Team Members Showcase Security & Risk Analysis
wordpress.org/plugins/team-members-showcaseShow team members anywhere by the shortcode with 3 differents attributes. The shortcode receives three attributes member_count="3", img_posi …
Is Team Members Showcase Safe to Use in 2026?
Generally Safe
Score 100/100Team Members Showcase has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.
The "team-members-showcase" plugin v1.0.0 exhibits a mixed security posture. On the positive side, there are no identified CVEs, dangerous functions, raw SQL queries, file operations, external HTTP requests, or bundled libraries. The attack surface is limited to a single shortcode, and critically, there are no AJAX handlers or REST API routes that lack authentication checks. The absence of taint analysis findings also suggests a lack of obvious injection vulnerabilities like unsanitized paths.
However, a significant concern arises from the output escaping. With 100% of outputs unescaped, this plugin presents a clear risk of Cross-Site Scripting (XSS) vulnerabilities. Any data displayed through the shortcode that originates from user input or external sources, without proper sanitization and escaping, could be exploited by attackers to inject malicious scripts.
Given the plugin's version and lack of historical vulnerabilities, it's difficult to infer long-term security patterns. Nevertheless, the current analysis highlights a critical gap in output sanitization. While the plugin has a small attack surface and avoids common pitfalls like raw SQL or unauthenticated endpoints, the unescaped output is a severe weakness that needs immediate attention to prevent potential XSS attacks.
Key Concerns
- All outputs are unescaped (XSS risk)
- No nonce checks implemented
- No capability checks implemented
Team Members Showcase Security Vulnerabilities
Team Members Showcase Code Analysis
Output Escaping
Team Members Showcase Attack Surface
Shortcodes 1
WordPress Hooks 4
Maintenance & Trust
Team Members Showcase Maintenance & Trust
Maintenance Signals
Community Trust
Team Members Showcase Alternatives
Team Builder Showcase
team-buider-showcase
The top WordPress Team plugin helps you display profiles of your team members in a grid or slider layout easily by using a simple shortcode.
TS Team Members Showcase
ts-team-member
WordPress Team Showcase Plugin is an elegant and highly customizable solution for displaying team members on your website.
Team – Team Members Showcase Plugin
tlp-team
WordPress team plugin to showcase team members with grid, slider, and filterable layouts. Fully compatible with Elementor & Gutenberg.
Team Builder – Team Member Showcase With Grid and slider, Compatible With Elementor, Gutenberg
team-builder
Team Plugin comes with 6 Design Layout with Add unlimited Team Members. Grid Team and slider layout with Drag & Drop Builder, Easily add and delet …
Team Members – Multi Language Supported Team Plugin
team-showcase-supreme
Multi-language supported Team Members - Team with Slide is the best plugins to display unlimited team in Carouse and Grid view.
Team Members Showcase Developer Profile
3 plugins · 10 total installs
How We Detect Team Members Showcase
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
/wp-content/plugins/team-members-showcase/assets/css/styles.cssteam-members-showcase/assets/css/styles.css?ver=HTML / DOM Fingerprints
tms-member-itemtms-member-imagetms-member-infotms-member-nametms-member-designationtms-member-descriptiontms-member-socialdata-member-countdata-img-positiondata-show-button<div class="tms-main-wrapper"><div class="tms-container">