[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fu-sEUflVyPyxq_pYbjY-1FvqWeAR0c9XF7sE5D6HhXg":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":17,"download_link":24,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27,"vulnerabilities":28,"developer":29,"crawl_stats":26,"alternatives":35,"analysis":136,"fingerprints":217},"zesty-custom-post-types-for-paid-memberships-pro","Zesty Custom Post Types for Paid Memberships Pro","1.0.0","Bijingus","https:\u002F\u002Fprofiles.wordpress.org\u002Fbijingus\u002F","\u003Cp>This plugin lets you restrict any custom post type’s content when using Paid Membershps Pro.\u003C\u002Fp>\n\u003Cp>Simply select the custom post type you’d like to restrict for members only and a box with restriction levels will then appear when editing any post of that type.\u003C\u002Fp>\n","Restrict any custom post type with Paid Memberships Pro.",10,795,0,"2022-06-23T13:50:00.000Z","6.0.11","4.6","",[19,20,21,22,23],"custom-post-types","membership","paid-memberships-pro","pmpro","restrict","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fzesty-custom-post-types-for-paid-memberships-pro.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":30,"display_name":7,"profile_url":8,"plugin_count":31,"total_installs":11,"avg_security_score":25,"avg_patch_time_days":32,"trust_score":33,"computed_at":34},"bijingus",1,30,84,"2026-04-04T16:05:44.274Z",[36,60,79,96,118],{"slug":37,"name":38,"version":39,"author":40,"author_profile":41,"description":42,"short_description":43,"active_installs":44,"downloaded":45,"rating":46,"num_ratings":47,"last_updated":48,"tested_up_to":49,"requires_at_least":50,"requires_php":51,"tags":52,"homepage":56,"download_link":57,"security_score":58,"vuln_count":31,"unpatched_count":13,"last_vuln_date":59,"fetched_at":27},"bp-restrict","Restrictions for BuddyPress","1.5.3","SeventhQueen","https:\u002F\u002Fprofiles.wordpress.org\u002Fseventhqueen\u002F","\u003Cp>\u003Cstrong>Restrictions for BuddyPress\u003C\u002Fstrong> gives you full control over who can see and access your BuddyPress community pages. Hide profiles, groups, activity, and messages from visitors, non-members, or specific membership levels.\u003C\u002Fp>\n\u003Cp>Perfect for \u003Cstrong>membership sites\u003C\u002Fstrong>, \u003Cstrong>private communities\u003C\u002Fstrong>, \u003Cstrong>paid networks\u003C\u002Fstrong>, and \u003Cstrong>gated BuddyPress installations\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003Ch4>What You Can Restrict\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Members Directory\u003C\u002Fstrong> — Hide the full members list from visitors or non-members\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Member Profiles\u003C\u002Fstrong> — Control who can view individual BuddyPress profiles\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Groups Directory\u003C\u002Fstrong> — Restrict access to the groups listing page\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Single Group Pages\u003C\u002Fstrong> — Lock individual group pages behind membership\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Site-Wide Activity\u003C\u002Fstrong> — Hide the activity stream from unauthorized users\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Private Messages\u003C\u002Fstrong> — Restrict messaging to specific membership levels\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Membership Integration\u003C\u002Fh4>\n\u003Cp>Seamlessly integrates with \u003Cstrong>Paid Memberships Pro (PMPro)\u003C\u002Fstrong>:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Apply restrictions based on your existing membership levels\u003C\u002Fli>\n\u003Cli>Show upgrade prompts to non-members trying to access restricted content\u003C\u002Fli>\n\u003Cli>Mix and match — some areas free, some members-only\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Free Access by Profile Field\u003C\u002Fh4>\n\u003Cp>Grant free access to specific BuddyPress members based on a \u003Cstrong>profile field value\u003C\u002Fstrong> — no membership plugin required. Ideal for:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Giving VIP access to users with a specific role or profile attribute\u003C\u002Fli>\n\u003Cli>Creating tiered access without a full membership setup\u003C\u002Fli>\n\u003Cli>Whitelisting beta testers or early adopters\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>BuddyBoss Compatible\u003C\u002Fh4>\n\u003Cp>Fully compatible with \u003Cstrong>BuddyBoss Platform\u003C\u002Fstrong>, so your restrictions work whether you’re running classic BuddyPress or BuddyBoss.