Responsive Team Members Showcase, Team Grid, Team Slider, and Staff List – SmartTeam (formerly WP Team) Security & Risk Analysis

wordpress.org/plugins/team-free

A WordPress plugin to display team members in Carousel, Grid, or List layouts. Customizable.

5K active installs v3.0.12 PHP + WP 5.0+ Updated Jan 12, 2026

teamteam-gridteam-membersteam-showcaseteam-slider

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Responsive Team Members Showcase, Team Grid, Team Slider, and Staff List – SmartTeam (formerly WP Team) Safe to Use in 2026?

Generally Safe

Score 100/100

Responsive Team Members Showcase, Team Grid, Team Slider, and Staff List – SmartTeam (formerly WP Team) has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 2mo ago

Risk Assessment

The team-free plugin v3.0.12 exhibits a mixed security posture. On the positive side, it has no recorded vulnerabilities (CVEs), and the static analysis indicates good practices in several areas, including a high percentage of SQL queries using prepared statements and a very high rate of proper output escaping. The plugin also demonstrates a good use of nonce and capability checks on its entry points. However, there are notable concerns. A significant portion of its AJAX handlers (3 out of 7) lack authentication checks, creating potential entry points for unauthorized actions. The presence of the `unserialize` function is a known risk if not handled with extreme caution and sanitization, as it can lead to object injection vulnerabilities. While no critical or high severity taint flows were detected, the `unserialize` function combined with unprotected AJAX handlers warrants careful consideration. The absence of past vulnerabilities is positive, but it doesn't negate the risks identified in the current code analysis.

Key Concerns

Unprotected AJAX handlers
Dangerous function used (unserialize)

Vulnerabilities

None known

Responsive Team Members Showcase, Team Grid, Team Slider, and Staff List – SmartTeam (formerly WP Team) Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Responsive Team Members Showcase, Team Grid, Team Slider, and Staff List – SmartTeam (formerly WP Team) Code Analysis

Dangerous Functions

Raw SQL Queries

6 prepared

Unescaped Output

809 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Dangerous Functions Found

unserialize$plugins = unserialize( $response['body'] );src\Admin\HelpPage\Help.php:172

SQL Query Safety

75% prepared8 total queries

Output Escaping

92% escaped881 total outputs

Data Flows

All sanitized

Data Flow Analysis

4 flows

dismiss_offer_banner (src\Admin\Helper\ShapedPlugin_Offer_Banner.php:155)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

3 unprotected

Responsive Team Members Showcase, Team Grid, Team Slider, and Staff List – SmartTeam (formerly WP Team) Attack Surface

Entry Points8

Unprotected3

AJAX Handlers 7

authwp_ajax_sptp_clean_transientsrc\Admin\Framework\functions\actions.php:37

authwp_ajax_spf-chosensrc\Admin\Framework\functions\actions.php:74

authwp_ajax_shapedplugin_dismiss_offer_bannersrc\Admin\Helper\ShapedPlugin_Offer_Banner.php:37

authwp_ajax_sptp_preview_meta_boxsrc\Admin\Preview\SPTP_Preview.php:51

authwp_ajax_SPT_export_shortcodessrc\Includes\Team.php:157

authwp_ajax_SPT_import_shortcodessrc\Includes\Team.php:158

authwp_ajax_sp-wpt-never-show-review-noticesrc\Includes\Team.php:162

Shortcodes 1

[wpteam] src\Frontend\Frontend.php:75

WordPress Hooks 55

actionafter_setup_themesrc\Admin\Admin.php:151

actionplugins_loadedsrc\Admin\DB_Updater.php:54

actionwp_enqueue_scriptssrc\Admin\Framework\Classes\abstract.class.php:67

actionadmin_menusrc\Admin\Framework\Classes\admin-options.class.php:172

actionadmin_bar_menusrc\Admin\Framework\Classes\admin-options.class.php:173

actionnetwork_admin_menusrc\Admin\Framework\Classes\admin-options.class.php:177

actionadd_meta_boxessrc\Admin\Framework\Classes\metabox-options.class.php:107

actionsave_postsrc\Admin\Framework\Classes\metabox-options.class.php:108

actionedit_attachmentsrc\Admin\Framework\Classes\metabox-options.class.php:109

actionafter_setup_themesrc\Admin\Framework\Classes\SPF_TEAM.php:149

actioninitsrc\Admin\Framework\Classes\SPF_TEAM.php:150

actionswitch_themesrc\Admin\Framework\Classes\SPF_TEAM.php:151

actionadmin_enqueue_scriptssrc\Admin\Framework\Classes\SPF_TEAM.php:152

actionwp_headsrc\Admin\Framework\Classes\SPF_TEAM.php:153

filteradmin_body_classsrc\Admin\Framework\Classes\SPF_TEAM.php:154

actioninitsrc\Admin\GutenbergBlock\WP_Team_Gutenberg_Block_Init.php:29

actionenqueue_block_editor_assetssrc\Admin\GutenbergBlock\WP_Team_Gutenberg_Block_Init.php:30

