Can’t login random users

If it’s truly random, that’s difficult to give any direction. It would have to be something reproducable.

It’s important to point out that WP-Members isn’t re-inventing the wheel on login and maintaining login state. It uses core WP functions for both logging in (wp_signon()) and checking login state (is_user_logged_in()). For the most part, the WP-Members login is a wrapper for wp_signon() with a couple of additional elements.

My opinion when it’s “random” is always to default to cache possibilities, specifically Varnish. Varnish is not a plugin – it’s a server cache, and it is commonly used by hosts especially in shared hosting environments. It’s pretty aggressive and does not work well for membership sites in WP (not just with WP-Members, but with many other plugins that do things dynamically based on login). You’ve said you don’t have a cache, but I press the issue because what you described fits cache as a possibility and server-level caches like Varnish are often unknown to the site admin (you usually have to ask your host).

One other possibility is that there was a minor change in the login function. The plugin used to run its own function wpmem_set_as_logged_in() upon the user logging in. This function fires two WP functions: wp_set_auth_cookie() and wp_set_current_user(). This was reported as problematic, causing issues for some users (see https://ww.wp.xz.cn/support/topic/creating-multiple-same-sessions-on-login/) and so that step was removed. It shouldn’t be necessary because wp_signon() first wp_set_auth_cookie().

So, one thing you could test out would be in the login() function in class-wp-members-user.php, you’ll see where the above wp.org support topic is referenced and wpmem_set_as_logged_in() is commented out. You could undo that so that function does fire on login. If that 100% resolves the issue, then I’ll need to go back to review that thread and whether this needs further evaluation.