,1201,1204,1207,1210,1214,1217,1220,1224,1227,1230,1232,1235,1237,1240,1242,1245,1248,1251,1255,1259,1261,1264,1266,1268,1271,1273,1275,1277,1279,1282,1284,1286,1289,1294,1298,1301,1304,1307,1310,1314,1318,1321,1324,1327,1330,1333,1334,1338,1342,1346,1350,1354,1357,1361,1366,1370,1373,1378,1381,1384,1388,1391,1394,1397,1400,1403,1406,1409,1412,1414,1418,1420,1423,1426,1428,1431,1435,1438,1442,1446,1450,1454,1458,1462,1466,1469,1473,1477,1480,1483,1486,1490,1493,1496,1499,1501,1504,1506,1508,1510,1514,1515,1519,1521,1523,1526,1529,1532,1535,1537,1540,1543,1546,1549,1552,1557,1560,1563,1565,1569,1572,1575,1578,1581,1585,1588,1591,1594,1595,1598,1600,1604,1608,1612,1614,1617,1620,1623,1626,1630,1634,1637,1640,1643,1646,1650,1653,1655,1657,1659,1661,1663,1666,1668,1670,1673,1676,1678,1681,1684,1687,1689,1692,1693,1696,1698,1701,1703,1705,1710,1713,1716,1718,1721,1723,1725,1727,1731,1735,1738,1742,1746,1750,1751,1755,1759,1762,1765,1768,1771,1774,1777,1780,1784,1787,1790,1794,1797,1801,1804,1808,1812,1815,1818,1821,1823,1825,1827,1831,1834,1838,1842,1846,1848,1850,1852,1855,1857,1861,1865,1869,1872,1876,1879,1882,1885,1888,1891,1893,1897,1900,1903,1905,1908,1911,1916,1919,1923,1926,1929,1931,1932,1936,1940,1942,1946,1950,1953,1955,1958,1962,1966,1969,1973,1978,1981,1984,1988,1989,1991,1994,1997,2002,2005,2009,2012,2015,2018,2021,2024,2028,2032,2035,2037,2040,2043,2045,2047,2050,2054,2057,2060,2062,2065,2069,2073,2076,2080,2083,2086,2089,2093,2096,2100,2102,2105,2108,2113,2116,2119,2123,2126,2128,2130,2132,2135,2139,2141,2144,2147,2149,2152,2155,2158,2161,2164,2167,2170,2173,2176,2179,2182,2185,2187,2191,2194,2197,2200,2204,2207,2210,2213,2216,2218,2221,2225,2228,2231,2234,2238,2242,2244,2248,2251,2253,2256,2259,2262,2264,2267,2271,2273,2275,2277,2280,2282,2284,2287,2289,2291,2294,2295,2297,2299,2301,2303,2305,2307,2310,2313,2315,2316,2318,2321,2324,2327,2332],{"type":899,"name":900,"callback":901,"file":902,"line":903},"action","init","add_notice","includes\\action-scheduler\\class-init.php",45,{"type":905,"name":906,"callback":907,"file":902,"line":908},"filter","um_site_health_extend","change_site_health",46,{"type":905,"name":910,"callback":911,"file":902,"line":912},"um_settings_structure","add_setting",48,{"type":899,"name":914,"callback":915,"file":916,"line":917},"admin_init","actions_listener","includes\\admin\\class-actions-listener.php",39,{"type":905,"name":919,"callback":920,"file":916,"line":921},"um_adm_action_individual_nonce_actions","extends_individual_nonce_actions",40,{"type":899,"name":914,"callback":914,"priority":29,"file":923,"line":924},"includes\\admin\\class-admin.php",60,{"type":899,"name":926,"callback":927,"file":923,"line":928},"um_admin_do_action__user_cache","user_cache",65,{"type":899,"name":930,"callback":931,"file":923,"line":932},"um_admin_do_action__user_status_cache","user_status_cache",66,{"type":899,"name":934,"callback":935,"file":923,"line":936},"um_admin_do_action__purge_temp","purge_temp",67,{"type":899,"name":938,"callback":939,"file":923,"line":940},"um_admin_do_action__manual_upgrades_request","manual_upgrades_request",68,{"type":899,"name":942,"callback":943,"file":923,"line":796},"um_admin_do_action__duplicate_form","duplicate_form",{"type":899,"name":945,"callback":946,"file":923,"line":28},"um_admin_do_action__check_templates_version","check_templates_version",{"type":899,"name":948,"callback":949,"file":923,"line":950},"um_admin_do_action__install_core_pages","install_core_pages",72,{"type":899,"name":952,"callback":953,"file":923,"line":954},"um_admin_do_action__install_predefined_page","install_predefined_page",73,{"type":899,"name":956,"callback":956,"priority":957,"file":923,"line":958},"parent_file",9,75,{"type":905,"name":960,"callback":960,"priority":132,"file":923,"line":27},"gettext",{"type":905,"name":962,"callback":962,"file":923,"line":963},"post_updated_messages",77,{"type":905,"name":965,"callback":965,"priority":966,"file":967,"line":968},"admin_body_class",999,"includes\\admin\\class-enqueue.php",56,{"type":899,"name":970,"callback":970,"file":967,"line":971},"admin_enqueue_scripts",58,{"type":899,"name":973,"callback":974,"file":967,"line":924},"load-customize.php","navmenu_scripts",{"type":899,"name":976,"callback":974,"file":967,"line":977},"load-nav-menus.php",61,{"type":899,"name":979,"callback":980,"file":967,"line":865},"load-edit.php","posts_page",{"type":899,"name":982,"callback":983,"file":967,"line":984},"load-post-new.php","enqueue_cpt_scripts",64,{"type":899,"name":986,"callback":983,"file":967,"line":928},"load-post.php",{"type":905,"name":988,"callback":989,"file":967,"line":796},"block_categories_all","blocks_category",{"type":905,"name":991,"callback":989,"file":967,"line":992},"block_categories",71,{"type":899,"name":994,"callback":995,"priority":996,"file":967,"line":954},"enqueue_block_assets","block_editor",11,{"type":899,"name":970,"callback":998,"file":967,"line":999},"enqueue_navmenu_scripts",282,{"type":899,"name":970,"callback":1001,"file":967,"line":1002},"forms_page_scripts",325,{"type":899,"name":970,"callback":1004,"file":967,"line":1005},"directories_page_scripts",327,{"type":899,"name":1007,"callback":1008,"priority":261,"file":967,"line":1009},"admin_footer","admin_footer_scripts",630,{"type":905,"name":1011,"callback":1012,"file":967,"line":1013},"um_admin_forms_data_localize","directory_forms_data_localize",632,{"type":899,"name":914,"callback":1015,"file":1016,"line":917},"maybe_run_updater","includes\\admin\\class-extensions-updater.php",{"type":899,"name":914,"callback":914,"file":1018,"line":1019},"includes\\admin\\class-secure.php",44,{"type":905,"name":910,"callback":1021,"file":1018,"line":903},"add_settings",{"type":905,"name":1023,"callback":1024,"priority":1025,"file":1018,"line":908},"manage_users_custom_column","add_restore_account",9999,{"type":905,"name":1027,"callback":1028,"file":1018,"line":1029},"pre_get_users","filter_users_by_date_registered",47,{"type":899,"name":1031,"callback":1032,"file":1018,"line":1033},"um_settings_before_save","check_secure_changes",49,{"type":899,"name":1035,"callback":1036,"file":1018,"line":1037},"um_settings_save","on_settings_save",50,{"type":905,"name":1039,"callback":1039,"priority":261,"file":1040,"line":1041},"debug_information","includes\\admin\\class-site-health.php",38,{"type":905,"name":1043,"callback":1044,"file":1040,"line":917},"site_status_tests","register_site_status_tests",{"type":905,"name":1046,"callback":1046,"file":1047,"line":1048},"manage_users_columns","includes\\admin\\class-users-columns.php",24,{"type":905,"name":1023,"callback":1023,"priority":132,"file":1047,"line":1050},25,{"type":899,"name":1052,"callback":1053,"file":1047,"line":1054},"pre_user_query","sort_by_newest",27,{"type":905,"name":1056,"callback":1057,"priority":47,"file":1047,"line":1058},"users_list_table_query_args","hide_by_caps",28,{"type":905,"name":1060,"callback":1061,"file":1047,"line":1062},"views_users","restrict_role_links",29,{"type":905,"name":1064,"callback":1064,"priority":132,"file":1047,"line":1065},"user_row_actions",31,{"type":905,"name":1067,"callback":1068,"file":1047,"line":1069},"bulk_actions-users","add_bulk_actions",32,{"type":905,"name":1071,"callback":1072,"priority":132,"file":1047,"line":1073},"handle_bulk_actions-users","handle_bulk_actions",33,{"type":899,"name":1075,"callback":1076,"file":1047,"line":1077},"manage_users_extra_tablenav","add_status_filter",35,{"type":899,"name":1052,"callback":1079,"file":1047,"line":1080},"filter_users_by_status",36,{"type":905,"name":1082,"callback":1083,"file":1047,"line":1041},"removable_query_args","add_removable_query_args",{"type":899,"name":1085,"callback":1086,"file":1087,"line":1065},"um_admin_field_modal_header","add_message_handlers","includes\\admin\\core\\class-admin-builder.php",{"type":899,"name":1089,"callback":1090,"priority":132,"file":1087,"line":1069},"um_admin_field_modal_footer","add_conditional_support",{"type":905,"name":1092,"callback":1093,"priority":132,"file":1087,"line":1073},"um_admin_builder_skip_field_validation","skip_field_validation",{"type":905,"name":1095,"callback":1095,"priority":47,"file":1087,"line":1096},"um_admin_pre_save_field_to_form",34,{"type":905,"name":1098,"callback":1098,"priority":47,"file":1087,"line":1077},"um_admin_pre_save_fields_hook",{"type":905,"name":1100,"callback":1100,"priority":47,"file":1087,"line":1080},"um_admin_field_update_error_handling",{"type":905,"name":1102,"callback":1103,"file":1104,"line":1048},"manage_edit-um_form_columns","manage_edit_um_form_columns","includes\\admin\\core\\class-admin-columns.php",{"type":899,"name":1106,"callback":1106,"priority":132,"file":1104,"line":1050},"manage_um_form_posts_custom_column",{"type":905,"name":1108,"callback":1109,"file":1104,"line":1054},"manage_edit-um_directory_columns","manage_edit_um_directory_columns",{"type":899,"name":1111,"callback":1111,"priority":132,"file":1104,"line":1058},"manage_um_directory_posts_custom_column",{"type":905,"name":1113,"callback":1113,"priority":1114,"file":1104,"line":893},"post_row_actions",99,{"type":905,"name":1116,"callback":1117,"priority":132,"file":1104,"line":1073},"display_post_states","add_display_post_states",{"type":905,"name":1113,"callback":1119,"priority":132,"file":1104,"line":1077},"remove_bulk_actions_um_form_inline",{"type":899,"name":1007,"callback":1121,"priority":957,"file":1122,"line":893},"load_field_order","includes\\admin\\core\\class-admin-dragdrop.php",{"type":905,"name":1124,"callback":1125,"file":1126,"line":1127},"wp_default_editor","set_default_editor_fix","includes\\admin\\core\\class-admin-forms.php",903,{"type":899,"name":900,"callback":1129,"file":1130,"line":1054},"init_fields","includes\\admin\\core\\class-admin-gdpr.php",{"type":899,"name":914,"callback":1132,"priority":261,"file":1130,"line":1058},"plugin_add_suggested_privacy_content",{"type":905,"name":1134,"callback":1135,"file":1130,"line":1062},"wp_privacy_personal_data_exporters","plugin_register_exporters",{"type":905,"name":1137,"callback":1138,"file":1130,"line":893},"wp_privacy_personal_data_erasers","plugin_register_erasers",{"type":899,"name":1140,"callback":1141,"file":1130,"line":1069},"um_admin_custom_register_metaboxes","add_metabox_register",{"type":899,"name":1143,"callback":1144,"priority":29,"file":1145,"line":1062},"admin_menu","primary_admin_menu","includes\\admin\\core\\class-admin-menu.php",{"type":899,"name":1143,"callback":1147,"priority":1148,"file":1145,"line":893},"secondary_menu_items",1000,{"type":899,"name":1143,"callback":1150,"priority":1025,"file":1145,"line":1065},"extension_menu",{"type":899,"name":1152,"callback":1153,"file":1145,"line":1073},"admin_head","menu_order_count",{"type":905,"name":1155,"callback":1155,"priority":1148,"file":1145,"line":1077},"admin_footer_text",{"type":899,"name":1157,"callback":1158,"file":1145,"line":1159},"load-ultimate-member_page_um_options","maybe_settings_redirect",37,{"type":899,"name":1152,"callback":1152,"priority":957,"file":1161,"line":992},"includes\\admin\\core\\class-admin-metabox.php",{"type":899,"name":1007,"callback":1163,"priority":957,"file":1161,"line":950},"load_modal_content",{"type":899,"name":914,"callback":1165,"priority":29,"file":1161,"line":1166},"remove_meta_box",74,{"type":905,"name":1168,"callback":1168,"priority":132,"file":1161,"line":958},"enter_title_here",{"type":899,"name":986,"callback":1170,"priority":957,"file":1161,"line":963},"add_metabox",{"type":899,"name":982,"callback":1170,"priority":957,"file":1161,"line":1172},78,{"type":899,"name":914,"callback":1174,"priority":957,"file":1161,"line":1175},"add_taxonomy_metabox",80,{"type":899,"name":1177,"callback":1178,"file":1161,"line":1179},"um_roles_add_meta_boxes","add_metabox_role",83,{"type":905,"name":1181,"callback":1182,"priority":47,"file":1161,"line":794},"um_builtin_validation_types_continue_loop","validation_types_continue_loop",{"type":905,"name":1184,"callback":1185,"priority":132,"file":1161,"line":1186},"um_restrict_content_hide_metabox","hide_metabox_restrict_content_shop",86,{"type":905,"name":1188,"callback":1189,"priority":132,"file":1161,"line":13},"um_member_directory_meta_value_before_save","before_save_data",{"type":899,"name":1191,"callback":1192,"priority":47,"file":1161,"line":1193},"add_meta_boxes","add_metabox_form",195,{"type":899,"name":1195,"callback":1196,"priority":132,"file":1161,"line":1197},"save_post","save_metabox_form",196,{"type":899,"name":1191,"callback":1199,"priority":47,"file":1161,"line":1200},"add_metabox_directory",198,{"type":899,"name":1195,"callback":1202,"priority":132,"file":1161,"line":1203},"save_metabox_directory",199,{"type":899,"name":1191,"callback":1205,"priority":47,"file":1161,"line":1206},"add_metabox_restrict_content",229,{