\u003C\u002Fp>\n\u003Ch4>How It Works\u003C\u002Fh4>\n\u003Col>\n\u003Cli>Install and activate the plugin\u003C\u002Fli>\n\u003Cli>Go to \u003Cstrong>Settings \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> BP Restrict\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>Choose which BuddyPress areas to restrict\u003C\u002Fli>\n\u003Cli>Select restriction type: visitors, all non-members, or specific membership levels\u003C\u002Fli>\n\u003Cli>Set a custom redirect URL or restriction message\u003C\u002Fli>\n\u003Cli>Done — your community is protected\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch4>Use Cases\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Private communities\u003C\u002Fstrong> — Only logged-in members can browse profiles and groups\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Paid membership sites\u003C\u002Fstrong> — Gate BuddyPress features behind PMPro membership levels\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Corporate intranets\u003C\u002Fstrong> — Restrict the social layer to employees only\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Online courses\u003C\u002Fstrong> — Let students access the community, hide it from everyone else\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Dating sites\u003C\u002Fstrong> — Require membership to view profiles or send messages\u003C\u002Fli>\n\u003C\u002Ful>\n","Restrict BuddyPress profiles, groups, activity, and messages by login status, membership level, or profile field.",400,17570,100,4,"2026-02-24T10:02:00.000Z","6.9.4","5.0","7.4",[53,54,20,22,55],"access-control","buddypress","restrict-content","http:\u002F\u002Fwordpress.org\u002Fplugins","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbp-restrict.1.5.3.zip",99,"2025-11-17 20:52:43",{"slug":61,"name":62,"version":63,"author":64,"author_profile":65,"description":66,"short_description":67,"active_installs":68,"downloaded":69,"rating":46,"num_ratings":70,"last_updated":71,"tested_up_to":72,"requires_at_least":73,"requires_php":17,"tags":74,"homepage":77,"download_link":78,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27},"administrator-access-to-pmpro-protected-content","Administrator Access to PMPro Protected Content","1.3","Thomas S","https:\u002F\u002Fprofiles.wordpress.org\u002Feighty20results\u002F","\u003Cp>By default Paid Memberships Pro will \u003Cem>not\u003C\u002Fem> let an administrator get access to a protected post or page without making the administrator a member of one of the membership levels that are required for that post\u002Fpage in the “Require Membership” checkboxes in the post\u002Fpage editor.\u003C\u002Fp>\n\u003Cp>This is contrary to what a traditional interpretation of the “Administrator” role represents for WordPress (or any user based security system). People expect the administrator\u002Froot account(s) on the system to have full access to administer and view the content on the site.\u003C\u002Fp>\n\u003Cp>This behavior also represents one of the frequent problems experienced when trying to use a WordPress front-end post or page editor; The expected content for the post\u002Fpage being edited either doesn’t show up, or is being redirected away from.\u003C\u002Fp>\n\u003Cp>This plugin will remove the PMPro access restrictions to content for any user assigned to the WordPress ‘administrator’ role.\u003C\u002Fp>\n\u003Cp>As of version 1.2, the same functionality has been extended to the PMPro [membership] short code.\u003Cbr \u002F>\nThis plugin should be used with caution!\u003C\u002Fp>\n\u003Ch3>Credit\u003C\u002Fh3>\n\u003Cp>This plugin uses \u003Ca href=\"https:\u002F\u002Fwww.freeiconspng.com\u002Fimg\u002F29108\" rel=\"nofollow ugc\">Unlock Hd Icon by Ahkâm\u003C\u002Fa> – Copyright (c) Ahkâm\u003Cbr \u002F>\nThis plugin uses the logo by \u003Ca href=\"https:\u002F\u002Fwww.paid-memberships-pro.com\u002F\" rel=\"nofollow ugc\">Paid Memberships Pro\u003C\u002Fa> – Copyright (c) Stranger Studios, LLC\u003C\u002Fp>\n\u003Ch3>v1.3\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>REFACTOR: Updated to signify support for latest WordPress releases\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>v1.2\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>ENHANCEMENT: Add check override when using [membership] short code\u003C\u002Fli>\n\u003Cli>BUG FIX: Didn’t guarantee false return when user isn’t logged in or not an admin\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>v1.1\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>BUG FIX: Didn’t