actionadmin_noticessrc\Admin\Helper\ShapedPlugin_Offer_Banner.php:36

actionadmin_menusrc\Admin\HelpPage\Help.php:65

actionadmin_print_scriptssrc\Admin\HelpPage\Help.php:71

actionspf_enqueuesrc\Admin\HelpPage\Help.php:72

actionelementor/preview/enqueue_stylessrc\Admin\Team_Element_Shortcode_Block.php:61

actionelementor/preview/enqueue_scriptssrc\Admin\Team_Element_Shortcode_Block.php:62

actionelementor/editor/before_enqueue_scriptssrc\Admin\Team_Element_Shortcode_Block.php:63

actionelementor/initsrc\Admin\Team_Element_Shortcode_Block.php:131

actionelementor/widgets/registersrc\Admin\Team_Element_Shortcode_Block.php:148

actionelementor/preview/enqueue_stylessrc\Admin\Team_Element_Shortcode_Block_Deprecated.php:61

actionelementor/preview/enqueue_scriptssrc\Admin\Team_Element_Shortcode_Block_Deprecated.php:62

actionelementor/editor/before_enqueue_scriptssrc\Admin\Team_Element_Shortcode_Block_Deprecated.php:64

actionelementor/initsrc\Admin\Team_Element_Shortcode_Block_Deprecated.php:132

actionelementor/widgets/registersrc\Admin\Team_Element_Shortcode_Block_Deprecated.php:149

actioninitsrc\Admin\updates\update-2.1.0.php:14

filterwp_revisions_to_keepsrc\Admin\updates\update-2.2.6.php:24

actionsave_postsrc\Frontend\Frontend.php:77

filtersingle_templatesrc\Frontend\Frontend.php:78

actionwp_headsrc\Frontend\Frontend.php:80

actionadmin_enqueue_scriptssrc\Includes\Team.php:135

actionadmin_print_scriptssrc\Includes\Team.php:136

actioninitsrc\Includes\Team.php:137

actioninitsrc\Includes\Team.php:138

actionadmin_head-post.phpsrc\Includes\Team.php:139

actionadmin_head-post-new.phpsrc\Includes\Team.php:140

actionmanage_sptp_member_posts_custom_columnsrc\Includes\Team.php:141

actionmanage_sptp_generator_posts_custom_columnsrc\Includes\Team.php:142

actionwidgets_initsrc\Includes\Team.php:144

actionactivated_pluginsrc\Includes\Team.php:145

filtermanage_sptp_member_posts_columnssrc\Includes\Team.php:147

filtermanage_sptp_generator_posts_columnssrc\Includes\Team.php:148

filterenter_title_heresrc\Includes\Team.php:149

filteradmin_footer_textsrc\Includes\Team.php:150

filterupdate_footersrc\Includes\Team.php:151

filterpost_updated_messagessrc\Includes\Team.php:152

actionadmin_noticessrc\Includes\Team.php:161

actionwp_enqueue_scriptssrc\Includes\Team.php:188

actionwp_loadedsrc\Includes\Team.php:189

Maintenance & Trust

Responsive Team Members Showcase, Team Grid, Team Slider, and Staff List – SmartTeam (formerly WP Team) Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedJan 12, 2026

PHP min version

Downloads177K

Community Trust

Rating94/100

Number of ratings92

Active installs5K

Alternatives

Responsive Team Members Showcase, Team Grid, Team Slider, and Staff List – SmartTeam (formerly WP Team) Alternatives

Team – Team Members Showcase Plugin

tlp-team

WordPress team plugin to showcase team members with grid, slider, and filterable layouts. Fully compatible with Elementor & Gutenberg.

10K 5 CVEs

Team Members – Multi Language Supported Team Plugin

team-showcase-supreme

Multi-language supported Team Members - Team with Slide is the best plugins to display unlimited team in Carouse and Grid view.

7K 2 CVEs

Team Members Showcase

wps-team

WordPress Team Members Showcase plugin – display staff or team profiles in grids, sliders, tables, or lists with filters, popups, drawers & panels.

