People Lists by NOUS Security & Risk Analysis
wordpress.org/plugins/avecnous-people-listsManage lists of people and display it.
Is People Lists by NOUS Safe to Use in 2026?
Generally Safe
Score 100/100People Lists by NOUS has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.
The "avecnous-people-lists" plugin v2.0.0 exhibits a strong security posture based on the provided static analysis. The code adheres to many best practices, including 100% proper output escaping and 100% of SQL queries using prepared statements. The absence of dangerous functions, file operations, and external HTTP requests further strengthens its security. Crucially, all identified entry points (shortcodes) are protected by nonce checks, and there are no observed critical or high-severity taint flows, indicating a well-sanitized codebase. The plugin also has no recorded vulnerability history, suggesting a consistent commitment to security over time.
However, a notable area for improvement is the complete lack of capability checks. While nonce checks are present for entry points, the absence of capability checks means that once a user is authenticated, they can potentially interact with the shortcodes without verification of their specific permissions. This could lead to privilege escalation if the shortcode's functionality is sensitive and intended for specific user roles. Although the current attack surface is small (2 shortcodes), this lack of role-based access control is a potential concern that should be addressed to ensure robust security.
Key Concerns
- Missing capability checks for entry points
People Lists by NOUS Security Vulnerabilities
People Lists by NOUS Release Timeline
People Lists by NOUS Code Analysis
Output Escaping
People Lists by NOUS Attack Surface
Shortcodes 2
WordPress Hooks 13
Maintenance & Trust
People Lists by NOUS Maintenance & Trust
Maintenance Signals
Community Trust
People Lists by NOUS Alternatives
Visitor Analytics and Lead Generation Plugin by Inbound Rocket
inbound-rocket
The easiest way to double your leads. Inbound Rocket is an easy-to-use marketing automation and lead tracking plugin for WordPress.
Google for WooCommerce
google-listings-and-ads
Native integration with Google that allows merchants to easily display their products across Google’s network.
YITH WooCommerce Wishlist
yith-woocommerce-wishlist
YITH WooCommerce Wishlist add all Wishlist features to your website. Needs WooCommerce to work. WooCommerce 10.7.x compatible.
WP Sitemap Page
wp-sitemap-page
Add a sitemap on any of your page using the simple shortcode [wp_sitemap_page]. Improve the SEO and navigation of your website.
Astra Widgets
astra-widgets
Quickest solution to add widgets like Address, Social Profiles and List icons on a website built with Astra.
People Lists by NOUS Developer Profile
6 plugins · 410 total installs
How We Detect People Lists by NOUS
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
/wp-content/plugins/avecnous-people-lists/inc/js/person.js/wp-content/plugins/avecnous-people-lists/inc/js/list.js/wp-content/plugins/avecnous-people-lists/inc/js/wp-lists-of-people.js/wp-content/plugins/avecnous-people-lists/inc/js/person.js/wp-content/plugins/avecnous-people-lists/inc/js/list.js/wp-content/plugins/avecnous-people-lists/inc/js/wp-lists-of-people.jsHTML / DOM Fingerprints
wp-person-contentwp-person-social-mediawp-person-biowp-list-people-wrapwp-list-people-list<!-- wp:avec-nous-people-lists/person --><!-- /wp:avec-nous-people-lists/person --><!-- wp:avec-nous-people-lists/list --><!-- /wp:avec-nous-people-lists/list -->data-person-iddata-person-orderWP_Lists_of_people_params/wp-json/avec-nous-people-lists/v1/person/wp-json/avec-nous-people-lists/v1/list[people_list][/people_list][person][/person]