prevent redirect(s) when accessing the Membership Account page\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>v1.0\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Initial release of plugin\u003C\u002Fli>\n\u003C\u002Ful>\n","Overrides the PMPro \"Require Membership\" settings and grants view access to any user assigned to the WordPress \"Administrator\" rol &hellip;",60,2535,2,"2020-09-16T20:02:00.000Z","5.5.18","4.8",[20,75,76,21,22],"membership-management","page-editor","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fadministrator-access-to-pmpro-protected-content","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fadministrator-access-to-pmpro-protected-content.zip",{"slug":80,"name":81,"version":82,"author":83,"author_profile":84,"description":85,"short_description":86,"active_installs":87,"downloaded":88,"rating":13,"num_ratings":13,"last_updated":89,"tested_up_to":90,"requires_at_least":17,"requires_php":17,"tags":91,"homepage":17,"download_link":95,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27},"idpay-paid-memberships-pro","IDPay For Paid Memberships Pro","1.2.1","IDPay","https:\u002F\u002Fprofiles.wordpress.org\u002Fidpayir\u002F","\u003Cp>After installing and enabling this plugin, your customers can pay through IDPay gateway.\u003Cbr \u002F>\nFor doing a transaction through IDPay gateway, you must have an API Key. You can obtain the API Key by going to your \u003Ca href=\"https:\u002F\u002Fidpay.ir\u002Fdashboard\u002Fweb-services\" rel=\"nofollow ugc\">dashboard\u003C\u002Fa> in your IDPay \u003Ca href=\"https:\u002F\u002Fidpay.ir\u002Fuser\" rel=\"nofollow ugc\">account\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>1.2.1, Nov 13, 2022\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Tested Up With WordPress 6.1 And Paid Memberships Pro Plugin 2.9.5\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>1.2.0, June 18, 2022\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>First Official Release\u003C\u002Fli>\n\u003Cli>Tested Up With WordPress 6.0 And Paid Memberships Pro Plugin 2.9.5\u003C\u002Fli>\n\u003Cli>Check Double Spending Correct\u003C\u002Fli>\n\u003Cli>Check Does Not Xss Attack Correct\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>1.1.1, October 13, 2020\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>check GET parameters if POST was empty in relation with IDPay webservices new update.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>1.1.0, July 18, 2020\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Fix error handling in creating transactions.\u003C\u002Fli>\n\u003Cli>Add IDPay logo to submit button.\u003C\u002Fli>\n\u003Cli>Some other bug fixes.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>1.0.4, May 19, 2019\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Solve problem with language packs.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>1.0.3, May 19, 2019\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Add Iranian currencies to the currencies’ settings.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>1.0.2, May 13, 2019\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Try to connect to the gateway several times.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>1.0.1, May 05, 2019\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Update Plugin header.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>1.0, May 05, 2019\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Develope release\u003C\u002Fli>\n\u003C\u002Ful>\n","After installing and enabling this plugin, your customers can pay through IDPay gateway.",50,2851,"2022-11-13T14:03:00.000Z","6.1.10",[92,93,94,21,55],"gateway","idpay","memberships","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fidpay-paid-memberships-pro.zip",{"slug":97,"name":98,"version":99,"author":100,"author_profile":101,"description":102,"short_description":103,"active_installs":11,"downloaded":104,"rating":46,"num_ratings":105,"last_updated":106,"tested_up_to":107,"requires_at_least":108,"requires_php":17,"tags":109,"homepage":115,"download_link":116,"security_score":117,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27},"bp-custom-functionalities","BP Custom Functionalities","1.0.4","Prashant Singh","https:\u002F\u002Fprofiles.wordpress.org\u002Fprashantvatsh\u002F","\u003Cp>BP Custom Functionalities provides custom functionalities that regular BuddyPress users requires like:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Locking BuddyPress for guest users\u003C\u002Fli>\n\u003Cli>Locking bbPress for guest users\u003C\u002Fli>\n\u003Cli>Restricting BuddyPress Access Based on Paid Membership Pro Membership Levels\u003C\u002Fli>\n\u003Cli>Excluding members based on user roles from members directory\u003C\u002Fli>\n\u003Cli>Private profile – that means one member can not see other members profile\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>I will add more functionalities but will depend on how many requests came for the same functionality.