WP-Safety

WP Users Pro Subscriptions Plugin – Posts, Pages and Partial Content Protection. Security & Risk Analysis

wordpress.org/plugins/wp-users-pro

Membership & Subscriptions Plugin - Posts, Pages and partial content protection.

0 active installs v1.1.2 PHP + WP 3.0.1+ Updated Dec 18, 2020
membersmembership-planpaid-membershipsubscriptions
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is WP Users Pro Subscriptions Plugin – Posts, Pages and Partial Content Protection. Safe to Use in 2026?

Generally Safe

Score 85/100

WP Users Pro Subscriptions Plugin – Posts, Pages and Partial Content Protection. has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 5yr ago
Risk Assessment

The wp-users-pro plugin v1.1.2 presents a mixed security posture. While it demonstrates good practices such as a high percentage of prepared SQL statements and the presence of nonce and capability checks, significant concerns arise from the taint analysis. A substantial number of taint flows have unsanitized paths, with a concerning 16 identified as high severity. This suggests a potential for attackers to inject malicious data that is not properly handled, potentially leading to various security issues like cross-site scripting (XSS) or other code execution vulnerabilities.

Despite the absence of known CVEs and a lack of historical vulnerabilities, the high number of high-severity unsanitized taint flows in the static analysis is a critical red flag. This indicates a weakness in how user-supplied data is processed within the plugin's codebase. The plugin's attack surface is limited to shortcodes, and no unprotected entry points were found, which are positive signs. However, the extensive presence of unsanitized paths in taint flows overshadows these strengths, suggesting that the plugin is vulnerable to attacks that leverage improperly handled input, even without a direct history of public exploits.

Key Concerns

  • High severity unsanitized taint flows found
  • Significant percentage of unsanitized taint flows
  • Low percentage of properly escaped output
Vulnerabilities
None known

WP Users Pro Subscriptions Plugin – Posts, Pages and Partial Content Protection. Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Version History

WP Users Pro Subscriptions Plugin – Posts, Pages and Partial Content Protection. Release Timeline

No version history available.
Code Analysis
Analyzed Mar 17, 2026

WP Users Pro Subscriptions Plugin – Posts, Pages and Partial Content Protection. Code Analysis

Dangerous Functions
0
Raw SQL Queries
4
60 prepared
Unescaped Output
343
226 escaped
Nonce Checks
3
Capability Checks
3
File Operations
3
External Requests
2
Bundled Libraries
0

SQL Query Safety

94% prepared64 total queries

Output Escaping

40% escaped569 total outputs
Data Flows · Security
35 unsanitized

Data Flow Analysis

25 flows35 with unsanitized paths
reload_field_to_edit (classes\wpuserspro.admin.php:925)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

WP Users Pro Subscriptions Plugin – Posts, Pages and Partial Content Protection. Attack Surface

Entry Points5
Unprotected0

Shortcodes 5

[wpuserspro_user_login] classes\wpuserspro.profile.php:2466
[wpuserspro_user_recover_password] classes\wpuserspro.profile.php:2467
[wpuserspro_account] classes\wpuserspro.profile.php:2468
[wpuserspro_user_signup] classes\wpuserspro.profile.php:2469
[wpuserspro_protect] classes\wpuserspro.profile.php:2470
WordPress Hooks 37
actionadmin_menuaddons\pages\admin\admin.php:19
actionadmin_enqueue_scriptsaddons\pages\admin\admin.php:20
actionadmin_headaddons\pages\admin\admin.php:21
actionadmin_initaddons\pages\admin\admin.php:22
actionadmin_menuclasses\wpuserspro.admin.php:25
actionadmin_enqueue_scriptsclasses\wpuserspro.admin.php:27
actionadmin_headclasses\wpuserspro.admin.php:28
actionadmin_initclasses\wpuserspro.admin.php:29
actionadmin_initclasses\wpuserspro.admin.php:30
actionwp_enqueue_scriptsclasses\wpuserspro.class.php:61
actionadmin_enqueue_scriptsclasses\wpuserspro.class.php:62
actioninitclasses\wpuserspro.class.php:65
actioninitclasses\wpuserspro.class.php:69
actioninitclasses\wpuserspro.class.php:72
actionadmin_initclasses\wpuserspro.class.php:73
actionwp_headclasses\wpuserspro.class.php:77
filterquery_varsclasses\wpuserspro.class.php:507
actioninitclasses\wpuserspro.membership.php:17
actioninitclasses\wpuserspro.paypal.php:14
actionsave_postclasses\wpuserspro.postprotection.php:16
filterthe_postsclasses\wpuserspro.postprotection.php:32
filterget_pagesclasses\wpuserspro.postprotection.php:33
actionadd_meta_boxesclasses\wpuserspro.postprotection.php:34
actionsave_postclasses\wpuserspro.postprotection.php:35
actionsave_postclasses\wpuserspro.postprotection.php:41
actionadd_meta_boxesclasses\wpuserspro.postprotection.php:42
filterthe_postsclasses\wpuserspro.postprotection.php:43
filterget_pagesclasses\wpuserspro.postprotection.php:44
actionsave_postclasses\wpuserspro.postprotection.php:50
actionadd_meta_boxesclasses\wpuserspro.postprotection.php:51
filterthe_postsclasses\wpuserspro.postprotection.php:52
actioninitclasses\wpuserspro.profile.php:13
actioninitclasses\wpuserspro.profile.php:14
actionwp_enqueue_scriptsclasses\wpuserspro.profile.php:15
actioninitclasses\wpuserspro.profile.php:33
actioninitindex.php:40
actionadmin_initindex.php:68
Maintenance & Trust