"type":899,"name":1195,"callback":1208,"priority":132,"file":1161,"line":1209},"save_metabox_restrict_content",230,{"type":899,"name":1211,"callback":1212,"priority":132,"file":1161,"line":1213},"add_attachment","save_attachment_metabox_restrict_content",234,{"type":899,"name":1215,"callback":1212,"priority":132,"file":1161,"line":1216},"edit_attachment",235,{"type":899,"name":1195,"callback":1218,"priority":132,"file":1161,"line":1219},"save_metabox_custom",240,{"type":899,"name":900,"callback":1221,"file":1222,"line":1223},"set_variables","includes\\admin\\core\\class-admin-navmenu.php",26,{"type":899,"name":1225,"callback":1226,"file":1222,"line":1058},"customize_controls_print_footer_scripts","_wp_template",{"type":899,"name":1228,"callback":1229,"priority":132,"file":1222,"line":1062},"wp_update_nav_menu_item","_save",{"type":899,"name":1231,"callback":1231,"priority":261,"file":1222,"line":1065},"wp_nav_menu_item_custom_fields",{"type":899,"name":914,"callback":1233,"file":1234,"line":1062},"create_languages_folder","includes\\admin\\core\\class-admin-notices.php",{"type":899,"name":914,"callback":1236,"file":1234,"line":1065},"create_list",{"type":899,"name":1238,"callback":1239,"priority":47,"file":1234,"line":1069},"admin_notices","render_notices",{"type":899,"name":914,"callback":1241,"file":1234,"line":1077},"force_dismiss_notice",{"type":899,"name":914,"callback":1243,"priority":957,"file":1244,"line":903},"init_variables","includes\\admin\\core\\class-admin-settings.php",{"type":899,"name":1246,"callback":1247,"file":1244,"line":912},"um_settings_page_before_email__content","settings_before_email_tab",{"type":905,"name":1249,"callback":1250,"priority":132,"file":1244,"line":1033},"um_settings_section_custom_fields","email_section_custom_fields",{"type":905,"name":1252,"callback":1253,"file":1244,"line":1254},"um_settings_form_section_advanced_override_templates_override_templates_custom_content","settings_override_templates_tab",51,{"type":905,"name":1256,"callback":1257,"priority":132,"file":1244,"line":1258},"um_settings_section_licenses__custom_content","settings_licenses_tab",54,{"type":905,"name":910,"callback":1260,"priority":1025,"file":1244,"line":968},"sorting_licenses_options",{"type":899,"name":914,"callback":1262,"priority":132,"file":1244,"line":1263},"save_settings_handler",59,{"type":899,"name":1031,"callback":1265,"file":1244,"line":865},"check_permalinks_changes",{"type":899,"name":1035,"callback":1036,"file":1244,"line":1267},63,{"type":905,"name":1269,"callback":1270,"file":1244,"line":928},"um_change_settings_before_save","save_email_templates",{"type":899,"name":1031,"callback":1272,"file":1244,"line":940},"before_licenses_save",{"type":899,"name":1035,"callback":1274,"file":1244,"line":796},"licenses_save",{"type":905,"name":1269,"callback":1276,"priority":957,"file":1244,"line":992},"set_default_if_empty",{"type":905,"name":1269,"callback":1278,"priority":132,"file":1244,"line":950},"remove_empty_values",{"type":905,"name":1280,"callback":1280,"priority":921,"file":1281,"line":1041},"upgrader_package_options","includes\\admin\\core\\class-admin-theme-updater.php",{"type":899,"name":1283,"callback":1283,"priority":921,"file":1281,"line":917},"upgrader_process_complete",{"type":899,"name":1143,"callback":1143,"priority":29,"file":1285,"line":940},"includes\\admin\\core\\class-admin-upgrade.php",{"type":899,"name":1287,"callback":1288,"priority":29,"file":1285,"line":796},"wp_loaded","initialize_upgrade_packages",{"type":905,"name":1290,"callback":1291,"file":1292,"line":1293},"um_get_tabs_from_config","__return_true","includes\\class-config.php",743,{"type":899,"name":1295,"callback":900,"priority":29,"file":1296,"line":1297},"plugins_loaded","includes\\class-init.php",202,{"type":899,"name":1295,"callback":1299,"file":1296,"line":1300},"extensions_init",204,{"type":899,"name":900,"callback":1302,"priority":29,"file":1296,"line":1303},"old_update_patch",207,{"type":899,"name":1287,"callback":1305,"file":1296,"line":1306},"maybe_network_activation",215,{"type":899,"name":1308,"callback":1308,"file":1296,"line":1309},"widgets_init",219,{"type":905,"name":1311,"callback":1312,"priority":132,"file":1313,"line":261},"um_action_scheduler_is_hook_enabled","is_enabled","includes\\common\\actions\\class-emails.php",{"type":899,"name":1315,"callback":1316,"priority":132,"file":1313,"line":1317},"um_dispatch_email","send",21,{"type":899,"name":900,"callback":1319,"file":1320,"line":893},"add_recurring_action","includes\\common\\actions\\class-users.php",{"type":899,"name":900,"callback":1322,"priority":47,"file":1323,"line":261},"create_post_types","includes\\common\\class-cpt.php",{"type":899,"name":1325,"callback":1326,"priority":132,"file":1323,"line":1317},"transition_post_status","change_default_form",{"type":899,"name":970,"callback":1328,"priority":957,"file":1329,"line":1258},"common_libs","includes\\common\\class-enqueue.php",{"type":899,"name":1331,"callback":1328,"priority":957,"file":1329,"line":1332},"wp_enqueue_scripts",55,{"type":899,"name":994,"callback":1328,"priority":957,"file":1329,"line":968},{"type":905,"name":1335,"callback":1336,"priority":1148,"file":1337,"line":1317},"body_class","remove_admin_bar","includes\\common\\class-screen.php",{"type":899,"name":1339,"callback":1340,"file":1337,"line":1341},"send_headers","avoid_mobile_cache",22,{"type":899,"name":1343,"callback":1344,"file":1345,"line":1341},"wp","schedule_events","includes\\common\\class-secure.php",{"type":905,"name":1347,"callback":1348,"file":1345,"line":1349},"um_get_option_filter__banned_capabilities","add_default_capabilities",23,{"type":899,"name":1351,"callback":1352,"file":1345,"line":1353},"um_hourly_scheduled_events","notify_administrators_hourly",43,{"type":899,"name":1355,"callback":1356,"file":1345,"line":903},"um_daily_scheduled_events","notify_administrators_daily",{"type":905,"name":1358,"callback":1359,"file":1360,"line":1050},"site_status_test_php_modules","add_required_modules","includes\\common\\class-site-health.php",{"type":899,"name":1362,"callback":1363,"file":1364,"line":1365},"after_switch_theme","flush_transient_templates_data","includes\\common\\class-theme.php",16,{"type":905,"name":1367,"callback":1368,"priority":132,"file":1369,"line":261},"user_has_cap","map_caps_by_role","includes\\common\\class-users.php",{"type":905,"name":1371,"callback":1372,"file":1369,"line":1317},"editable_roles","restrict_roles",{"type":905,"name":1374,"callback":1375,"priority":1114,"file":1376,"line":1377},"get_next_post_where","exclude_navigation_posts","includes\\core\\class-access.php",52,{"type":905,"name":1379,"callback":1375,"priority":1114,"file":1376,"line":1380},"get_previous_post_where",53,{"type":905,"name":1382,"callback":1383,"priority":132,"file":1376,"line":968},"the_title","filter_restricted_post_title",{"type":905,"name":1385,"callback":1386,"priority":1387,"file":1376,"line":971},"the_content","filter_restricted_post_content",999999,{"type":905,"name":1389,"callback":1390,"priority":1387,"file":1376,"line":924},"get_the_excerpt","filter_restricted_post_excerpt",{"type":899,"name":1392,"callback":1393,"priority":1114,"file":1376,"line":1267},"pre_get_comments","exclude_posts_comments",{"type":905,"name":1395,"callback":1396,"priority":1114,"file":1376,"line":984},"wp_count_comments","custom_comments_count_handler",{"type":905,"name":1398,"callback":1399,"priority":1114,"file":1376,"line":932},"comment_feed_where","exclude_posts_comments_feed",{"type":905,"name":1401,"callback":1402,"priority":1114,"file":1376,"line":940},"comments_open","disable_comments_open",{"type":905,"name":1404,"callback":1405,"priority":1114,"file":1376,"line":796},"get_comments_number","disable_comments_open_number",{"type":905,"name":1407,"callback":1408,"priority":1114,"file":1376,"line":950},"wp_nav_menu_objects","filter_menu",{"type":905,"name":1410,"callback":1411,"priority":132,"file":1376,"line":958},"render_block","restrict_blocks",{"type":899,"name":1413,"callback":1413,"priority":1148,"file":1376,"line":1172},"template_redirect",{"type":899,"name":1413,"callback":1415,"priority":1416,"file":1376,"line":1417},"send_frame_options_header",1010,79,{"type":899,"name":1419,"callback":1419,"file":1376,"line":1175},"um_access_check_blog_page_settings",{"type":899,"name":1421,"callback":1421,"file":1376,"line":1422},"um_access_check_individual_term_settings",81,{"type":899,"name":1424,"callback":1424,"file":1376,"line":1425},"um_access_check_global_settings",82,{"type":899,"name":1295,"callback":1427,"priority":47,"file":1376,"line":794},"initialize_hooks",{"type":905,"name":1429,"callback":1430,"priority":1114,"file":1376,"line":884},"wp_get_attachment_url","filter_attachment",{"type":905,"name":1432,"callback":1433,"priority":1114,"file":1376,"line":1434},"has_post_thumbnail","filter_post_thumbnail",97,{"type":905,"name":1436,"callback":1437,"priority":1114,"file":1376,"line":838},"widget_posts_args","exclude_restricted_posts_widget",{"type":905,"name":1439,"callback":1440,"file":1376,"line":1441},"wp_list_pages_excludes","exclude_restricted_pages",102,{"type":905,"name":1443,"callback":1444,"priority":1114,"file":1376,"line":1445},"getarchives_where","exclude_restricted_posts_archives_widget",104,{"type":899,"name":1447,"callback":1448,"priority":1114,"file":1376,"line":1449},"pre_get_posts","exclude_posts",107,{"type":905,"name":1451,"callback":1452,"priority":132,"file":1376,"line":1453},"posts_where","exclude_posts_where",108,{"type":905,"name":1455,"callback":1456,"priority":1114,"file":1376,"line":1457},"wp_count_posts","custom_count_posts_handler",109,{"type":899,"name":1459,"callback":1460,"priority":1114,"file":1376,"line":1461},"pre_get_terms","exclude_hidden_terms_query",112,{"type":905,"name":1463,"callback":1464,"priority":1114,"file":1376,"line":1465},"the_posts","filter_protected_posts",117,{"type":905,"name":1467,"callback":1464,"priority":1114,"file":1376,"line":1468},"get_pages",119,{"type":905,"name":1470,"callback":1471,"priority":132,"file":1376,"line":1472},"home_template","blog_message",1669,{"type":905,"name":1474,"callback":1475,"priority":132,"file":1376,"line":1476},"tag_template","taxonomy_message",1724,{"type":905,"name":1478,"callback":1475,"priority":132,"file":1376,"line":1479},"archive_template",1725,{"type":905,"name":1481,"callback":1475,"priority":132,"file":1376,"line":1482},"category_template",1726,{"type":905,"name":1484,"callback":1475,"priority":132,"file":1376,"line":1485},"taxonomy_template",1727,{"type":899,"name":1413,"callback":1487,"priority":1488,"file":1489,"line":908},"account_page_restrict",10001,"includes\\core\\class-account.php",{"type":899,"name":1413,"callback":1491,"priority":1492,"file":1489,"line":1029},"account_submit",10002,{"type":905,"name":1494,"callback":1495,"priority":47,"file":1489,"line":912},"um_predefined_fields_hook","predefined_fields_hook",{"type":899,"name":900,"callback":1497,"priority":996,"file":1498,"line":261},"block_editor_render","includes\\core\\class-blocks.php",{"type":905,"name":1500,"callback":1500,"priority":1025,"file":1498,"line":1317},"block_type_metadata_settings",{"type":899,"name":900,"callback":1502,"priority":47,"file":1503,"line":971},"set_core_fields","includes\\core\\class-builtin.php",{"type":899,"name":900,"callback":1505,"priority":47,"file":1503,"line":1263},"set_predefined_fields",{"type":899,"name":900,"callback":1507,"priority":47,"file":1503,"line":924},"set_custom_fields",{"type":899,"name":900,"callback":1509,"priority":47,"file":1503,"line":977},"set_blacklist_fields",{"type":905,"name":1511,"callback":1512,"file":1513,"line":261},"cron_schedules","add_schedules","includes\\core\\class-cron.php",{"type":899,"name":1343,"callback":1344,"file":1513,"line":1317},{"type":905,"name":1516,"callback":1517,"priority":132,"file":1518,"line":1341},"um_get_core_page_filter","get_core_page_url","includes\\core\\class-external-integrations.php",{"type":905,"name":1520,"callback":1520,"priority":132,"file":1518,"line":1349},"um_admin_settings_email_section_fields",{"type":905,"name":1522,"callback":1522,"priority":132,"file":1518,"line":1048},"um_email_send_subject",{"type":905,"name":1524,"callback":1525,"priority":132,"file":1518,"line":1050},"um_locate_email_template","locate_email_template",{"type":905,"name":1527,"callback":1528,"priority":132,"file":1518,"line":1223},"um_change_email_template_file","change_email_template_file",{"type":905,"name":1530,"callback":1531,"priority":132,"file":1518,"line":1054},"um_email_templates_columns","add_email_templates_wpml_column",{"type":899,"name":1533,"callback":1534,"priority":132,"file":1518,"line":893},"um_access_fix_external_post_content","bbpress_no_access_message_fix",{"type":899,"name":1533,"callback":1536,"priority":996