\u003C\u002Fp>\n","BP Custom Functionalities provides custom functionalities that regular BuddyPress users requires.",2596,3,"2024-04-07T16:07:00.000Z","6.5.8","4.9.0",[110,111,112,113,114],"exclude-member-roles","guest-user-restriction","lock-bbpress","pmpro-membership-level-buddypress-restriction","private-profile","https:\u002F\u002Fprashantdev.wordpress.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbp-custom-functionalities.1.0.4.zip",92,{"slug":119,"name":120,"version":121,"author":64,"author_profile":65,"description":122,"short_description":123,"active_installs":11,"downloaded":124,"rating":125,"num_ratings":105,"last_updated":126,"tested_up_to":127,"requires_at_least":128,"requires_php":129,"tags":130,"homepage":134,"download_link":135,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27},"e20r-members-list","E20R Better Members List for Paid Memberships Pro","8.6","\u003Cp>Extensible, sortable & bulk action capable members listing tool for Paid Memberships Pro. This plugin is a complete replacement for the “Members List” functionality in PMPro and supports most of the same filters and hooks. The key differences have to do with managing columns. Now you can also use the \u003Ca href=\"https:\u002F\u002Fdeveloper.wordpress.org\u002Freference\u002Fclasses\u002Fwp_list_table\u002F\" rel=\"nofollow ugc\">standard WordPress filters\u003C\u002Fa> to columns you can add\u002Fremove\u002Fmake sortable, additional bulk actions, etc.\u003C\u002Fp>\n\u003Ch3>Extending the Members List\u003C\u002Fh3>\n\u003Cp>This plugin uses the \u003Ccode>WP_List_Table\u003C\u002Fcode> class to generate the flexible table approach you know and love from the WordPress Post\u002FPage\u002Fetc back-end. As a result, it’s has a standardized and flexible approach to adding columns to the table.\u003C\u002Fp>\n\u003Cp>I’ve also included a number of filters and actions to let a \u003Ca href=\"https:\u002F\u002Feighty20results.com\u002Fneed-something-else\u002F\" rel=\"nofollow ugc\">PHP developer\u003C\u002Fa> expand on the search functionality for the list.\u003C\u002Fp>\n\u003Cp>The same goes for the Export to CSV functionality.\u003C\u002Fp>\n\u003Cp>This plugin should support the standard Paid Memberships Pro filters in order to add new CSV export columns and data.\u003C\u002Fp>\n\u003Ch3>Supported Filters\u003C\u002Fh3>\n\u003Cp>See \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Feighty20results.com\u002Fe20r-members-list\u002Fblob\u002Fmain\u002Fdocs\u002FFILTERS.md\" rel=\"nofollow ugc\">FILTERS.md\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Supported Actions\u003C\u002Fh3>\n\u003Cp>See \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Feighty20results.com\u002Fe20r-members-list\u002Fblob\u002Fmain\u002Fdocs\u002FACTIONS.md\" rel=\"nofollow ugc\">ACTIONS.md\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Known Issues\u003C\u002Fh3>\n\u003Cp>PHP 8.0 and later introduces warning messages for certain behaviors that were ignored prior to v8.0. Because of this, and the fact that this plugin relies on functionality from Paid Memberships Pro, the “end date” column may print messages indicating problems with the \u003Ccode>trim()\u003C\u002Fcode> function. Until Paid Memberships Pro updates their plugin to support PHP8.x, these messages will need to be disabled in your web server configuration (suppressed).\u003C\u002Fp>\n\u003Cp>Setting the “Members per page” in the “Options” drop-down on the Members List page to a number greater than 50 can result in unexpected errors\u002Fwarnings. The default value is 20. One symptom is seeing the PHP warning: “Warning: Unknown: Input variables exceeded 2000. To increase the limit change max_input_vars in php.ini. in Unknown on line 0”\u003C\u002Fp>\n","Extensible, sortable & bulk action capable members listing + export to CSV tool for Paid Memberships