WP-Members 2.5.3 invalid password bug

An astute user pointed out to me this morning that there is a bug in WP-Members 2.5.3 (Thanks Tom!!)

When a new user registers, a random password is emailed to that user.  The password being sent is invalid. 

Upon receiving this information, I immediately looked into it and found that there is indeed a flaw in the password that is being sent to the database when the user registers.

Although I am working on this right now so that we can get a bug free release out right away, if you are using WP-Members 2.5.3 on a production system, I would recommend that you roll back to 2.5.2 which does not contain this bug.  I’ll have an update out today that corrects this.

I want to take a moment to say that I appreciate all of the users of this buy ed pills online plugin.  I have always strived to keep it a professional product so I am extremely frustrated when a major issue creeps up after a release.  If you affected by this, please accept my apologies.

Update:

The bug stems from a change in wpmem_registration, moving from using a $wpdb query to insert the user to using the wp_insert_user function.  The direct query required me to hash the password prior to insert.  wp_insert_user hashes the password as part of the insert process, so since I was passing it a hashed password, it was going into the db double hashed.

Resolved:

This bug as been corrected and a new release packaged and uploaded to wordpress.org.  Please be sure to update!