WP-Safety

AWSM Team – Team Showcase Plugin Security & Risk Analysis

wordpress.org/plugins/awsm-team

AWSM Team is the most versatile and lite-weight WordPress plugin available to create and manage a team showcase.

3K active installs v1.3.5 PHP 5.6+ WP 4.0+ Updated Feb 27, 2026
teamteam-builderteam-membersteam-pageteam-shortcode
98
A · Safe
CVEs total1
Unpatched0
Last CVEJul 1, 2024
Plugin page Download
Safety Verdict

Is AWSM Team – Team Showcase Plugin Safe to Use in 2026?

Generally Safe

Score 98/100

AWSM Team – Team Showcase Plugin has a strong security track record. Known vulnerabilities have been patched promptly.

1 known CVELast CVE: Jul 1, 2024Updated 1mo ago
Risk Assessment

The awsm-team plugin v1.3.5 demonstrates a generally good security posture, with strong adherence to secure coding practices. The static analysis reveals a very small attack surface, with no unprotected entry points identified. The code exhibits a high rate of proper output escaping (89%), and all SQL queries are properly prepared, indicating a conscious effort to prevent common vulnerabilities like SQL injection. The presence of nonce and capability checks further strengthens its defenses against unauthorized actions. However, a notable concern is the plugin's vulnerability history, which includes a past high-severity "PHP Remote File Inclusion" vulnerability. While this specific vulnerability is currently patched, its nature suggests a potential for attackers to exploit file handling or include mechanisms if implemented insecurely. The plugin's sole shortcode represents the only entry point that doesn't have explicit authentication checks detailed in the static analysis, though it's possible capabilities are checked within its implementation.

Key Concerns

  • Past high severity vulnerability (PHP RFI)
  • Potential for unescaped output (11% unescaped)
  • One shortcode with unspecified auth checks
Vulnerabilities
1

AWSM Team – Team Showcase Plugin Security Vulnerabilities

CVEs by Year

1 CVE in 2024
2024
Patched Has unpatched

Severity Breakdown

High
1

1 total CVE

CVE-2024-37454high · 8.8Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')

AWSM Team <= 1.3.1 - Authenticated (Contributor+) Local File Inclusion

Jul 1, 2024 Patched in 1.3.2 (9d)
Code Analysis
Analyzed Mar 16, 2026

AWSM Team – Team Showcase Plugin Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
10
82 escaped
Nonce Checks
1
Capability Checks
1
File Operations
0
External Requests
0
Bundled Libraries
1

Bundled Libraries

Select2

Output Escaping

89% escaped92 total outputs
Attack Surface

AWSM Team – Team Showcase Plugin Attack Surface

Entry Points1
Unprotected0

Shortcodes 1

[awsmteam] awsm-team.php:94
WordPress Hooks 18
actioninitawsm-team.php:92
actioninitawsm-team.php:93
actionwp_enqueue_scriptsawsm-team.php:95
actionwp_headawsm-team.php:96
actionadd_meta_boxesawsm-team.php:316
actionsave_postawsm-team.php:317
actionadmin_enqueue_scriptsawsm-team.php:318
actionadmin_menuawsm-team.php:319
actionedit_form_after_titleawsm-team.php:320
filtermanage_awsm_team_member_posts_columnsawsm-team.php:321
actionmanage_awsm_team_member_posts_custom_columnawsm-team.php:322
filtermanage_awsm_team_posts_columnsawsm-team.php:323
actionmanage_awsm_team_posts_custom_columnawsm-team.php:324
filteradmin_post_thumbnail_htmlawsm-team.php:325
filteradmin_post_thumbnail_sizeawsm-team.php:326
actionadmin_noticesawsm-team.php:833
actionplugins_loadedawsm-team.php:847
actionadmin_initawsm-team.php:848
Maintenance & Trust

AWSM Team – Team Showcase Plugin Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedFeb 27, 2026
PHP min version5.6
Downloads66K

Community Trust

Rating88/100
Number of ratings5
Active installs3K
Alternatives

AWSM Team – Team Showcase Plugin Alternatives

Team Builder – Team Member Showcase With Grid and slider, Compatible With Elementor, Gutenberg

Team Builder – Team Member Showcase With Grid and slider, Compatible With Elementor, Gutenberg

team-builder

A
100

Team Plugin comes with 6 Design Layout with Add unlimited Team Members. Grid Team and slider layout with Drag & Drop Builder, Easily add and delet &hellip;

7K No CVEs
Team Showcase

Team Showcase

team

A
95

Fully responsive and mobile ready meet the team showcase plugin for wordpress.

1K 6 CVEs
Team Section Block – Showcase Team Members with Layout Options

Team Section Block – Showcase Team Members with Layout Options

team-section

A
98

Showcase your team members in various layouts and designs .

1K 2 CVEs
Team Builder Showcase

Team Builder Showcase

team-buider-showcase

A
100

The top WordPress Team plugin helps you display profiles of your team members in a grid or slider layout easily by using a simple shortcode.

40 No CVEs
TS Team Members Showcase

TS Team Members Showcase

ts-team-member

A
100

WordPress Team Showcase Plugin is an elegant and highly customizable solution for displaying team members on your website.

10 No CVEs
Developer Profile

AWSM Team – Team Showcase Plugin Developer Profile

awsm.in

7 plugins · 100K total installs

78
trust score
Avg Security Score
98/100
Avg Patch Time
115 days
View full developer profile
Detection Fingerprints

How We Detect AWSM Team – Team Showcase Plugin

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/awsm-team/css/team.min.css/wp-content/plugins/awsm-team/js/team.min.js
Script Paths
/wp-content/plugins/awsm-team/js/team.min.js
Version Parameters
awsm-team/css/team.min.css?ver=awsm-team/js/team.min.js?ver=

HTML / DOM Fingerprints

CSS Classes
awsm-team-errorawsm-team-cardawsm-team-listawsm-team-table
Data Attributes
data-team-style
REST Endpoints
/wp-json/awsm-team
Shortcode Output
[awsmteam
FAQ

Frequently Asked Questions about AWSM Team – Team Showcase Plugin