4K 3 CVEs

Team Showcase – Responsive Team Members Grid, Slider & Carousel Plugin

team-showcase

Create beautiful, responsive team member sections with grid, slider, list, popup, and carousel layouts. Perfect for companies, agencies, startups, sch …

2K 2 CVEs

Dynamic Team Manager – Team Member Showcase with grid, slider, table Elementor widget & shortcode

wp-team-manager

Team plugin to showcase team members, sports rosters, or creative portfolios with grid, list, Slider, table layout. Supports Corporate and Sports Leag …

1K 1 unpatched

Developer Profile

Responsive Team Members Showcase, Team Grid, Team Slider, and Staff List – SmartTeam (formerly WP Team) Developer Profile

ShapedPlugin LLC

18 plugins · 315K total installs

trust score

Avg Security Score

97/100

Avg Patch Time

385 days

View full developer profile

Detection Fingerprints

How We Detect Responsive Team Members Showcase, Team Grid, Team Slider, and Staff List – SmartTeam (formerly WP Team)

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/team-free/assets/css/sptp-frontend.css/wp-content/plugins/team-free/assets/js/sptp-frontend.js/wp-content/plugins/team-free/assets/css/bootstrap.min.css/wp-content/plugins/team-free/assets/css/owl.carousel.min.css/wp-content/plugins/team-free/assets/css/owl.theme.default.min.css/wp-content/plugins/team-free/assets/css/responsive.css/wp-content/plugins/team-free/assets/css/smart-team-members.css/wp-content/plugins/team-free/assets/css/smart-team-members-pro.css+29 more

Generator Patterns

SmartTeam v3.0.12

Script Paths

/wp-content/plugins/team-free/assets/js/sptp-frontend.js/wp-content/plugins/team-free/assets/js/frontend.js/wp-content/plugins/team-free/assets/js/smart-team-members.js/wp-content/plugins/team-free/assets/js/frontend-team-free.js

Version Parameters

team-free/assets/css/sptp-frontend.css?ver=team-free/assets/js/sptp-frontend.js?ver=team-free/assets/css/bootstrap.min.css?ver=team-free/assets/css/owl.carousel.min.css?ver=team-free/assets/css/owl.theme.default.min.css?ver=team-free/assets/css/responsive.css?ver=team-free/assets/css/smart-team-members.css?ver=team-free/assets/css/smart-team-members-pro.css?ver=team-free/assets/js/jquery.min.js?ver=team-free/assets/js/bootstrap.min.js?ver=team-free/assets/js/owl.carousel.min.js?ver=team-free/assets/js/isotope.pkgd.min.js?ver=team-free/assets/js/imagesloaded.pkgd.min.js?ver=team-free/assets/js/waypoints.min.js?ver=team-free/assets/js/jquery.counterup.min.js?ver=team-free/assets/js/frontend.js?ver=team-free/assets/js/smart-team-members.js?ver=team-free/assets/js/smart-team-members-pro.js?ver=team-free/assets/css/custom.css?ver=team-free/assets/css/extra-responsive.css?ver=team-free/assets/css/responsive-grid.css?ver=team-free/assets/css/owl.carousel.css?ver=team-free/assets/css/owl.theme.green.css?ver=team-free/assets/css/flaticon.css?ver=team-free/assets/css/flaticon.min.css?ver=team-free/assets/css/animate.css?ver=team-free/assets/css/style.css?ver=team-free/assets/css/bootstrap.css?ver=team-free/assets/css/font-awesome.min.css?ver=team-free/assets/css/magnific-popup.css?ver=team-free/assets/css/slick.css?ver=team-free/assets/css/slick-theme.css?ver=team-free/assets/css/team-free.css?ver=team-free/assets/css/responsive-team-free.css?ver=team-free/assets/js/slick.min.js?ver=team-free/assets/js/jquery.magnific-popup.min.js?ver=team-free/assets/js/frontend-team-free.js?ver=

HTML / DOM Fingerprints

CSS Classes

sptp_team_membersptp-carouselsptp-gridsptp-listsptp-member-social-iconsptp-member-detailssptp-team-areasptp-team-member-img+22 more

HTML Comments

+12 more

Data Attributes

data-layoutdata-member-iddata-team-iddata-member-popupdata-popup-iddata-layout-type+5 more

JS Globals

sptp_frontend_ajax_objectSPTP_Admin_PreviewSPTP_PreviewSPTPFrontendSPTPCarouselSPTPGrid+6 more

REST Endpoints

/wp-json/team-free/v1/settings/wp-json/team-free/v1/members/wp-json/team-free/v1/teams

Shortcode Output

[smart_team][smart_team_carousel][smart_team_grid][smart_team_list]

FAQ