Pro.",12123,94,"2022-03-27T17:11:00.000Z","5.9.13","4.9","7.1",[131,132,94,21,133],"better-members-list","members","pmpro-enhancements","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fe20r-members-list","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fe20r-members-list.8.6.zip",{"attackSurface":137,"codeSignals":175,"taintFlows":183,"riskAssessment":210,"analyzedAt":216},{"hooks":138,"ajaxHandlers":165,"restRoutes":172,"shortcodes":173,"cronEvents":174,"entryPointCount":31,"unprotectedCount":13},[139,144,147,152,157,160],{"type":140,"name":141,"callback":142,"file":143,"line":105},"action","admin_menu","zpmpro_create_menu","admin\\admin-side-menu.php",{"type":140,"name":141,"callback":145,"file":143,"line":146},"zpmpro_register_submenu",14,{"type":140,"name":148,"callback":149,"file":150,"line":151},"admin_enqueue_scripts","zpmpro_enqueue_admin_scripts","init\\enqueue.php",18,{"type":140,"name":153,"callback":154,"file":155,"line":156},"admin_footer","zpmpro_ajax_icon","plugin.php",43,{"type":140,"name":141,"callback":158,"file":155,"line":159},"zpmpro_pmpro_meta_wrapper",59,{"type":140,"name":161,"callback":162,"priority":163,"file":155,"line":164},"init","zpmpro_pmprocpt_init",20,63,[166],{"action":167,"nopriv":168,"callback":169,"hasNonce":170,"hasCapCheck":168,"file":171,"line":105},"zpmpro_save_cp_types",false,"zpmpro_save_cp_types_php",true,"ajax\\options-ajax.php",[],[],[],{"dangerousFunctions":176,"sqlUsage":177,"outputEscaping":179,"fileOperations":13,"externalRequests":13,"nonceChecks":31,"capabilityChecks":13,"bundledLibraries":182},[],{"prepared":13,"raw":13,"locations":178},[],{"escaped":180,"rawEcho":13,"locations":181},16,[],[],[184,202],{"entryPoint":185,"graph":186,"unsanitizedCount":13,"severity":201},"zpmpro_save_cp_types_php (ajax\\options-ajax.php:5)",{"nodes":187,"edges":199},[188,193],{"id":189,"type":190,"label":191,"file":171,"line":192},"n0","source","$_POST",9,{"id":194,"type":195,"label":196,"file":171,"line":197,"wp_function":198},"n1","sink","update_option() [Settings Manipulation]",11,"update_option",[200],{"from":189,"to":194,"sanitized":170},"low",{"entryPoint":203,"graph":204,"unsanitizedCount":13,"severity":201},"\u003Coptions-ajax> (ajax\\options-ajax.php:0)",{"nodes":205,"edges":208},[206,207],{"id":189,"type":190,"label":191,"file":171,"line":192},{"id":194,"type":195,"label":196,"file":171,"line":197,"wp_function":198},[209],{"from":189,"to":194,"sanitized":170},{"summary":211,"deductions":212},"The 'zesty-custom-post-types-for-paid-memberships-pro' plugin version 1.0.0 demonstrates a strong security posture based on the provided static analysis and vulnerability history. The plugin exhibits excellent practices, including 100% proper output escaping, 100% use of prepared statements for SQL queries, and the presence of nonce checks. Notably, there are no detected dangerous functions, file operations, or external HTTP requests, further contributing to a reduced attack surface. The taint analysis also shows no unsanitized paths or vulnerabilities of critical or high severity.  The complete absence of any recorded vulnerabilities, including critical and high severity issues, in its history is a significant strength, indicating a commitment to secure development or a fortunate lack of exploitation.\n\nWhile the plugin appears very secure, there is a minor concern regarding the complete absence of capability checks for its single AJAX handler. Although the data indicates the AJAX handler is protected, the lack of explicit capability checks suggests that the protection might rely solely on other mechanisms, which could be less robust than a layered approach. However, given the other strong security signals and the clean vulnerability history, this is a minimal risk. Overall, the plugin is well-developed from a security perspective, with a very low risk profile.",[213],{"reason":214,"points":215},"Missing capability checks on AJAX handler",5,"2026-03-17T00:45:33.294Z",{"wat":218,"direct":227},{"assetPaths":219,"generatorPatterns":224,"scriptPaths":225,"versionParams":226},[220,221,222,223],"\u002Fwp-content\u002Fplugins\u002Fzesty-custom-post-types-for-paid-memberships-pro\u002Fcss\u002Fbootstrap.min.css","\u002Fwp-content\u002Fplugins\u002Fzesty-custom-post-types-for-paid-memberships-pro\u002Fcss\u002Fstyle.css","\u002Fwp-content\u002Fplugins\u002Fzesty-custom-post-types-for-paid-memberships-pro\u002Fjs\u002Fadmin.js","\u002Fwp-content\u002Fplugins\u002Fzesty-custom-post-types-for-paid-memberships-pro\u002Fjs\u002Fbootstrap.bundle.min.js",[],[],[],{"cssClasses":228,"htmlComments":233,"htmlAttributes":234,"restEndpoints":235,"jsGlobals":236,"shortcodeOutput":238},[229,230,231,232],"zpmpro-ajax-save-option-icon","zpmpro-ajax-save-option-icon-inner","zpmpro-saving-text","zpmpro-saved-text",[],[],[],[237],"zpmpro_ajax",[]]