,"file":1518,"line":1065},"forumwp_fix",{"type":899,"name":1533,"callback":1538,"priority":1539,"file":1518,"line":1069},"woocommerce_fix",12,{"type":905,"name":1541,"callback":1542,"priority":132,"file":1518,"line":1096},"um_external_profile_url","um_localize_profile_url",{"type":905,"name":1544,"callback":1545,"priority":132,"file":1518,"line":1077},"um_get_current_page_url","um_localize_profile_nav_url",{"type":905,"name":1547,"callback":1548,"priority":132,"file":1518,"line":1080},"icl_ls_languages","um_core_page_wpml_permalink",{"type":899,"name":1413,"callback":1550,"priority":1551,"file":1518,"line":917},"transposh_user_profile",9990,{"type":905,"name":1553,"callback":1554,"priority":1555,"file":1518,"line":1556},"single_template","woocommerce_template",9999999,159,{"type":899,"name":1413,"callback":1558,"priority":47,"file":1559,"line":1263},"download_routing","includes\\core\\class-files.php",{"type":899,"name":1413,"callback":1561,"priority":74,"file":1562,"line":950},"form_init","includes\\core\\class-form.php",{"type":899,"name":900,"callback":1564,"file":1562,"line":954},"field_declare",{"type":899,"name":1566,"callback":1567,"priority":957,"file":1568,"line":261},"um_submit_form_register","agreement_validation","includes\\core\\class-gdpr.php",{"type":905,"name":1570,"callback":1571,"priority":132,"file":1568,"line":1341},"um_whitelisted_metakeys","extend_whitelisted",{"type":905,"name":1573,"callback":1574,"file":1568,"line":1048},"um_before_save_filter_submitted","add_agreement_date",{"type":905,"name":1576,"callback":1577,"priority":132,"file":1568,"line":1050},"um_email_registration_data","email_registration_data",{"type":899,"name":1579,"callback":1580,"file":1568,"line":1054},"um_after_form_fields","display_option",{"type":899,"name":1582,"callback":1583,"file":1584,"line":1223},"um_after_login_fields","add_nonce","includes\\core\\class-login.php",{"type":899,"name":1586,"callback":1587,"priority":47,"file":1584,"line":1054},"um_submit_form_login","verify_nonce",{"type":899,"name":1413,"callback":1589,"priority":807,"file":1590,"line":1349},"logout_page","includes\\core\\class-logout.php",{"type":905,"name":1592,"callback":1593,"priority":132,"file":1590,"line":992},"wp_safe_redirect_fallback","safe_redirect_default",{"type":905,"name":1592,"callback":1593,"priority":132,"file":1590,"line":1457},{"type":899,"name":900,"callback":1596,"priority":29,"file":1597,"line":1037},"init_paths","includes\\core\\class-mail.php",{"type":905,"name":1599,"callback":1599,"file":1597,"line":1254},"mandrill_nl2br",{"type":905,"name":1601,"callback":1602,"file":1597,"line":1603},"um_template_tags_patterns_hook","add_placeholder",418,{"type":905,"name":1605,"callback":1606,"file":1597,"line":1607},"um_template_tags_replaces_hook","add_replace_placeholder",419,{"type":899,"name":1609,"callback":1610,"priority":132,"file":1611,"line":936},"updated_user_meta","on_update_usermeta","includes\\core\\class-member-directory-meta.php",{"type":899,"name":1613,"callback":1610,"priority":132,"file":1611,"line":940},"added_user_meta",{"type":899,"name":1615,"callback":1616,"priority":132,"file":1611,"line":796},"deleted_user_meta","on_delete_usermeta",{"type":899,"name":1618,"callback":1619,"priority":132,"file":1611,"line":992},"um_add_new_field","on_new_field_added",{"type":899,"name":1621,"callback":1622,"priority":132,"file":1611,"line":950},"um_delete_custom_field","on_delete_custom_field",{"type":905,"name":900,"callback":1243,"file":1624,"line":1625},"includes\\core\\class-member-directory.php",125,{"type":899,"name":1627,"callback":1628,"priority":132,"file":1624,"line":1629},"wp_insert_post","set_token",127,{"type":899,"name":1413,"callback":1631,"priority":1632,"file":1624,"line":1633},"access_members",555,128,{"type":905,"name":1052,"callback":1635,"file":1624,"line":1636},"sortby_last_login",1645,{"type":905,"name":1052,"callback":1638,"priority":132,"file":1624,"line":1639},"sortby_randomly",1780,{"type":899,"name":1052,"callback":1641,"file":1624,"line":1642},"search_changes",3055,{"type":899,"name":1052,"callback":1644,"file":1624,"line":1645},"pagination_changes",3056,{"type":899,"name":1647,"callback":1648,"priority":132,"file":1649,"line":1048},"wpmu_new_blog","create_new_blog_old_wp","includes\\core\\class-multisite.php",{"type":899,"name":1651,"callback":1652,"priority":132,"file":1649,"line":1050},"wp_insert_site","create_new_blog",{"type":899,"name":1413,"callback":1561,"priority":1488,"file":1654,"line":1054},"includes\\core\\class-password.php",{"type":899,"name":1656,"callback":1656,"file":1654,"line":1062},"um_reset_password_errors_hook",{"type":899,"name":1658,"callback":1658,"file":1654,"line":893},"um_reset_password_process_hook",{"type":899,"name":1660,"callback":1660,"file":1654,"line":1069},"um_change_password_errors_hook",{"type":899,"name":1662,"callback":1662,"file":1654,"line":1073},"um_change_password_process_hook",{"type":899,"name":900,"callback":1664,"priority":29,"file":1665,"line":893},"set_current_url","includes\\core\\class-permalinks.php",{"type":899,"name":900,"callback":1667,"priority":47,"file":1665,"line":1069},"check_for_querystrings",{"type":899,"name":900,"callback":1669,"priority":74,"file":1665,"line":1077},"activate_account_via_email_link",{"type":899,"name":1671,"callback":1672,"file":1665,"line":1159},"um_approve_user_on_email_confirmation","approve_user_on_email_confirmation",{"type":899,"name":1355,"callback":1674,"file":1675,"line":1341},"um_checklicenses","includes\\core\\class-plugin-updater.php",{"type":899,"name":1283,"callback":1677,"priority":261,"file":1675,"line":1050},"clean_update_plugins_cache",{"type":905,"name":1679,"callback":1680,"file":1675,"line":1058},"pre_set_site_transient_update_plugins","check_update",{"type":905,"name":1682,"callback":1683,"priority":1025,"file":1675,"line":1065},"plugins_api","plugin_information",{"type":899,"name":1413,"callback":1685,"priority":1492,"file":1686,"line":1019},"active_tab","includes\\core\\class-profile.php",{"type":899,"name":1413,"callback":1688,"priority":1492,"file":1686,"line":903},"active_subnav",{"type":899,"name":1690,"callback":1583,"file":1691,"line":261},"um_after_register_fields","includes\\core\\class-register.php",{"type":899,"name":1566,"callback":1587,"priority":47,"file":1691,"line":1317},{"type":899,"name":1287,"callback":1694,"file":1695,"line":1317},"maybe_flush_rewrite_rules","includes\\core\\class-rewrite.php",{"type":905,"name":1697,"callback":1697,"file":1695,"line":1050},"query_vars",{"type":905,"name":1699,"callback":1700,"file":1695,"line":1223},"rewrite_rules_array","add_rewrite_rules",{"type":899,"name":1413,"callback":1702,"priority":1025,"file":1695,"line":1058},"redirect_author_page",{"type":899,"name":1413,"callback":1704,"priority":1025,"file":1695,"line":1062},"locate_user_profile",{"type":899,"name":1706,"callback":1707,"priority":1708,"file":1709,"line":1341},"wp_roles_init","um_roles_init",99999,"includes\\core\\class-roles-capabilities.php",{"type":899,"name":1711,"callback":1712,"priority":132,"file":1709,"line":1349},"update_option","um_on_roles_update",{"type":899,"name":1714,"callback":1715,"priority":132,"file":1709,"line":1048},"set_user_role","remove_user_cache",{"type":905,"name":1335,"callback":1335,"priority":29,"file":1717,"line":1417},"includes\\core\\class-shortcodes.php",{"type":905,"name":1719,"callback":1720,"priority":1114,"file":1717,"line":1422},"um_shortcode_args_filter","display_logout_form",{"type":905,"name":1719,"callback":1722,"priority":1114,"file":1717,"line":1425},"parse_shortcode_args",{"type":905,"name":1601,"callback":1602,"file":1717,"line":1724},1200,{"type":905,"name":1605,"callback":1606,"file":1717,"line":1726},1201,{"type":905,"name":1728,"callback":1729,"priority":132,"file":1730,"line":1457},"upload_dir","set_upload_directory","includes\\core\\class-uploader.php",{"type":905,"name":1732,"callback":1733,"file":1730,"line":1734},"wp_handle_upload_prefilter","validate_upload",110,{"type":905,"name":1736,"callback":1737,"priority":132,"file":1730,"line":1461},"um_upload_image_result","rotate_uploaded_image",{"type":905,"name":1739,"callback":1740,"priority":132,"file":1730,"line":1741},"um_upload_image_process__profile_photo","profile_photo",113,{"type":905,"name":1743,"callback":1744,"priority":132,"file":1730,"line":1745},"um_upload_image_process__cover_photo","cover_photo",114,{"type":899,"name":1747,"callback":1748,"priority":132,"file":1730,"line":1749},"um_upload_stream_image_process","stream_photo",115,{"type":899,"name":900,"callback":900,"file":1730,"line":1465},{"type":899,"name":1752,"callback":1753,"priority":132,"file":1730,"line":1754},"um_after_move_temporary_files","remove_unused_uploads",120,{"type":899,"name":1756,"callback":1757,"file":1758,"line":1341},"um_profile_content_posts","add_posts","includes\\core\\class-user-posts.php",{"type":899,"name":1760,"callback":1761,"file":1758,"line":1349},"um_profile_content_comments","add_comments",{"type":899,"name":900,"callback":1763,"priority":47,"file":1764,"line":1625},"set","includes\\core\\class-user.php",{"type":899,"name":1766,"callback":1767,"priority":132,"file":1764,"line":1633},"um_delete_user","remove_cache",{"type":899,"name":1769,"callback":1767,"file":1764,"line":1770},"um_after_user_updated",131,{"type":899,"name":1772,"callback":1767,"file":1764,"line":1773},"um_after_user_account_updated",132,{"type":899,"name":1775,"callback":1767,"file":1764,"line":1776},"personal_options_update",133,{"type":899,"name":1778,"callback":1767,"file":1764,"line":1779},"um_when_role_is_set",135,{"type":899,"name":1781,"callback":1782,"priority":132,"file":1764,"line":1783},"show_user_profile","profile_form_additional_section",137,{"type":899,"name":1785,"callback":1782,"priority":132,"file":1764,"line":1786},"user_new_form",138,{"type":899,"name":1788,"callback":1782,"priority":132,"file":1764,"line":1789},"edit_user_profile",139,{"type":905,"name":1791,"callback":1792,"priority":47,"file":1764,"line":1793},"um_user_profile_additional_fields","secondary_role_field",140,{"type":899,"name":1795,"callback":1795,"priority":132,"file":1764,"line":1796},"profile_update",143,{"type":899,"name":1798,"callback":1799,"priority":132,"file":1764,"line":1800},"user_register","user_register_via_admin",148,{"type":899,"name":1798,"callback":1802,"priority":996,"file":1764,"line":1803},"set_gravatar",149,{"type":899,"name":1805,"callback":1806,"priority":132,"file":1764,"line":1807},"added_existing_user","add_um_role_existing_user",152,{"type":899,"name":1809,"callback":1810,"priority":132,"file":1764,"line":1811},"wpmu_activate_user","add_um_role_wpmu_new_user",153,{"type":899,"name":900,"callback":1813,"priority":132,"file":1764,"line":1814},"check_membership",156,{"type":899,"name":1816,"callback":1817,"file":1764,"line":1556},"wpmu_delete_user","delete_user_handler",{"type":899,"name":1819,"callback":1817,"file":1764,"line":1820},"delete_user",161,{"type":899,"name":1609,"callback":1610,"priority":132,"file":1764,"line":1822},164,{"type":899,"name":1613,"callback":1610,"priority":132,"file":1764,"line":1824},165,{"type":899,"name":1615,"callback":1616,"priority":132,"file":1764,"line":1826},167,{"type":899,"name":1828,"callback":1829,"priority":132,"file":1764,"line":1830},"update_user_meta","flush_um_count_users_transient_update",169,{"type":899,"name":1613,"callback":1832,"priority":132,"file":1764,"line":1833},"flush_um_count_users_transient_add",170,{"type":899,"name":1835,"callback":1836,"priority":132,"file":1764,"line":1837},"delete_user_meta","flush_um_count_users_transient_delete",171,{"type":899,"name":1839,"callback":1840,"priority":132,"file":1764,"line":1841},"update_user_metadata","avoid_banned_keys",173,{"type":905,"name":1843,"callback":1844,"file":1845,"line":1080},"um_user_pre_updating_files_array","validate_files","includes\\core\\class-validation.php",{"type":905,"name":1573,"callback":1847,"priority":132,"file":1845,"line":1159},"validate_fields_values",{"type":905,"name":1697,"callback":1697,"file":1849,"line":1058},"includes\\core\\rest\\class-api-v1.php",{"type":905,"name":1697,"callback":1697,"file":1851,"line":1054},"includes\\core\\rest\\class-api-v2.php",{"type":899,"name":900,"callback":1853,"file":1854,"line":950},"add_endpoint","includes\\core\\rest\\class-api.php",{"type":899,"name":1413,"callback":1856,"file":1854,"line":954},"process_query",{"type":899,"name":1858,"callback":1858,"file":1859,"line":1860},"um_access_profile","includes\\core\\um-actions-access.php",19,{"type":899,"name":1862,"callback":1862,"file":1863,"line":1864},"um_submit_account_errors_hook","includes\\core\\um-actions-account.php",210,{"type":905,"name":1866,"callback":1867,"file":1863,"line":1868},"send_password_change_email","__return_false",232,