WP Users Pro Subscriptions Plugin – Posts, Pages and Partial Content Protection. Maintenance & Trust

Maintenance Signals

WordPress version tested5.6.0
Last updatedDec 18, 2020
PHP min version
Downloads981

Community Trust

Rating0/100
Number of ratings0
Active installs0
Alternatives

WP Users Pro Subscriptions Plugin – Posts, Pages and Partial Content Protection. Alternatives

Wallkit Subscriptions & Paywall Plugin for WordPress

Wallkit Subscriptions & Paywall Plugin for WordPress

wallkit

A
92

A Plug & Play paid-content system to manage subscribers, gather fees and drive additional content sales.

20 No CVEs
Paid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content Restriction

Paid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content Restriction

paid-member-subscriptions

B
82

Feature-packed membership plugin for creating subscription plans, adding recurring payments & content restriction on your membership site.

10K 17 CVEs
s2Member – Excellent for All Kinds of Memberships, Content Restriction Paywalls & Member Access Subscriptions

s2Member – Excellent for All Kinds of Memberships, Content Restriction Paywalls & Member Access Subscriptions

s2member

B
76

❤️ Excellent membership plugin! Easy, quick, flexible. Monetize your site with memberships and subscriptions. Protect content instantly and securely.

9K 12 CVEs
Memberful – Membership Plugin

Memberful – Membership Plugin

memberful-wp

A
97

Sell memberships and restrict access to content with WordPress and Memberful.

1K 3 CVEs
Subscriptions & Memberships for PayPal

Subscriptions & Memberships for PayPal

subscriptions-memberships-for-paypal

A
95

A simple and easy way to sell subscriptions and / or memberships with PayPal. No Coding Required. Official PayPal Partner.

1K 4 CVEs
Developer Profile

WP Users Pro Subscriptions Plugin – Posts, Pages and Partial Content Protection. Developer Profile

ExpressTech Systems

22 plugins · 122K total installs

73
trust score
Avg Security Score
91/100
Avg Patch Time
515 days
View full developer profile
Detection Fingerprints

How We Detect WP Users Pro Subscriptions Plugin – Posts, Pages and Partial Content Protection.

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/wp-users-pro/css/wpuserspro.css/wp-content/plugins/wp-users-pro/css/responsive.css/wp-content/plugins/wp-users-pro/css/jquery.datepick.css/wp-content/plugins/wp-users-pro/css/bootstrap.min.css/wp-content/plugins/wp-users-pro/js/wpuserspro.js/wp-content/plugins/wp-users-pro/js/jquery.easytabs.min.js/wp-content/plugins/wp-users-pro/js/jquery.bxslider.min.js/wp-content/plugins/wp-users-pro/js/jquery.datepick.js+20 more
Script Paths
wpuserspro_pages_jswpuserspro_validation_jswpuserspro_validation_css
Version Parameters
wp-users-pro/style.css?ver=wp-users-pro/responsive.css?ver=wp-users-pro/js/wpuserspro.js?ver=wp-users-pro/js/jquery.easytabs.min.js?ver=wp-users-pro/js/jquery.bxslider.min.js?ver=wp-users-pro/js/jquery.datepick.js?ver=wp-users-pro/js/jquery.form.min.js?ver=wp-users-pro/js/jquery.validate.min.js?ver=wp-users-pro/js/bootstrap.min.js?ver=wp-users-pro/js/admin.js?ver=wpuserspro_profiles_url.admin.scripts.admin.js?ver=wpuserspro_profiles_url.admin.css.admin.css?ver=wp-users-pro/js/tinymce/tinymce.min.js?ver=wp-users-pro/js/tinymce/jquery.tinymce.min.js?ver=wp-users-pro/addons/wp-users-pro-validation/js/validation.js?ver=wp-users-pro/addons/wp-users-pro-validation/css/validation.css?ver=

HTML / DOM Fingerprints

CSS Classes
wpuserspro-adminwpuserspro-admin-containwpuserspro-admin-login-formwpuserspro-admin-register-formwpuserspro-admin-profile-formwpuserspro-admin-account-formwpuserspro-admin-social-login-formwpuserspro-admin-lost-password-form+41 more
HTML Comments
<!-- Master Class --><!-- Loading Function --><!-- Init --><!-- Load plugin text domain (localization) -->+21 more
Data Attributes
data-plugin-urldata-plugin-slugdata-plugin-version
JS Globals
wpuserspro_urlwpuserspro_pathWPUPRO_PLUGIN_SETTINGS_URLWPUPRO_PLUGIN_WELCOME_URLwpusersprowpuserspro_page+7 more
Shortcode Output
[wp_users_pro_login][wp_users_pro_register][wp_users_pro_profile][wp_users_pro_account]
FAQ

Frequently Asked Questions about WP Users Pro Subscriptions Plugin – Posts, Pages and Partial Content Protection.