***Updating to MM2.2.5 resolves this issue

Last updated: May 5, 2016

Resolution Update

We've released a new version of MemberMouse (2.2.5) with improved reliability of SmartTag processing.

Recommended Action: Upgrade to the latest version of MemberMouse. You can do this by following the steps listed in Manually Upgrading MemberMouse


Since WordPress' security update in 4.2.3 they are now stripping out the JavaScript protocol in the href attribute of anchor tags by default. 

For example, when a SmartTag that generates a JavaScript function is used within an href attribute such as:

<a href="[MM_Form_Button type='submit' paymentMethod='default']">Submit Order</a>

When functioning correctly, it results in the following HTML:

<a href="javascript:mmjs.checkout(true);">Submit Order</a>

However, if WordPress is stripping out the JavaScript protocol this will result in an invalid link and something that looks like this:

<a href="http://yourdomain.com/your-page/mmjs.checkout(true);">Submit Order</a>


MemberMouse disables the WordPress security filter using a WordPress-recommended filter but if another plugin or theme enables it, then it reintroduces the issue. Your first option is to discontinue the use of the theme or plugin that's causing the problem which you can determine by running MemberMouse in safe mode.

Alternatively, you can enable the JavaScript protocol manually by making a change to WordPress core file wp-includes/functions.php. In this file locate the wp_allowed_protocols() function and replace this line of code:

$protocols = array( 'http', 'https', 'ftp', 'ftps', 'mailto', 'news', 'irc', 'gopher', 'nntp', 'feed', 'telnet', 'mms', 'rtsp', 'svn', 'tel', 'fax', 'xmpp', 'webcal' );

With this (changes in bold):

$protocols = array( 'http', 'https', 'ftp', 'ftps', 'mailto', 'news', 'irc', 'gopher', 'nntp', 'feed', 'telnet', 'mms', 'rtsp', 'svn', 'tel', 'fax', 'xmpp', 'webcal', 'javascript' );