{"type":899,"name":1870,"callback":1870,"file":1863,"line":1871},"um_submit_account_details",493,{"type":905,"name":1873,"callback":1874,"priority":261,"file":1863,"line":1875},"send_email_change_email","um_maybe_flush_users_session_update_user",519,{"type":899,"name":1877,"callback":1877,"file":1863,"line":1878},"um_account_page_hidden_fields",534,{"type":899,"name":1880,"callback":1880,"file":1863,"line":1881},"um_before_account_delete",549,{"type":899,"name":1883,"callback":1883,"file":1863,"line":1884},"um_before_account_notifications",566,{"type":899,"name":1772,"callback":1886,"priority":132,"file":1863,"line":1887},"um_after_user_account_updated_permalink",582,{"type":899,"name":1772,"callback":1889,"priority":261,"file":1863,"line":1890},"um_account_updated_notification",600,{"type":905,"name":1873,"callback":1867,"file":1863,"line":1892},610,{"type":899,"name":1894,"callback":1895,"priority":132,"file":1863,"line":1896},"um_account_pre_update_profile","um_disable_native_email_notificatiion",612,{"type":899,"name":1898,"callback":1898,"file":1863,"line":1899},"um_after_account_privacy",620,{"type":899,"name":1901,"callback":1901,"file":1902,"line":908},"um_submit_form_errors_hook__blockedemails","includes\\core\\um-actions-form.php",{"type":899,"name":1904,"callback":1904,"file":1902,"line":940},"um_submit_form_errors_hook__blockedips",{"type":899,"name":1906,"callback":1906,"priority":132,"file":1902,"line":1907},"um_submit_form_errors_hook__blockedwords",103,{"type":899,"name":1909,"callback":1909,"priority":132,"file":1902,"line":1910},"um_submit_form_errors_hook",275,{"type":899,"name":1912,"callback":1913,"priority":1914,"file":1902,"line":1915},"um_after_profile_fields","closure",900,512,{"type":899,"name":1917,"callback":1917,"priority":132,"file":1902,"line":1918},"um_submit_form_errors_hook_",1080,{"type":905,"name":1920,"callback":1921,"priority":132,"file":1902,"line":1922},"um_login_invalid_nonce_redirect_url","um_invalid_nonce_redirect_url",1098,{"type":905,"name":1924,"callback":1921,"priority":132,"file":1902,"line":1925},"um_register_invalid_nonce_redirect_url",1099,{"type":899,"name":1579,"callback":1927,"file":1928,"line":1050},"um_add_form_identifier","includes\\core\\um-actions-global.php",{"type":899,"name":1579,"callback":1930,"file":1928,"line":1033},"um_add_security_checks",{"type":899,"name":1877,"callback":1930,"file":1928,"line":1037},{"type":899,"name":1933,"callback":1933,"file":1934,"line":1935},"um_submit_form_errors_hook_login","includes\\core\\um-actions-login.php",87,{"type":899,"name":1937,"callback":1938,"file":1934,"line":1939},"um_before_login_fields","um_display_login_errors",118,{"type":899,"name":1941,"callback":1941,"priority":1025,"file":1934,"line":1807},"um_submit_form_errors_hook_logincheck",{"type":899,"name":1943,"callback":1944,"file":1934,"line":1945},"um_on_login_before_redirect","um_store_lastlogin_timestamp",162,{"type":899,"name":1947,"callback":1948,"file":1934,"line":1949},"wp_login","um_store_lastlogin_timestamp_",181,{"type":899,"name":1951,"callback":1951,"file":1934,"line":1952},"um_user_login",278,{"type":899,"name":1586,"callback":1586,"priority":132,"file":1934,"line":1954},328,{"type":899,"name":1582,"callback":1956,"priority":1148,"file":1934,"line":1957},"um_add_submit_button_to_login",470,{"type":899,"name":1582,"callback":1959,"priority":1960,"file":1934,"line":1961},"um_after_login_submit",1001,491,{"type":899,"name":1963,"callback":1964,"priority":838,"file":1934,"line":1965},"um_main_login_fields","um_add_login_fields",502,{"type":899,"name":1579,"callback":1967,"file":1968,"line":1267},"um_browser_url_redirect_to","includes\\core\\um-actions-misc.php",{"type":905,"name":1970,"callback":1971,"priority":132,"file":1968,"line":1972},"um_late_escaping_allowed_tags","um_form_notices_additional_tags",189,{"type":899,"name":1974,"callback":1975,"priority":1976,"file":1968,"line":1977},"um_before_form","um_add_update_notice",500,203,{"type":899,"name":1979,"callback":1979,"file":1980,"line":1949},"um_profile_content_main","includes\\core\\um-actions-profile.php",{"type":899,"name":1982,"callback":1982,"priority":132,"file":1980,"line":1983},"um_user_edit_profile",539,{"type":899,"name":1985,"callback":1986,"priority":47,"file":1980,"line":1987},"um_submit_form_errors_hook__profile","um_profile_validate_nonce",554,{"type":905,"name":1843,"callback":1844,"file":1980,"line":346},{"type":905,"name":1573,"callback":1847,"priority":132,"file":1980,"line":1990},559,{"type":899,"name":1769,"callback":1992,"priority":132,"file":1980,"line":1993},"um_restore_default_roles",586,{"type":899,"name":1579,"callback":1995,"file":1980,"line":1996},"um_editing_user_id_input",601,{"type":899,"name":1998,"callback":1999,"priority":2000,"file":1980,"line":2001},"wp_head","_wp_render_title_tag",18,625,{"type":899,"name":1998,"callback":2003,"priority":2000,"file":1980,"line":2004},"rel_canonical",628,{"type":899,"name":2006,"callback":2007,"priority":56,"file":1980,"line":2008},"get_header","um_profile_remove_wpseo",633,{"type":899,"name":1998,"callback":2010,"priority":261,"file":1980,"line":2011},"um_profile_dynamic_meta_desc",842,{"type":899,"name":2013,"callback":2013,"priority":957,"file":1980,"line":2014},"um_profile_header_cover_area",983,{"type":899,"name":2016,"callback":2017,"priority":1037,"file":1980,"line":1148},"um_after_profile_header_name_args","um_social_links_icons",{"type":899,"name":2019,"callback":2019,"priority":957,"file":1980,"line":2020},"um_profile_header",1400,{"type":899,"name":2022,"callback":2022,"file":1980,"line":2023},"um_pre_profile_shortcode",1451,{"type":899,"name":2025,"callback":2026,"file":1980,"line":2027},"um_pre_header_editprofile","um_add_edit_icon",1558,{"type":899,"name":2029,"callback":2030,"priority":838,"file":1980,"line":2031},"um_main_profile_fields","um_add_profile_fields",1580,{"type":899,"name":2033,"callback":2033,"priority":132,"file":1980,"line":2034},"um_submit_form_profile",1622,{"type":899,"name":1912,"callback":2036,"priority":1148,"file":1980,"line":504},"um_add_submit_button_to_profile",{"type":899,"name":2038,"callback":2038,"priority":957,"file":1980,"line":2039},"um_profile_menu",1878,{"type":899,"name":2041,"callback":2041,"file":2042,"line":1365},"um_post_registration_approved_hook","includes\\core\\um-actions-register.php",{"type":899,"name":2044,"callback":2044,"file":2042,"line":1058},"um_post_registration_checkmail_hook",{"type":899,"name":2046,"callback":2046,"file":2042,"line":921},"um_post_registration_pending_hook",{"type":899,"name":2048,"callback":2049,"priority":47,"file":2042,"line":1453},"um_user_register","um_after_insert_user",{"type":899,"name":2051,"callback":2052,"file":2042,"line":2053},"um_registration_complete","um_send_registration_notification",147,{"type":899,"name":2051,"callback":2055,"priority":838,"file":2042,"line":2056},"um_check_user_status",332,{"type":899,"name":2058,"callback":2058,"file":2042,"line":2059},"um_submit_form_errors_hook__registration",345,{"type":899,"name":1566,"callback":1566,"priority":132,"file":2042,"line":2061},575,{"type":899,"name":1690,"callback":2063,"priority":1148,"file":2042,"line":2064},"um_add_submit_button_to_register",715,{"type":899,"name":2066,"callback":2067,"priority":838,"file":2042,"line":2068},"um_main_register_fields","um_add_register_fields",726,{"type":899,"name":2070,"callback":2071,"priority":132,"file":2042,"line":2072},"um_registration_set_extra_data","um_registration_save_files",781,{"type":899,"name":2070,"callback":2074,"priority":132,"file":2042,"line":2075},"um_registration_set_profile_full_name",810,{"type":899,"name":2077,"callback":2078,"priority":132,"file":2042,"line":2079},"login_form_register","um_form_register_redirect",824,{"type":899,"name":2081,"callback":2081,"priority":132,"file":2082,"line":1453},"um_update_profile_full_name","includes\\core\\um-actions-save-profile.php",{"type":899,"name":2084,"callback":2084,"priority":838,"file":2085,"line":1050},"um_logout_user_links","includes\\core\\um-actions-user.php",{"type":899,"name":900,"callback":2087,"priority":1114,"file":2088,"line":1050},"um_block_wpadmin_by_user_role","includes\\core\\um-actions-wpadmin.php",{"type":905,"name":2090,"callback":2091,"priority":1025,"file":2088,"line":2092},"show_admin_bar","um_control_admin_bar",42,{"type":899,"name":2094,"callback":2095,"file":2088,"line":1254},"wp_footer","um_force_admin_bar",{"type":905,"name":2097,"callback":2098,"file":2099,"line":1349},"um_get_field__first_name","um_account_disable_name_fields","includes\\core\\um-filters-account.php",{"type":905,"name":2101,"callback":2098,"file":2099,"line":1048},"um_get_field__last_name",{"type":905,"name":2103,"callback":2104,"priority":132,"file":2099,"line":1037},"um_account_pre_updating_profile_array","um_account_sanitize_data",{"type":905,"name":2106,"callback":2107,"file":2099,"line":928},"um_profile_profile_noindex_empty__filter","um_account_profile_noindex_value",{"type":905,"name":2109,"callback":2110,"priority":1708,"file":2111,"line":2112},"avatar_defaults","um_avatar_defaults","includes\\core\\um-filters-avatars.php",15,{"type":905,"name":2114,"callback":2115,"priority":1708,"file":2111,"line":1380},"get_avatar","um_get_avatar",{"type":905,"name":2117,"callback":2118,"priority":261,"file":2111,"line":1172},"get_avatar_url","um_filter_get_avatar_url",{"type":905,"name":2120,"callback":2121,"priority":807,"file":2122,"line":1041},"get_comment_author_link","um_comment_link_to_profile","includes\\core\\um-filters-commenting.php",{"type":905,"name":2124,"callback":2124,"priority":1114,"file":2125,"line":1054},"um_profile_field_filter_hook__oembed","includes\\core\\um-filters-fields.php",{"type":905,"name":2127,"callback":2127,"priority":1114,"file":2125,"line":865},"um_profile_field_filter_hook__soundcloud_track",{"type":905,"name":2129,"callback":2129,"priority":1114,"file":2125,"line":1186},"um_profile_field_filter_hook__youtube_video",{"type":905,"name":2131,"callback":2131,"priority":1114,"file":2125,"line":1741},"um_profile_field_filter_hook__spotify",{"type":905,"name":2133,"callback":2133,"priority":1114,"file":2125,"line":2134},"um_profile_field_filter_hook__vimeo_video",136,{"type":905,"name":2136,"callback":2137,"priority":1114,"file":2125,"line":2138},"um_profile_field_filter_hook__tel","um_profile_field_filter_hook__phone",155,{"type":905,"name":2140,"callback":2140,"priority":1114,"file":2125,"line":1837},"um_profile_field_filter_hook__viber",{"type":905,"name":2142,"callback":2142,"priority":1114,"file":2125,"line":2143},"um_profile_field_filter_hook__whatsapp",188,{"type":905,"name":2145,"callback":2145,"priority":1114,"file":2125,"line":2146},"um_profile_field_filter_hook__googlemap",209,{"type":905,"name":2148,"callback":2148,"priority":1114,"file":2125,"line":1206},"um_profile_field_filter_hook__user_registered",{"type":905,"name":2150,"callback":2150,"priority":1114,"file":2125,"line":2151},"um_profile_field_filter_hook__last_login",247,{"type":905,"name":2153,"callback":2150,"priority":1114,"file":2125,"line":2154},"um_profile_field_filter_hook___um_last_login",248,{"type":905,"name":2156,"callback":2156,"priority":1114,"file":2125,"line":2157},"um_profile_field_filter_hook__textarea",281,{"type":905,"name":2159,"callback":2159,"priority":1114,"file":2125,"line":2160},"um_profile_field_filter_hook__time",319,{"type":905,"name":2162,"callback":2162,"priority":1114,"file":2125,"line":2163},"um_profile_field_filter_hook__date",344,{"type":905,"name":2165,"callback":2165,"priority":1114,"file":2125,"line":2166},"um_profile_field_filter_hook__file",392,{"type":905,"name":2168,"callback":2168,"priority":1114,"file":2125,"line":2169},"um_profile_field_filter_hook__image",435,{"type":905,"name":2171,"callback":2171,"priority":1114,"file":2125,"line":2172},"um_profile_field_filter_hook__",550,{"type":905,"name":2174,"callback":2174,"priority":1114,"file":2125,"line":2175},"um_get_form_fields",570,{"type":905,"name":2177,"callback":2177,"priority":1114,"file":2125,"line":2178},"um_get_custom_field_array",675,{"type":905,"name":2171,"callback":2180,"priority":957,"file":2125,"line":2181},"um_force_utf8_fields",696,{"type":905,"name":2183,"callback":2183,"priority":957,"file":2125,"line":2184},"um_is_selected_filter_value",714,{"type":905,"name":2186,"callback":2183,"priority":132,"file":2125,"line":2064},"um_select_dropdown_dynamic_option_value",{"type":905,"name":2188,"callback":2189,"priority":132,"file":2125,"line":2190},"um_select_dropdown_dynamic_options","um_select_dropdown_dynamic_options_to_utf8",736,{"type":905,"name":2192,"callback":2192,"file":2125,"line":2193},"um_field_non_utf8_value",758,{"type":905,"name":2188,"callback":2195,"priority":132,"file":2125,"line":2196},"um_select_dropdown_dynamic_callback_options",778,{"type":905,"name":2198,"callback":2195,"priority":132,"file":2125,"line":2199},"um_multiselect_options",779,{"type":905,"name":2201,"callback":2202,"priority":132,"file":2125,"line":2203},"um_profile_field_filter_hook__select","um_option_match_callback_view_field",798,{"type":905,"name":2205,"callback":2202,"priority":132,"file":2125,"line":2206},"um_profile_field_filter_hook__multiselect",799,{"type":905,"name":2208,"callback":2202,"priority":132,"file":2125,"line":2209},"um_field_select_default_value",800,{"type":905,"name":2211,"callback":2202,"priority":132,"file":2125,"line":2212},"um_field_multiselect_default_value",801,{"type":905,"name":2201,"callback":2214,"priority":132,"file":2125,"line":2215},"um_profile_field__select_translate",828,{"type":905,"name":2205,"callback":2214,"priority":132,"file":2125,"line":2217},829,{"type":905,"name":2171,"callback":2219,"priority":132,"file":2125,"line":2220},"um_profile_field_filter_xss_validation",922,{"type":905,"name":2222,"callback":2223,"priority":957,"file":2125,"line":2224},"um_submit_form_data","um_submit_form_data_trim_fields",942,{"type":905,"name":2222,"callback":2226,"priority":132,"file":2125,"line":2227},"um_submit_form_data_role_fields",979,{"type":905,"name":2229,"callback":2229,"priority":132,"file":2125,"line":2230},"um_edit_url_field_value",994,{"type":905,"name":2232,"callback":2232,"priority":132,"file":2125,"line":2233},"um_view_label_birth_date",1011,{"type":905,"name":2235,"callback":2236,"priority":132,"file":2125,"line":2237},"um_change_field_label","um_md_label_birth_date",1028,{"type":905,"name":2239,"callback":2240,"priority":1114,"file":2241,"line":28},"um_upload_basedir_filter","um_multisite_urls_support","includes\\core\\um-filters-files.php",{"type":905,"name":2243,"callback":2240,"priority":1114,"file":2241,"line":992},"um_upload_baseurl_filter",{"type":905,"name":2245,"callback":2246,"file":2247,"line":1069},"login_message","um_custom_wp_err_messages","includes\\core\\um-filters-login.php",{"type":905,"name":2249,"callback":2250,"priority":132,"file":2247,"line":1258},"authenticate","um_wp_form_errors_hook_ip_test",{"type":905,"name":2249,"callback":2252,"priority":1037,"file":2247,"line":809},"um_wp_form_errors_hook_logincheck",{"type":905,"name":2254,"callback":2255,"priority":132,"file":2247,"line":1457},"lostpassword_url","um_lostpassword_url",{"type":905,"name":2257,"callback":2257,"file":2258,"line":2112},"um_pretty_number_formatting","includes\\core\\um-filters-misc.php",{"type":905,"name":1407,"callback":2260,"priority":1025,"file":2261,"line":2092},"um_add_custom_message_to_menu","includes\\core\\um-filters-navmenu.php",{"type":905,"name":1407,"callback":2263,"priority":1025,"file":2261,"line":1786},"um_conditional_nav_menu",{"type":905,"name":2265,"callback":2266,"priority":1025,"file":2261,"line":1807},"wp_get_nav_menu_items","um_get_nav_menu_items",{"type":905,"name":2268,"callback":2269,"priority":863,"file":2270,"line":1159},"the_seo_framework_pro_add_title","um_dynamic_user_profile_pagetitle","includes\\core\\um-filters-profile.php",{"type":905,"name":2272,"callback":2269,"priority":863,"file":2270,"line":1041},"wp_title",{"type":905,"name":2274,"callback":2269,"priority":863,"file":2270,"line":917},"pre_get_document_title",{"type":905,"name":1382,"callback":2276,"priority":863,"file":2270,"line":992},"um_dynamic_user_profile_title",{"type":905,"name":2278,"callback":2279,"priority":261,"file":2270,"line":1468},"get_canonical_url","um_get_canonical_url",{"type":905,"name":1494,"callback":2281,"priority":132,"file":2270,"line":1793},"um_change_profile_cover_photo_label",{"type":905,"name":1494,"callback":2283,"priority":132,"file":2270,"line":1820},"um_change_profile_photo_label",{"type":905,"name":2285,"callback":2285,"priority":74,"file":2286,"line":1800},"um_clean_user_basename_filter","includes\\core\\um-filters-user.php",{"type":905,"name":2288,"callback":2288,"priority":132,"file":2286,"line":1833},"um_before_update_profile",{"type":899,"name":1287,"callback":915,"file":2290,"line":1317},"includes\\frontend\\class-actions-listener.php",{"type":899,"name":900,"callback":2292,"file":2293,"line":1069},"scripts_enqueue_priority","includes\\frontend\\class-enqueue.php",{"type":899,"name":1331,"callback":1331,"file":2293,"line":917},{"type":899,"name":2094,"callback":1163,"file":2296,"line":1860},"includes\\frontend\\class-modal.php",{"type":899,"name":900,"callback":900,"file":2298,"line":1054},"includes\\frontend\\class-secure.php",{"type":899,"name":1937,"callback":2300,"priority":47,"file":2298,"line":1062},"reset_password_notice",{"type":899,"name":1937,"callback":2302,"priority":47,"file":2298,"line":1065},"under_maintenance_notice",{"type":899,"name":1566,"callback":2304,"file":2298,"line":1073},"block_register_forms",{"type":899,"name":1951,"callback":2306,"priority":47,"file":2298,"line":1077},"login_validate_expired_pass",{"type":899,"name":2308,"callback":2309,"priority":47,"file":2298,"line":1159},"validate_password_reset","avoid_old_password",{"type":899,"name":2311,"callback":2312,"priority":47,"file":2298,"line":1380},"um_after_save_registration_details","secure_user_capabilities",{"type":899,"name":2311,"callback":2314,"priority":74,"file":2298,"line":1258},"maybe_set_whitelisted_password",{"type":899,"name":1769,"callback":2312,"priority":47,"file":2298,"line":968},{"type":899,"name":1772,"callback":2312,"priority":47,"file":2298,"line":2317},57,{"type":899,"name":1413,"callback":2319,"priority":807,"file":2320,"line":1349},"handle_edit_screen","includes\\frontend\\class-user-profile.php",{"type":905,"name":2322,"callback":2323,"priority":132,"file":2320,"line":1048},"get_edit_user_link","change_edit_user_link",{"type":905,"name":2325,"callback":2326,"priority":132,"file":2320,"line":1050},"get_comment_author_url","change_comment_author_url",{"type":905,"name":2328,"callback":2329,"file":2330,"line":2331},"allowed_redirect_hosts","um_allowed_redirect_hosts","includes\\um-short-functions.php",2901,{"type":905,"name":1592,"callback":2333,"priority":132,"file":2330,"line":2334},"um_wp_safe_redirect_fallback",2902,[2336,2340,2344,2347,2350,2353,2356,2359,2362,2365,2368,2371,2374,2378,2382,2387,2390,2391,2393,2397,2401,2402,2405,2408,2411,2414,2417,2418,2419,2422,2425,2426,2429,2430,2433,2434,2437,2438,2441,2442],{"action":2337,"nopriv":2338,"callback":2339,"hasNonce":2338,"hasCapCheck":2338,"file":1018,"line":1377},"um_secure_scan_affected_users",false,"ajax_scanner",{"action":2341,"nopriv":2338,"callback":2342,"hasNonce":2338,"hasCapCheck":2338,"file":2343,"line":1349},"um_do_ajax_action","do_ajax_action","includes\\admin\\core\\class-admin-ajax-hooks.php",{"action":2345,"nopriv":2338,"callback":2346,"hasNonce":2338,"hasCapCheck":2338,"file":2343,"line":1048},"um_update_builder","update_builder",{"action":2348,"nopriv":2338,"callback":2349,"hasNonce":2338,"hasCapCheck":2338,"file":2343,"line":1050},"um_update_order","update_order",{"action":2351,"nopriv":2338,"callback":2352,"hasNonce":2338,"hasCapCheck":2338,"file":2343,"line":1223},"um_update_field","update_field",{"action":2354,"nopriv":2338,"callback":2355,"hasNonce":2338,"hasCapCheck":2338,"file":2343,"line":1054},"um_dynamic_modal_content","dynamic_modal_content",{"action":2357,"nopriv":2338,"callback":2358,"hasNonce":2338,"hasCapCheck":2338,"file":2343,"line":1058},"um_populate_dropdown_options","populate_dropdown_options",{"action":2360,"nopriv":2338,"callback":2361,"hasNonce":2338,"hasCapCheck":2338,"file":2343,"line":1062},"um_rated","ultimatemember_rated",{"action":2363,"nopriv":2338,"callback":2364,"hasNonce":2338,"hasCapCheck":2338,"file":2343,"line":893},"um_member_directory_default_filter_settings","default_filter_settings",{"action":2366,"nopriv":2338,"callback":2367,"hasNonce":2338,"hasCapCheck":2338,"file":2343,"line":1069},"um_same_page_update","same_page_update_ajax",{"action":2369,"nopriv":2338,"callback":2370,"hasNonce":2338,"hasCapCheck":2338,"file":1234,"line":1096},"um_dismiss_notice","dismiss_notice",{"action":2372,"nopriv":2338,"callback":2373,"hasNonce":2338,"hasCapCheck":2338,"file":1285,"line":1179},"um_run_package","ajax_run_package",{"action":2375,"nopriv":2338,"callback":2376,"hasNonce":2338,"hasCapCheck":2338,"file":1285,"line":2377},"um_get_packages","ajax_get_packages",84,{"action":2379,"nopriv":2338,"callback":2380,"hasNonce":2338,"hasCapCheck":2338,"file":2381,"line":1860},"um_get_icons","get_icons","includes\\ajax\\class-forms.php",{"action":2383,"nopriv":2338,"callback":2384,"hasNonce":2385,"hasCapCheck":2338,"file":2386,"line":1317},"um_get_pages_list","get_pages_list",true,"includes\\ajax\\class-pages.php",{"action":2388,"nopriv":2338,"callback":2389,"hasNonce":2385,"hasCapCheck":2338,"file":2386,"line":1349},"um_search_widget_request","search_widget_request",{"action":2388,"nopriv":2385,"callback":2389,"hasNonce":2385,"hasCapCheck":2338,"file":2386,"line":1048},{"action":2337,"nopriv":2338,"callback":2339,"hasNonce":2385,"hasCapCheck":2385,"file":2392,"line":1223},"includes\\ajax\\class-secure.php",{"action":2394,"nopriv":2338,"callback":2395,"hasNonce":2338,"hasCapCheck":2338,"file":2396,"line":1365},"um_get_users","get_users","includes\\ajax\\class-users.php",{"action":2398,"nopriv":2338,"callback":2399,"hasNonce":2338,"hasCapCheck":2338,"file":2400,"line":1077},"um_select_options","ajax_select_options","includes\\core\\class-ajax-common.php",{"action":2398,"nopriv":2385,"callback":2399,"hasNonce":2338,"hasCapCheck":2338,"file":2400,"line":1080},{"action":2403,"nopriv":2338,"callback":2404,"hasNonce":2338,"hasCapCheck":2338,"file":2400,"line":1041},"um_delete_profile_photo","ajax_delete_profile_photo",{"action":2406,"nopriv":2338,"callback":2407,"hasNonce":2338,"hasCapCheck":2338,"file":2400,"line":917},"um_delete_cover_photo","ajax_delete_cover_photo",{"action":2409,"nopriv":2338,"callback":2410,"hasNonce":2338,"hasCapCheck":2338,"file":2400,"line":873},"um_ajax_paginate","ajax_paginate",{"action":2412,"nopriv":2338,"callback":2413,"hasNonce":2338,"hasCapCheck":2338,"file":2400,"line":2092},"um_ajax_paginate_posts","load_posts",{"action":2415,"nopriv":2338,"callback":2416,"hasNonce":2338,"hasCapCheck":2338,"file":2400,"line":1353},"um_ajax_paginate_comments","load_comments",{"action":2412,"nopriv":2385,"callback":2413,"hasNonce":2338,"hasCapCheck":2338,"file":2400,"line":1019},{"action":2415,"nopriv":2385,"callback":2416,"hasNonce":2338,"hasCapCheck":2338,"file":2400,"line":903},{"action":2420,"nopriv":2338,"callback":2421,"hasNonce":2338,"hasCapCheck":2338,"file":2400,"line":1029},"um_muted_action","ajax_muted_action",{"action":2423,"nopriv":2338,"callback":2424,"hasNonce":2338,"hasCapCheck":2338,"file":2400,"line":1033},"um_remove_file","ajax_remove_file",{"action":2423,"nopriv":2385,"callback":2424,"hasNonce":2338,"hasCapCheck":2338,"file":2400,"line":1037},{"action":2427,"nopriv":2385,"callback":2428,"hasNonce":2338,"hasCapCheck":2338,"file":2400,"line":1377},"um_fileupload","ajax_file_upload",{"action":2427,"nopriv":2338,"callback":2428,"hasNonce":2338,"hasCapCheck":2338,"file":2400,"line":1380},{"action":2431,"nopriv":2385,"callback":2432,"hasNonce":2338,"hasCapCheck":2338,"file":2400,"line":1332},"um_imageupload","ajax_image_upload",{"action":2431,"nopriv":2338,"callback":2432,"hasNonce":2338,"hasCapCheck":2338,"file":2400,"line":968},{"action":2435,"nopriv":2385,"callback":2436,"hasNonce":2338,"hasCapCheck":2338,"file":2400,"line":971},"um_resize_image","ajax_resize_image",{"action":2435,"nopriv":2338,"callback":2436,"hasNonce":2338,"hasCapCheck":2338,"file":2400,"line":1263},{"action":2439,"nopriv":2385,"callback":2440,"hasNonce":2338,"hasCapCheck":2338,"file":2400,"line":977},"um_get_members","ajax_get_members",{"action":2439,"nopriv":2338,"callback":2440,"hasNonce":2338,"hasCapCheck":2338,"file":2400,"line":865},{"action":2443,"nopriv":2338,"callback":2443,"hasNonce":2338,"hasCapCheck":2338,"file":1863,"line":2444},"um_request_user_data",864,[],[2447,2449,2451,2452,2454,2456,2458,2460,2462,2464,2467,2469],{"tag":2448,"callback":2448,"file":1489,"line":903},"ultimatemember_account",{"tag":2450,"callback":2450,"file":1654,"line":1050},"ultimatemember_password",{"tag":791,"callback":791,"file":1717,"line":928},{"tag":2453,"callback":2453,"file":1717,"line":936},"ultimatemember_login",{"tag":2455,"callback":2455,"file":1717,"line":940},"ultimatemember_register",{"tag":2457,"callback":2457,"file":1717,"line":796},"ultimatemember_profile",{"tag":2459,"callback":2459,"file":1717,"line":28},"ultimatemember_directory",{"tag":2461,"callback":2461,"file":1717,"line":950},"um_loggedin",{"tag":2463,"callback":2463,"file":1717,"line":954},"um_loggedout",{"tag":2465,"callback":2466,"file":1717,"line":1166},"um_show_content","um_shortcode_show_content_for_role",{"tag":2468,"callback":2468,"file":1717,"line":958},"ultimatemember_searchform",{"tag":2470,"callback":2471,"file":1717,"line":963},"um_author_profile_link","author_profile_link",[2473,2475,2476,2478],{"hook":2474,"callback":2474,"file":1513,"line":818},"um_weekly_scheduled_events",{"hook":1355,"callback":1355,"file":1513,"line":1114},{"hook":2477,"callback":2477,"file":1513,"line":1457},"um_twicedaily_scheduled_events",{"hook":1351,"callback":1351,"file":1513,"line":1468},{"dangerousFunctions":2480,"sqlUsage":2481,"outputEscaping":2577,"fileOperations":903,"externalRequests":2522,"nonceChecks":1029,"capabilityChecks":27,"bundledLibraries":2861},[],{"prepared":2482,"raw":912,"locations":2483},237,[2484,2487,2490,2492,2495,2497,2498,2500,2502,2504,2506,2508,2511,2513,2515,2517,2520,2524,2525,2527,2529,2530,2532,2535,2537,2538,2539,2541,2543,2545,2547,2549,2551,2553,2555,2557,2559,2561,2563,2564,2565,2567,2569,2571,2572,2573,2574,2575],{"file":923,"line":2485,"context":2486},1764,"$wpdb->query() with