• Skip to primary navigation
  • Skip to main content

RocketGeek

Home of WP-Members, The Original WordPress Membership Plugin

  • WordPress Plugins
    • WP-Members
      • FAQs
      • Quick Start
      • Documentation
      • Extensions
    • Advanced Options
      • Documentation
      • Purchase the Plugin
      • Get the Pro Bundle
    • Download Protect
      • Documentation
      • Purchase the Plugin
      • Get the Pro Bundle
    • Invite Codes
      • Documentation
      • Purchase the Plugin
      • Get the Pro Bundle
    • MailChimp Integration
      • Documentation
      • Purchase the Plugin
      • Get the Pro Bundle
    • PayPal Subscriptions
      • Documentation
      • Purchase the Plugin
      • Get the Pro Bundle
    • Salesforce Web-to-Lead
    • Security
      • Documentation
      • Purchase the Plugin
      • Get the Pro Bundle
    • Text Editor
      • Purchase the Plugin
      • Get the Pro Bundle
    • User List
      • Documentation
      • Purchase the Plugin
      • Get the Pro Bundle
    • User Tracking
      • Documentation
      • Purchase the Plugin
      • Get the Pro Bundle
    • Memberships for WooCommerce
    • WordPass
  • Blog
    • Basics
    • Tips and Tricks
    • Filters
    • Actions
    • Code Snippets
    • Shortcodes
    • Design
    • Release Announcements
  • Store
    • Cart
    • Checkout
  • Contact
  • Log In
  • Show Search
Hide Search
Home » Release Announcements » WP-Members Security 1.6.0

WP-Members Security 1.6.0

Chad Butler · May 1, 2025 ·

This article is provided free. Find out how you can get full access to premium content, including how-to articles and support forums, as well as priority email support and member exclusive plugin extensions..

 

WP-Members Security 1.6.0 has been released. This is a fairly extensive update and it includes many bug fixes, improvements, and some additional features. It incorporates some updates that were included in two unreleased versions, 1.5.1 and 1.5.2.

Bug Fixes

  • Fixes a bug in the concurrent login options that ignores the setting for preventing the current session.
  • Fixes a bug in the login lockout that doesn’t lock the user out until max retries +1.
  • Fixes a bug in the login lockout that doesn’t recognize when a lockout has been manually released (bug locks the user out again even on successful login until the lockout time expires).
  • Fixes a bug that causes the default login lock settings to not load when the setting is first enabled.
  • Fixes a bug that displays the password rules in the registration form even if a password field is not included.
  • Fixes a bug that displays the password rules heading in the registration form even if no rules have been created.
  • Fixes a bug that causes the password rules settings to not load when the setting is first enabled.
  • Fixes a bug in the password change when current password is required and applying a custom rule set.
  • Fixes a bug in the Akismet anti-spam logging that logs entries that were not rejected.
  • Fixes a bug in the login captcha (also disables the checkbox for the option if captcha is not enabled in the main plugin settings).

Additions

  • Adds a new option to destroy all existing sessions when a user updates their password.
  • Adds a new option to disable xmlrpc and disable pingbacks if xmlrpc is disabled.
  • Adds wpmem_sec_maybe_spam_msg filter hook to customize the dialog message for registrations flagged as spam.
  • Adds wpmem_sec_failedlogin_notify_email_args filter hook to customize the email address the failed login notification email goes to.
  • Adds HTML5 tooltip error message for custom password rules when used.

Improvements

  • The entire plugin underwent a code review. There were some code improvements, additional sanitizing of inputs, and a security review.
  • New admin screen and improvements.
  • Custom password rules can now be translated.
  • Applies _n() for singular/plural password criteria translation.
  • Updates the Akismet API library.
  • Updates the use of wpmem_inc_changepassword_inputs which is deprecated in WP-Members, now uses wpmem_changepassword_form_defaults.

Release Announcements, Security release-notes, security

Ready to get started?

Join Today!

© 2025 · butlerblog.com · RocketGeek is built using WordPress, WP-Members, and the Genesis Framework

  • butlerblog.com
  • WP-Members Support Subscription
  • Terms of Service
  • Privacy Policy
  • Refund Policy