This plugin limits user access to the dashboard based on whether users have a chosen capability. Disallowed users are redirected to a chosen URL.
elseif ( ! preg_match( '|^\S+://\S+\.\S+.+$|', $options['redirect_url'] ) )
That is far from sufficient as a URL regex. Consider, for example, the URL
http://localhost/~squelch which is perfectly valid. As a developer I need to test things before they go live.
It's a shame as this looks like it could be a good solution. If/when this gets fixed I'll be more than happy to revise my rating.
You must log in to submit a review. You can also log in or register using the form near the top of this page.