variable interpolation",{"file":1018,"line":2488,"context":2489},256,"$wpdb->get_var() with variable interpolation",{"file":1018,"line":2491,"context":2486},376,{"file":1161,"line":2493,"context":2494},1235,"$wpdb->get_col() with variable interpolation",{"file":1244,"line":2496,"context":2494},130,{"file":1244,"line":1779,"context":2494},{"file":1244,"line":2499,"context":2494},157,{"file":1244,"line":2501,"context":2489},179,{"file":1244,"line":2503,"context":2486},224,{"file":1244,"line":2505,"context":2494},2809,{"file":1244,"line":2507,"context":2494},2819,{"file":1244,"line":2509,"context":2510},2844,"$wpdb->get_row() with variable interpolation",{"file":1244,"line":2512,"context":2486},2847,{"file":1244,"line":2514,"context":2494},2858,{"file":1244,"line":2516,"context":2494},2868,{"file":2518,"line":2519,"context":2486},"includes\\admin\\core\\packages\\1.3.39\\usermeta_query.php",4,{"file":2521,"line":2522,"context":2523},"includes\\admin\\core\\packages\\2.1.0-beta1\\member-directory.php",6,"$wpdb->get_results() with variable interpolation",{"file":2521,"line":1050,"context":2523},{"file":2526,"line":996,"context":2489},"includes\\admin\\core\\packages\\2.1.3-beta3\\functions.php",{"file":2528,"line":2000,"context":2486},"includes\\admin\\core\\packages\\2.1.5\\functions.php",{"file":2528,"line":1050,"context":2523},{"file":2531,"line":1166,"context":2489},"includes\\admin\\core\\packages\\2.3.0\\functions.php",{"file":2533,"line":2534,"context":2489},"includes\\admin\\core\\packages\\2.8.0\\functions.php",13,{"file":2536,"line":56,"context":2489},"includes\\admin\\templates\\dashboard\\cache.php",{"file":1369,"line":1960,"context":2489},{"file":1376,"line":2151,"context":2523},{"file":1376,"line":2540,"context":2494},366,{"file":1376,"line":2542,"context":2523},1074,{"file":2544,"line":2059,"context":2494},"includes\\core\\class-fields.php",{"file":2544,"line":2546,"context":2494},352,{"file":1611,"line":2548,"context":2494},1079,{"file":1624,"line":2550,"context":2510},1165,{"file":1624,"line":2552,"context":2510},1260,{"file":1624,"line":2554,"context":2494},1276,{"file":2556,"line":13,"context":2523},"includes\\core\\class-query.php",{"file":1717,"line":2558,"context":2489},535,{"file":1717,"line":2560,"context":2489},563,{"file":1717,"line":2562,"context":2489},591,{"file":1717,"line":1899,"context":2489},{"file":1758,"line":1203,"context":2489},{"file":1764,"line":2566,"context":2486},1212,{"file":1854,"line":2568,"context":2489},296,{"file":2570,"line":1783,"context":2486},"uninstall.php",{"file":2570,"line":1824,"context":2486},{"file":2570,"line":1841,"context":2523},{"file":2570,"line":2501,"context":2486},{"file":2570,"line":297,"context":2486},{"file":2570,"line":2576,"context":2523},251,{"escaped":670,"rawEcho":2578,"locations":2579},160,[2580,2583,2585,2587,2588,2590,2592,2593,2595,2596,2597,2598,2599,2601,2603,2605,2607,2609,2611,2613,2615,2617,2619,2621,2623,2625,2627,2628,2630,2631,2633,2635,2637,2639,2641,2643,2645,2647,2649,2651,2653,2655,2657,2659,2661,2663,2665,2667,2668,2670,2672,2674,2676,2678,2680,2682,2683,2685,2688,2690,2692,2694,2696,2698,2699,2702,2703,2705,2707,2709,2711,2712,2714,2716,2718,2720,2722,2724,2725,2727,2728,2730,2732,2733,2734,2736,2738,2739,2740,2742,2743,2745,2747,2749,2751,2753,2754,2756,2758,2760,2762,2764,2766,2768,2770,2772,2774,2775,2776,2778,2780,2782,2784,2786,2788,2790,2792,2794,2796,2798,2800,2802,2804,2806,2809,2811,2813,2814,2815,2816,2818,2819,2820,2822,2824,2826,2828,2829,2830,2831,2832,2833,2834,2835,2837,2838,2839,2841,2842,2843,2844,2845,2847,2849,2851,2853,2855,2857,2859,2860],{"file":1087,"line":2581,"context":2582},337,"raw output",{"file":1087,"line":2584,"context":2582},1087,{"file":1104,"line":2586,"context":2582},145,{"file":1104,"line":1807,"context":2582},{"file":1104,"line":2589,"context":2582},154,{"file":1104,"line":2591,"context":2582},166,{"file":1104,"line":1949,"context":2582},{"file":1104,"line":2594,"context":2582},187,{"file":1104,"line":1972,"context":2582},{"file":1126,"line":940,"context":2582},{"file":1126,"line":1166,"context":2582},{"file":1126,"line":1422,"context":2582},{"file":1126,"line":2600,"context":2582},1529,{"file":1126,"line":2602,"context":2582},1542,{"file":1161,"line":2604,"context":2582},1562,{"file":1161,"line":2606,"context":2582},1890,{"file":1161,"line":2608,"context":2582},1891,{"file":1161,"line":2610,"context":2582},1892,{"file":1161,"line":2612,"context":2582},1893,{"file":1161,"line":2614,"context":2582},1901,{"file":1161,"line":2616,"context":2582},1902,{"file":1161,"line":2618,"context":2582},1903,{"file":1161,"line":2620,"context":2582},1986,{"file":1161,"line":2622,"context":2582},1996,{"file":1161,"line":2624,"context":2582},2022,{"file":1161,"line":2626,"context":2582},2068,{"file":1161,"line":2626,"context":2582},{"file":1161,"line":2629,"context":2582},2086,{"file":1161,"line":2629,"context":2582},{"file":1161,"line":2632,"context":2582},2119,{"file":1161,"line":2634,"context":2582},2139,{"file":1161,"line":2636,"context":2582},2179,{"file":1161,"line":2638,"context":2582},2189,{"file":1161,"line":2640,"context":2582},2209,{"file":1161,"line":2642,"context":2582},2219,{"file":1161,"line":2644,"context":2582},2229,{"file":1161,"line":2646,"context":2582},2239,{"file":1161,"line":2648,"context":2582},2249,{"file":1161,"line":2650,"context":2582},2276,{"file":1161,"line":2652,"context":2582},2311,{"file":1161,"line":2654,"context":2582},2330,{"file":1161,"line":2656,"context":2582},2342,{"file":1161,"line":2658,"context":2582},2348,{"file":1161,"line":2660,"context":2582},2354,{"file":1161,"line":2662,"context":2582},2360,{"file":1161,"line":2664,"context":2582},2420,{"file":1161,"line":2666,"context":2582},2444,{"file":1161,"line":2666,"context":2582},{"file":1222,"line":2669,"context":2582},105,{"file":1222,"line":2671,"context":2582},242,{"file":1234,"line":2673,"context":2582},218,{"file":1244,"line":2675,"context":2582},2366,{"file":1244,"line":2677,"context":2582},2368,{"file":1244,"line":2679,"context":2582},2425,{"file":1244,"line":2681,"context":2582},3524,{"file":1285,"line":2581,"context":2582},{"file":2684,"line":1770,"context":2582},"includes\\admin\\core\\list-tables\\emails-list-table.php",{"file":2686,"line":2687,"context":2582},"includes\\admin\\core\\list-tables\\roles-list-table.php",273,{"file":2686,"line":2689,"context":2582},556,{"file":2691,"line":1445,"context":2582},"includes\\admin\\core\\list-tables\\version-template-list-table.php",{"file":2693,"line":1054,"context":2582},"includes\\admin\\templates\\directory\\shortcode.php",{"file":2695,"line":1050,"context":2582},"includes\\admin\\templates\\form\\shortcode.php",{"file":2697,"line":1073,"context":2582},"includes\\admin\\templates\\role\\publish.php",{"file":2697,"line":1041,"context":2582},{"file":2700,"line":2701,"context":2582},"includes\\admin\\templates\\role\\role-edit.php",216,{"file":2700,"line":1309,"context":2582},{"file":2700,"line":2704,"context":2582},226,{"file":2706,"line":1786,"context":2582},"includes\\class-functions.php",{"file":2706,"line":2708,"context":2582},303,{"file":1489,"line":2710,"context":2582},843,{"file":2544,"line":1824,"context":2582},{"file":1597,"line":2713,"context":2582},267,{"file":1597,"line":2715,"context":2582},308,{"file":1597,"line":2717,"context":2582},310,{"file":1597,"line":2719,"context":2582},326,{"file":1624,"line":2721,"context":2582},984,{"file":1624,"line":2723,"context":2582},1034,{"file":1624,"line":2723,"context":2582},{"file":1624,"line":2726,"context":2582},1035,{"file":1624,"line":2726,"context":2582},{"file":1624,"line":2729,"context":2582},1036,{"file":1624,"line":2731,"context":2582},3149,{"file":1624,"line":2731,"context":2582},{"file":1624,"line":2731,"context":2582},{"file":1624,"line":2735,"context":2582},3152,{"file":1624,"line":2737,"context":2582},3173,{"file":1624,"line":2737,"context":2582},{"file":1624,"line":2737,"context":2582},{"file":1624,"line":2741,"context":2582},3175,{"file":1686,"line":1915,"context":2582},{"file":1686,"line":2744,"context":2582},517,{"file":1764,"line":2746,"context":2582},1060,{"file":1764,"line":2748,"context":2582},1114,{"file":1854,"line":2750,"context":2582},543,{"file":1854,"line":2752,"context":2582},552,{"file":1854,"line":1987,"context":2582},{"file":1863,"line":2755,"context":2582},656,{"file":1863,"line":2757,"context":2582},657,{"file":1863,"line":2759,"context":2582},658,{"file":1863,"line":2761,"context":2582},678,{"file":1863,"line":2763,"context":2582},680,{"file":1863,"line":2765,"context":2582},747,{"file":1863,"line":2767,"context":2582},748,{"file":1863,"line":2769,"context":2582},768,{"file":1863,"line":2771,"context":2582},770,{"file":1902,"line":2773,"context":2582},513,{"file":1934,"line":1741,"context":2582},{"file":1934,"line":1976,"context":2582},{"file":1980,"line":2777,"context":2582},836,{"file":1980,"line":2779,"context":2582},955,{"file":1980,"line":2781,"context":2582},1064,{"file":1980,"line":2783,"context":2582},1072,{"file":1980,"line":2785,"context":2582},1182,{"file":1980,"line":2787,"context":2582},1255,{"file":1980,"line":2789,"context":2582},1288,{"file":1980,"line":2791,"context":2582},1569,{"file":1980,"line":2793,"context":2582},1575,{"file":1980,"line":2795,"context":2582},1802,{"file":1980,"line":2797,"context":2582},1813,{"file":1980,"line":2799,"context":2582},1825,{"file":1980,"line":2801,"context":2582},1832,{"file":1980,"line":2803,"context":2582},1868,{"file":2042,"line":2805,"context":2582},724,{"file":2807,"line":2808,"context":2582},"includes\\um-deprecated-functions.php",477,{"file":2807,"line":2810,"context":2582},533,{"file":2812,"line":1332,"context":2582},"includes\\widgets\\class-um-search-widget.php",{"file":2812,"line":2317,"context":2582},{"file":2812,"line":977,"context":2582},{"file":2812,"line":1267,"context":2582},{"file":2817,"line":1377,"context":2582},"templates\\account.php",{"file":2817,"line":1166,"context":2582},{"file":2817,"line":1425,"context":2582},{"file":2817,"line":2821,"context":2582},90,{"file":2817,"line":2823,"context":2582},98,{"file":2825,"line":1054,"context":2582},"templates\\logout.php",{"file":2827,"line":884,"context":2582},"templates\\members-grid.php",{"file":2827,"line":1114,"context":2582},{"file":2827,"line":1745,"context":2582},{"file":2827,"line":1786,"context":2582},{"file":2827,"line":1789,"context":2582},{"file":2827,"line":1793,"context":2582},{"file":2827,"line":1793,"context":2582},{"file":2827,"line":1830,"context":2582},{"file":2836,"line":958,"context":2582},"templates\\members-list.php",{"file":2836,"line":1172,"context":2582},{"file":2836,"line":809,"context":2582},{"file":2836,"line":2840,"context":2582},111,{"file":2836,"line":1461,"context":2582},{"file":2836,"line":1741,"context":2582},{"file":2836,"line":1741,"context":2582},{"file":2836,"line":1833,"context":2582},{"file":2846,"line":2715,"context":2582},"templates\\members.php",{"file":2846,"line":2848,"context":2582},359,{"file":2846,"line":2850,"context":2582},370,{"file":2852,"line":838,"context":2582},"templates\\password-reset.php",{"file":2854,"line":1048,"context":2582},"templates\\profile\\comments-single.php",{"file":2856,"line":893,"context":2582},"templates\\profile\\posts-single.php",{"file":2858,"line":1860,"context":2582},"templates\\searchform.php",{"file":2858,"line":261,"context":2582},{"file":2858,"line":261,"context":2582},[2862],{"name":2863,"version":38,"knownCves":2864},"Select2",[],[2866,2882,2898,2921,2933,2946,2958,2968,2976,2986,3000,3021,3029,3038,3047,3055,3066,3078,3088,3096,3109,3120,3128,3136,3144,3152,3160,3175,3185,3196,3207,3218,3239,3250],{"entryPoint":2867,"graph":2868,"unsanitizedCount":74,"severity":40},"settings_page (includes\\admin\\core\\class-admin-settings.php:2349)",{"nodes":2869,"edges":2880},[2870,2875],{"id":2871,"type":2872,"label":2873,"file":1244,"line":2874},"n0","source","$_GET (x2)",2350,{"id":2876,"type":2877,"label":2878,"file":1244,"line":2677,"wp_function":2879},"n1","sink","echo() [XSS]","echo",[2881],{"from":2871,"to":2876,"sanitized":2338},{"entryPoint":2883,"graph":2884,"unsanitizedCount":47,"severity":40},"default_filter_settings (includes\\core\\class-member-directory.php:3189)",{"nodes":2885,"edges":2895},[2886,2889,2892],{"id":2871,"type":2872,"label":2887,"file":1624,"line":2888},"$_REQUEST",3196,{"id":2876,"type":2890,"label":2891,"file":1624,"line":2888},"transform","→ show_filter()",{"id":2893,"type":2877,"label":2878,"file":1624,"line":2894,"wp_function":2879},"n2",1118,[2896,2897],{"from":2871,"to":2876,"sanitized":2338},{"from":2876,"to":2893,"sanitized":2338},{"entryPoint":2899,"graph":2900,"unsanitizedCount":74,"severity":40},"um_js_redirect (includes\\um-short-functions.php:615)",{"nodes":2901,"edges":2917},[2902,2905,2907,2908,2910,2912],{"id":2871,"type":2872,"label":2903,"file":2330,"line":2904},"$_SERVER",619,{"id":2876,"type":2877,"label":2878,"file":2330,"line":2906,"wp_function":2879},623,{"id":2893,"type":2872,"label":2903,"file":2330,"line":2904},{"id":2909,"type":2877,"label":2878,"file":2330,"line":1013,"wp_function":2879},"n3",{"id":2911,"type":2872,"label":2903,"file":2330,"line":2904},"n4",{"id":2913,"type":2877,"label":2914,"file":2330,"line":2915,"wp_function":2916},"n5","wp_redirect() [Open Redirect]",636,"wp_redirect",[2918,2919,2920],{"from":2871,"to":2876,"sanitized":2338},{"from":2893,"to":2909,"sanitized":2385},{"from":2911,"to":2913,"sanitized":2338},{"entryPoint":2922,"graph":2923,"unsanitizedCount":29,"severity":2932},"dynamic_modal_content (includes\\admin\\core\\class-admin-builder.php:727)",{"nodes":2924,"edges":2930},[2925,2928],{"id":2871,"type":2872,"label":2926,"file":1087,"line":2927},"$_POST (x12)",749,{"id":2876,"type":2877,"label":2878,"file":1087,"line":2929,"wp_function":2879},855,[2931],{"from":2871,"to":2876,"sanitized":2385},"low",{"entryPoint":2934,"graph":2935,"unsanitizedCount":29,"severity":2932},"populate_dropdown_options (includes\\admin\\core\\class-admin-builder.php:1171)",{"nodes":2936,"edges":2944},[2937,2940],{"id":2871,"type":2872,"label":2938,"file":1087,"line":2939},"$_POST",1181,{"id":2876,"type":2877,"label":2941,"file":1087,"line":2942,"wp_function":2943},"call_user_func() [RCE]",1197,"call_user_func",[2945],{"from":2871,"to":2876,"sanitized":2385},{"entryPoint":2947,"graph":2948,"unsanitizedCount":29,"severity":2932},"\u003Cclass-admin-builder> (includes\\admin\\core\\class-admin-builder.php:0)",{"nodes":2949,"edges":2955},[2950,2952,2953,2954],{"id":2871,"type":2872,"label":2951,"file":1087,"line":2927},"$_POST (x14)",{"id":2876,"type":2877,"label":2878,"file":1087,"line":2929,"wp_function":2879},{"id":2893,"type":2872,"label":2938,"file":1087,"line":2939},{"id":2909,"type":2877,"label":2941,"file":1087,"line":2942,"wp_function":2943},[2956,2957],{"from":2871,"to":2876,"sanitized":2385},{"from":2893,"to":2909,"sanitized":2385},{"entryPoint":2959,"graph":2960,"unsanitizedCount":29,"severity":2932},"update_order (includes\\admin\\core\\class-admin-dragdrop.php:36)",{"nodes":2961,"edges":2966},[2962,2964],{"id":2871,"type":2872,"label":2963,"file":1122,"line":912},"$_POST (x2)",{"id":2876,"type":2877,"label":2965,"file":1122,"line":2499,"wp_function":1711},"update_option() [Settings Manipulation]",[2967],{"from":2871,"to":2876,"sanitized":2385},{"entryPoint":2969,"graph":2970,"unsanitizedCount":29,"severity":2932},"\u003Cclass-admin-dragdrop> (includes\\admin\\core\\class-admin-dragdrop.php:0)",{"nodes":2971,"edges":2974},[2972,2973],{"id":2871,"type":2872,"label":2963,"file":1122,"line":912},{"id":2876,"type":2877,"label":2965,"file":1122,"line":2499,"wp_function":1711},[2975],{"from":2871,"to":2876,"sanitized":2385},{"entryPoint":2977,"graph":2978,"unsanitizedCount":29,"severity":2932},"custom_submitdiv (includes\\admin\\core\\class-admin-metabox.php:1103)",{"nodes":2979,"edges":2984},[2980,2982],{"id":2871,"type":2872,"label":2981,"file":1161,"line":404},"$_GET",{"id":2876,"type":2877,"label":2878,"file":1161,"line":2983,"wp_function":2879},1141,[2985],{"from":2871,"to":2876,"sanitized":2385},{"entryPoint":2987,"graph":2988,"unsanitizedCount":29,"severity":2932},"\u003Cclass-admin-metabox> (includes\\admin\\core\\class-admin-metabox.php:0)",{"nodes":2989,"edges":2997},[2990,2991,2992,2993],{"id":2871,"type":2872,"label":2981,"file":1161,"line":404},{"id":2876,"type":2877,"label":2878,"file":1161,"line":2983,"wp_function":2879},{"id":2893,"type":2872,"label":2981,"file":1161,"line":404},{"id":2909,"type":2877,"label":2994,"file":1161,"line":2995,"wp_function":2996},"get_col() [SQLi]",1316,"get_col",[2998,2999],{"from":2871,"to":2876,"sanitized":2385},{"from":2893,"to":2909,"sanitized":2385},{"entryPoint":3001,"graph":3002,"unsanitizedCount":29,"severity":2932},"\u003Cclass-admin-settings> (includes\\admin\\core\\class-admin-settings.php:0)",{"nodes":3003,"edges":3017},[3004,3006,3009,3010,3011,3013],{"id":2871,"type":2872,"label":3005,"file":1244,"line":1297},"$_POST['page']",{"id":2876,"type":2877,"label":3007,"file":1244,"line":1197,"wp_function":3008},"get_results() [SQLi]","get_results",{"id":2893,"type":2872,"label":2873,"file":1244,"line":2874},{"id":2909,"type":2877,"label":2878,"file":1244,"line":2677,"wp_function":2879},{"id":2911,"type":2872,"label":2938,"file":1244,"line":3012},2608,{"id":2913,"type":2877,"label":3014,"file":1244,"line":3015,"wp_function":3016},"fopen() [File Access]",3593,"fopen",[3018,3019,3020],{"from":2871,"to":2876,"sanitized":2385},{"from":2893,"to":2909,"sanitized":2385},{"from":2911,"to":2913,"sanitized":2385},{"entryPoint":3022,"graph":3023,"unsanitizedCount":29,"severity":2932},"\u003Crole-edit> (includes\\admin\\templates\\role\\role-edit.php:0)",{"nodes":3024,"edges":3027},[3025,3026],{"id":2871,"type":2872,"label":2938,"file":2700,"line":2377},{"id":2876,"type":2877,"label":2965,"file":2700,"line":1837,"wp_function":1711},[3028],{"from":2871,"to":2876,"sanitized":2385},{"entryPoint":3030,"graph":3031,"unsanitizedCount":29,"severity":2932},"\u003Cclass-form> (includes\\core\\class-form.php:0)",{"nodes":3032,"edges":3036},[3033,3034],{"id":2871,"type":2872,"label":2963,"file":1562,"line":1783},{"id":2876,"type":2877,"label":2941,"file":1562,"line":3035,"wp_function":2943},192,[3037],{"from":2871,"to":2876,"sanitized":2385},{"entryPoint":3039,"graph":3040,"unsanitizedCount":29,"severity":2932},"show_filter (includes\\core\\class-member-directory.php:739)",{"nodes":3041,"edges":3045},[3042,3044],{"id":2871,"type":2872,"label":2981,"file":1624,"line":3043},839,{"id":2876,"type":2877,"label":2878,"file":1624,"line":2710,"wp_function":2879},[3046],{"from":2871,"to":2876,"sanitized":2385},{"entryPoint":3048,"graph":3049,"unsanitizedCount":29,"severity":2932},"um_add_update_notice (includes\\core\\um-actions-misc.php:70)",{"nodes":3050,"edges":3053},[3051,3052],{"id":2871,"type":2872,"label":2887,"file":1968,"line":1425},{"id":2876,"type":2877,"label":2878,"file":1968,"line":1203,"wp_function":2879},[3054],{"from":2871,"to":2876,"sanitized":2385},{"entryPoint":3056,"graph":3057,"unsanitizedCount":47,"severity":2932},"\u003Cum-actions-misc> (includes\\core\\um-actions-misc.php:0)",{"nodes":3058,"edges":3063},[3059,3060,3061,3062],{"id":2871,"type":2872,"label":2887,"file":1968,"line":1365},{"id":2876,"type":2877,"label":2878,"file":1968,"line":924,"wp_function":2879},{"id":2893,"type":2872,"label":2887,"file":1968,"line":1425},{"id":2909,"type":2877,"label":2878,"file":1968,"line":1203,"wp_function":2879},[3064,3065],{"from":2871,"to":2876,"sanitized":2338},{"from":2893,"to":2909,"sanitized":2385},{"entryPoint":3067,"graph":3068,"unsanitizedCount":29,"severity":2932},"\u003Cum-short-functions> (includes\\um-short-functions.php:0)",{"nodes":3069,"edges":3075},[3070,3072,3073,3074],{"id":2871,"type":2872,"label":3071,"file":2330,"line":2904},"$_SERVER (x2)",{"id":2876,"type":2877,"label":2878,"file":2330,"line":2906,"wp_function":2879},{"id":2893,"type":2872,"label":2903,"file":2330,"line":2904},{"id":2909,"type":2877,"label":2914,"file":2330,"line":2915,"wp_function":2916},[3076,3077],{"from":2871,"to":2876,"sanitized":2385},{"from":2893,"to":2909,"sanitized":2385},{"entryPoint":3079,"graph":3080,"unsanitizedCount":29,"severity":2932},"\u003Cmembers> (templates\\members.php:0)",{"nodes":3081,"edges":3086},[3082,3084],{"id":2871,"type":2872,"label":3083,"file":2846,"line":865},"$_GET (x4)",{"id":2876,"type":2877,"label":2878,"file":2846,"line":3085,"wp_function":2879},243,[3087],{"from":2871,"to":2876,"sanitized":2385},{"entryPoint":3089,"graph":3090,"unsanitizedCount":47,"severity":55},"same_page_update_ajax (includes\\admin\\core\\class-admin-settings.php:76)",{"nodes":3091,"edges":3094},[3092,3093],{"id":2871,"type":2872,"label":3005,"file":1244,"line":1297},{"id":2876,"type":2877,"label":3007,"file":1244,"line":1197,"wp_function":3008},[3095],{"from":2871,"to":2876,"sanitized":2338},{"entryPoint":3097,"graph":3098,"unsanitizedCount":74,"severity":55},"um_upgrade_metadata_per_user213beta3 (includes\\admin\\core\\packages\\2.1.3-beta3\\functions.php:17)",{"nodes":3099,"edges":3106},[3100,3101,3104,3105],{"id":2871,"type":2872,"label":3005,"file":2526,"line":921},{"id":2876,"type":2877,"label":3102,"file":2526,"line":1065,"wp_function":3103},"get_row() [SQLi]","get_row",{"id":2893,"type":2872,"label":2938,"file":2526,"line":921},{"id":2909,"type":2877,"label":3007,"file":2526,"line":908,"wp_function":3008},[3107,3108],{"from":2871,"to":2876,"sanitized":2338},{"from":2893,"to":2909,"sanitized":2338},{"entryPoint":3110,"graph":3111,"unsanitizedCount":74,"severity":55},"\u003Cfunctions> (includes\\admin\\core\\packages\\2.1.3-beta3\\functions.php:0)",{"nodes":3112,"edges":3117},[3113,3114,3115,3116],{"id":2871,"type":2872,"label":3005,"file":2526,"line":921},{"id":2876,"type":2877,"label":3102,"file":2526,"line":1065,"wp_function":3103},{"id":2893,"type":2872,"label":2938,"file":2526,"line":921},{"id":2909,"type":2877,"label":3007,"file":2526,"line":908,"wp_function":3008},[3118,3119],{"from":2871,"to":2876,"sanitized":2338},{"from":2893,"to":2909,"sanitized":2338},{"entryPoint":3121,"graph":3122,"unsanitizedCount":47,"severity":55},"um_upgrade_usermeta_part230 (includes\\admin\\core\\packages\\2.3.0\\functions.php:83)",{"nodes":3123,"edges":3126},[3124,3125],{"id":2871,"type":2872,"label":3005,"file":2531,"line":1734},{"id":2876,"type":2877,"label":3007,"file":2531,"line":1441,"wp_function":3008},[3127],{"from":2871,"to":2876,"sanitized":2338},{"entryPoint":3129,"graph":3130,"unsanitizedCount":47,"severity":55},"\u003Cfunctions> (includes\\admin\\core\\packages\\2.3.0\\functions.php:0)",{"nodes":3131,"edges":3134},[3132,3133],{"id":2871,"type":2872,"label":3005,"file":2531,"line":1734},{"id":2876,"type":2877,"label":3007,"file":2531,"line":1441,"wp_function":3008},[3135],{"from":2871,"to":2876,"sanitized":2338},{"entryPoint":3137,"graph":3138,"unsanitizedCount":47,"severity":55},"um_upgrade_metadata_per_user280 (includes\\admin\\core\\packages\\2.8.0\\functions.php:26)",{"nodes":3139,"edges":3142},[3140,3141],{"id":2871,"type":2872,"label":3005,"file":2533,"line":1029},{"id":2876,"type":2877,"label":3007,"file":2533,"line":1041,"wp_function":3008},[3143],{"from":2871,"to":2876,"sanitized":2338},{"entryPoint":3145,"graph":3146,"unsanitizedCount":47,"severity":55},"\u003Cfunctions> (includes\\admin\\core\\packages\\2.8.0\\functions.php:0)",{"nodes":3147,"edges":3150},[3148,3149],{"id":2871,"type":2872,"label":3005,"file":2533,"line":1029},{"id":2876,"type":2877,"label":3007,"file":2533,"line":1041,"wp_function":3008},[3151],{"from":2871,"to":2876,"sanitized":2338},{"entryPoint":3153,"graph":3154,"unsanitizedCount":74,"severity":55},"ajax_select_options (includes\\core\\class-form.php:116)",{"nodes":3155,"edges":3158},[3156,3157],{"id":2871,"type":2872,"label":2963,"file":1562,"line":1783},{"id":2876,"type":2877,"label":2941,"file":1562,"line":3035,"wp_function":2943},[3159],{"from":2871,"to":2876,"sanitized":2338},{"entryPoint":3161,"graph":3162,"unsanitizedCount":47,"severity":55},"ajax_get_members (includes\\core\\class-member-directory-meta.php:595)",{"nodes":3163,"edges":3172},[3164,3166,3168],{"id":2871,"type":2872,"label":3165,"file":1611,"line":1892},"$_POST['directory_id']",{"id":2876,"type":2890,"label":3167,"file":1611,"line":1892},"→ get_directory_by_hash()",{"id":2893,"type":2877,"label":3169,"file":1624,"line":3170,"wp_function":3171},"get_var() [SQLi]",289,"get_var",[3173,3174],{"from":2871,"to":2876,"sanitized":2338},{"from":2876,"to":2893,"sanitized":2338},{"entryPoint":3176,"graph":3177,"unsanitizedCount":47,"severity":55},"\u003Cclass-member-directory-meta> (includes\\core\\class-member-directory-meta.php:0)",{"nodes":3178,"edges":3182},[3179,3180,3181],{"id":2871,"type":2872,"label":3165,"file":1611,"line":1892},{"id":2876,"type":2890,"label":3167,"file":1611,"line":1892},{"id":2893,"type":2877,"label":3169,"file":1624,"line":3170,"wp_function":3171},[3183,3184],{"from":2871,"to":2876,"sanitized":2338},{"from":2876,"to":2893,"sanitized":2338},{"entryPoint":3186,"graph":3187,"unsanitizedCount":47,"severity":55},"pagination_changes (includes\\core\\class-member-directory.php:2797)",{"nodes":3188,"edges":3193},[3189,3191,3192],{"id":2871,"type":2872,"label":3165,"file":1624,"line":3190},2800,{"id":2876,"type":2890,"label":3167,"file":1624,"line":3190},{"id":2893,"type":2877,"label":3169,"file":1624,"line":3170,"wp_function":3171},[3194,3195],{"from":2871,"to":2876,"sanitized":2338},{"from":2876,"to":2893,"sanitized":2338},{"entryPoint":3197,"graph":3198,"unsanitizedCount":47,"severity":55},"search_changes (includes\\core\\class-member-directory.php:2827)",{"nodes":3199,"edges":3204},[3200,3202,3203],{"id":2871,"type":2872,"label":3165,"file":1624,"line":3201},2838,{"id":2876,"type":2890,"label":3167,"file":1624,"line":3201},{"id":2893,"type":2877,"label":3169,"file":1624,"line":3170,"wp_function":3171},[3205,3206],{"from":2871,"to":2876,"sanitized":2338},{"from":2876,"to":2893,"sanitized":2338},{"entryPoint":3208,"graph":3209,"unsanitizedCount":47,"severity":55},"ajax_get_members (includes\\core\\class-member-directory.php:2937)",{"nodes":3210,"edges":3215},[3211,3213,3214],{"id":2871,"type":2872,"label":3165,"file":1624,"line":3212},2950,{"id":2876,"type":2890,"label":3167,"file":1624,"line":3212},{"id":2893,"type":2877,"label":3169,"file":1624,"line":3170,"wp_function":3171},[3216,3217],{"from":2871,"to":2876,"sanitized":2338},{"from":2876,"to":2893,"sanitized":2338},{"entryPoint":3219,"graph":3220,"unsanitizedCount":2519,"severity":55},"\u003Cclass-member-directory> (includes\\core\\class-member-directory.php:0)",{"nodes":3221,"edges":3233},[3222,3223,3224,3226,3227,3228,3229,3231],{"id":2871,"type":2872,"label":2981,"file":1624,"line":3043},{"id":2876,"type":2877,"label":2878,"file":1624,"line":2710,"wp_function":2879},{"id":2893,"type":2872,"label":3225,"file":1624,"line":3190},"$_POST['directory_id'] (x3)",{"id":2909,"type":2890,"label":3167,"file":1624,"line":3190},{"id":2911,"type":2877,"label":3169,"file":1624,"line":3170,"wp_function":3171},{"id":2913,"type":2872,"label":2887,"file":1624,"line":2888},{"id":3230,"type":2890,"label":2891,"file":1624,"line":2888},"n6",{"id":3232,"type":2877,"label":2878,"file":1624,"line":2894,"wp_function":2879},"n7",[3234,3235,3236,3237,3238],{"from":2871,"to":2876,"sanitized":2385},{"from":2893,"to":2909,"sanitized":2338},{"from":2909,"to":2911,"sanitized":2338},{"from":2913,"to":3230,"sanitized":2338},{"from":3230,"to":3232,"sanitized":2338},{"entryPoint":3240,"graph":3241,"unsanitizedCount":47,"severity":55},"\u003Cclass-query> (includes\\core\\class-query.php:0)",{"nodes":3242,"edges":3248},[3243,3244],{"id":2871,"type":2872,"label":2887,"file":2556,"line":1019},{"id":2876,"type":2877,"label":3245,"file":2556,"line":3246,"wp_function":3247},"query() [SQLi]",175,"query",[3249],{"from":2871,"to":2876,"sanitized":2338},{"entryPoint":3251,"graph":3252,"unsanitizedCount":47,"severity":55},"\u003Cclass-user-posts> (includes\\core\\class-user-posts.php:0)",{"nodes":3253,"edges":3257},[3254,3255],{"id":2871,"type":2872,"label":2938,"file":1758,"line":1822},{"id":2876,"type":2877,"label":3169,"file":1758,"line":3256,"wp_function":3171},222,[3258],{"from":2871,"to":2876,"sanitized":2338},{"summary":3260,"deductions":3261},"The \"ultimate-member\" plugin v2.11.2 exhibits a mixed security posture. While it demonstrates good practices in SQL query preparation (83%) and output escaping (93%), a significant concern arises from its large attack surface. With 52 total entry points, 36 of which lack authentication checks, there's a substantial opportunity for unauthenticated users to interact with sensitive plugin functionalities. This is exacerbated by taint analysis revealing 20 flows with unsanitized paths, 16 of which are deemed high severity, indicating potential for attackers to manipulate file paths and potentially gain unauthorized access or execute code.\n\nThe plugin's vulnerability history is a major red flag, with 68 known CVEs. Although there are currently no unpatched vulnerabilities, the sheer volume and severity of past issues (10 critical, 13 high) suggest a recurring pattern of security flaws. Common vulnerability types like Incorrect Authorization, Exposure of Sensitive Information, CSRF, SQL Injection, Path Traversal, and Code Injection indicate fundamental weaknesses that have been present and exploited multiple times. This history strongly implies that despite efforts, security vulnerabilities are consistently introduced.\n\nIn conclusion, while the plugin employs some secure coding practices, the high number of unprotected entry points, critical taint flows, and the extensive history of severe vulnerabilities point to an overall elevated risk. The potential for exploitation through unauthenticated access and path manipulation, coupled with past recurrent security failures, necessitates extreme caution. Users should be aware of the historical trends and the current attack surface, even in the absence of currently unpatched CVEs.",[3262,3264,3266,3268,3270,3272,3274],{"reason":3263,"points":132},"Large attack surface without auth checks",{"reason":3265,"points":2112},"High severity taint flows with unsanitized paths",{"reason":3267,"points":132},"Significant historical CVEs (68 total)",{"reason":3269,"points":2112},"10 historical critical CVEs",{"reason":3271,"points":132},"13 historical high CVEs",{"reason":3273,"points":56},"Common vulnerability types indicate recurring flaws",{"reason":3275,"points":792},"Bundled library (Select2)","2026-03-16T17:04:10.174Z",{"wat":3278,"direct":3328},{"assetPaths":3279,"generatorPatterns":3316,"scriptPaths":3317,"versionParams":3318},[3280,3281,3282,3283,3284,3285,3286,3287,3288,3289,3290,3291,3292,3293,3294,3295,3296,3297,3298,3299,3300,3301,3302,3303,3304,3305,3306,3307,3308,3309,3310,3311,3312,3313,3314,3315],"\u002Fwp-content\u002Fplugins\u002Fultimate-member\u002Fassets\u002Fcss\u002Fum-admin.css","\u002Fwp-content\u002Fplugins\u002Fultimate-member\u002Fassets\u002Fcss\u002Fum-members.css","\u002Fwp-content\u002Fplugins\u002Fultimate-member\u002Fassets\u002Fcss\u002Fum-frontend.css","\u002Fwp-content\u002Fplugins\u002Fultimate-member\u002Fassets\u002Fcss\u002Fum-loops.css","\u002Fwp-content\u002Fplugins\u002Fultimate-member\u002Fassets\u002Fcss\u002Fum-form-fields.css","\u002Fwp-content\u002Fplugins\u002Fultimate-member\u002Fassets\u002Fcss\u002Fum-account.css","\u002Fwp-content\u002Fplugins\u002Fultimate-member\u002Fassets\u002Fcss\u002Fum-login.css","\u002Fwp-content\u002Fplugins\u002Fultimate-member\u002Fassets\u002Fcss\u002Fum-register.css","\u002Fwp-content\u002Fplugins\u002Fultimate-member\u002Fassets\u002Fcss\u002Fum-profile.css","\u002Fwp-content\u002Fplugins\u002Fultimate-member\u002Fassets\u002Fcss\u002Fum-tooltip.css","\u002Fwp-content\u002Fplugins\u002Fultimate-member\u002Fassets\u002Fcss\u002Fum-modal.css","\u002Fwp-content\u002Fplugins\u002Fultimate-member\u002Fassets\u002Fcss\u002Fum-cropper.css","\u002Fwp-content\u002Fplugins\u002Fultimate-member\u002Fassets\u002Fcss\u002Fum-theme.css","\u002Fwp-content\u002Fplugins\u002Fultimate-member\u002Fassets\u002Fcss\u002Fum-shortcodes.css","\u002Fwp-content\u002Fplugins\u002Fultimate-member\u002Fassets\u002Fcss\u002Fum-responsive.css","\u002Fwp-content\u002Fplugins\u002Fultimate-member\u002Fassets\u002Fcss\u002Fum-notifications.css","\u002Fwp-content\u002Fplugins\u002Fultimate-member\u002Fassets\u002Fcss\u002Fum-editor.css","\u002Fwp-content\u002Fplugins\u002Fultimate-member\u002Fassets\u002Fcss\u002Fum-custom.css","\u002Fwp-content\u002Fplugins\u002Fultimate-member\u002Fassets\u002Fjs\u002Fum-account.js","\u002Fwp-content\u002Fplugins\u002Fultimate-member\u002Fassets\u002Fjs\u002Fum-admin.js","\u002Fwp-content\u002Fplugins\u002Fultimate-member\u002Fassets\u002Fjs\u002Fum-admin-blocks.js","\u002Fwp-content\u002Fplugins\u002Fultimate-member\u002Fassets\u002Fjs\u002Fum-admin-blocks-renderer.js","\u002Fwp-content\u002Fplugins\u002Fultimate-member\u002Fassets\u002Fjs\u002Fum-conditional.js","\u002Fwp-content\u002Fplugins\u002Fultimate-member\u002Fassets\u002Fjs\u002Fum-common.js","\u002Fwp-content\u002Fplugins\u002Fultimate-member\u002Fassets\u002Fjs\u002Fum-dropdown.js","\u002Fwp-content\u002Fplugins\u002Fultimate-member\u002Fassets\u002Fjs\u002Fum-editor.js","\u002Fwp-content\u002Fplugins\u002Fultimate-member\u002Fassets\u002Fjs\u002Fum-functions.js","\u002Fwp-content\u002Fplugins\u002Fultimate-member\u002Fassets\u002Fjs\u002Fum-login.js","\u002Fwp-content\u002Fplugins\u002Fultimate-member\u002Fassets\u002Fjs\u002Fum-members.js","\u002Fwp-content\u002Fplugins\u002Fultimate-member\u002Fassets\u002Fjs\u002Fum-modal.js","\u002Fwp-content\u002Fplugins\u002Fultimate-member\u002Fassets\u002Fjs\u002Fum-notifications.js","\u002Fwp-content\u002Fplugins\u002Fultimate-member\u002Fassets\u002Fjs\u002Fum-profile.js","\u002Fwp-content\u002Fplugins\u002Fultimate-member\u002Fassets\u002Fjs\u002Fum-responsive.js","\u002Fwp-content\u002Fplugins\u002Fultimate-member\u002Fassets\u002Fjs\u002Fum-scripts.js","\u002Fwp-content\u002Fplugins\u002Fultimate-member\u002Fassets\u002Fjs\u002Fum-shortcodes.js","\u002Fwp-content\u002Fplugins\u002Fultimate-member\u002Fassets\u002Fjs\u002Fum-tooltips.js",[],[3301,3302,3313,3304,3308,3298,3306,3312],[3319,3320,3321,3322,3323,3324,3325,3326,3327],"\u002Fwp-content\u002Fplugins\u002Fultimate-member\u002Fassets\u002Fcss\u002Fum-members.css?ver=","\u002Fwp-content\u002Fplugins\u002Fultimate-member\u002Fassets\u002Fjs\u002Fum-admin-blocks-renderer.js?ver=","\u002Fwp-content\u002Fplugins\u002Fultimate-member\u002Fassets\u002Fjs\u002Fum-conditional.js?ver=","\u002Fwp-content\u002Fplugins\u002Fultimate-member\u002Fassets\u002Fjs\u002Fum-scripts.js?ver=","\u002Fwp-content\u002Fplugins\u002Fultimate-member\u002Fassets\u002Fjs\u002Fum-dropdown.js?ver=","\u002Fwp-content\u002Fplugins\u002Fultimate-member\u002Fassets\u002Fjs\u002Fum-members.js?ver=","\u002Fwp-content\u002Fplugins\u002Fultimate-member\u002Fassets\u002Fjs\u002Fum-account.js?ver=","\u002Fwp-content\u002Fplugins\u002Fultimate-member\u002Fassets\u002Fjs\u002Fum-functions.js?ver=","\u002Fwp-content\u002Fplugins\u002Fultimate-member\u002Fassets\u002Fjs\u002Fum-responsive.js?ver=",{"cssClasses":3329,"htmlComments":3386,"htmlAttributes":3388,"restEndpoints":3396,"jsGlobals":3398,"shortcodeOutput":3401},[3330,3331,3332,3333,3334,3335,3336,3337,3338,3339,3340,3341,3342,3343,3344,3345,3346,3347,3348,3349,3350,3351,3352,3353,3354,3355,3356,3357,3358,3359,3337,3360,3361,3362,3363,3364,3365,3366,3367,3368,3369,3370,3371,3372,3373,3374,3375,3376,3377,3378,3379,3380,3381,3382,3383,3384,3385],"um-admin","um-profile","um-field-type-text","um-field-type-textarea","um-field-type-email","um-field-type-password","um-field-type-upload","um-field-type-heading","um-field-type-dropdown","um-field-type-multiselect","um-field-type-country","um-field-type-date","um-field-type-datepicker","um-field-type-time","um-field-type-toggle","um-field-type-radio","um-field-type-checkbox","um-field-type-hidden","um-field-type-user_role","um-field-type-username","um-field-type-url","um-field-type-number","um-field-type-website","um-field-type-tel","um-field-type-color","um-field-type-range","um-field-type-editor","um-field-type-file","um-field-type-image","um-field-type-wp_editor","um-field-type-rules","um-field-type-birthday","um-field-type-recaptcha","um-field-type-google_map","um-field-type-custom_shortcode","um-field-type-user_id","um-field-type-account_setting","um-field-type-password_strength","um-field-type-social_login","um-account-nav","um-account-body","um-login-form","um-register-form","um-lost-password-form","um-reset-password-form","um-member-directory","um-user-profile","um-avatar","um-meta","um-nav","um-dropdown","um-tooltip","um-modal","um-cropper","um-theme","um-shortcode",[3387],"\u003C!-- Ultimate Member -->",[3389,3390,3391,3392,3393,3394,3395],"data-um-form-id","data-post_id","data-nonce","data-action","data-id","data-toggle","data-placement",[3397],"\u002Fwp-json\u002Fultimate-member\u002Fv1\u002F",[3399,3400],"um_scripts","um_account_settings",[3402,3403,3404,3405,3406,3407,3408,3409],"[ultimatemember]","[ultimatemember_login]","[ultimatemember_register]","[ultimatemember_password]","[ultimatemember_profile]","[ultimatemember_activity]","[ultimatemember_members]","[ultimatemember_form]"]