WP-Safety

Team Members – Multi Language Supported Team Plugin Security & Risk Analysis

wordpress.org/plugins/team-showcase-supreme

Multi-language supported Team Members - Team with Slide is the best plugins to display unlimited team in Carouse and Grid view.

7K active installs v8.6 PHP 5.6+ WP 4.6.14+ Updated Feb 16, 2026
our-teamstaff-directoryteam-membersteam-showcaseteam-slider
98
A · Safe
CVEs total2
Unpatched0
Last CVENov 11, 2024
Plugin page Download
Safety Verdict

Is Team Members – Multi Language Supported Team Plugin Safe to Use in 2026?

Generally Safe

Score 98/100

Team Members – Multi Language Supported Team Plugin has a strong security track record. Known vulnerabilities have been patched promptly.

2 known CVEsLast CVE: Nov 11, 2024Updated 1mo ago
Risk Assessment

The 'team-showcase-supreme' v8.6 plugin exhibits a mixed security posture. While it demonstrates good practices in SQL query preparation (62%) and output escaping (88%), significant concerns arise from its attack surface and taint analysis. The plugin exposes 5 AJAX handlers without authentication checks, presenting a substantial opportunity for attackers to interact with sensitive functionalities. Furthermore, 15 out of 18 analyzed taint flows have unsanitized paths, with 14 flagged as high severity. This indicates a high likelihood of input data not being properly validated or neutralized, potentially leading to vulnerabilities like Cross-Site Scripting (XSS) or even Remote File Inclusion (RFI) given the historical vulnerability types.

The plugin's vulnerability history, including past instances of RFI and XSS, reinforces the concerns raised by the static analysis. The presence of 2 known CVEs, even if currently unpatched, signals a recurring pattern of security weaknesses. The last vulnerability being recent further emphasizes the need for vigilance. While the plugin has strengths in areas like SQL and output handling, the critical issues identified in the taint analysis and the unprotected AJAX endpoints warrant immediate attention and remediation to mitigate significant security risks.

Key Concerns

  • Unprotected AJAX handlers
  • High severity unsanitized taint flows
  • Vulnerability history (high severity CVE)
  • Vulnerability history (medium severity CVE)
  • Unsanitized paths in taint flows
  • Low percentage of prepared SQL statements
  • Low percentage of proper nonce checks
  • Low percentage of capability checks
Vulnerabilities
2

Team Members – Multi Language Supported Team Plugin Security Vulnerabilities

CVEs by Year

1 CVE in 2023
2023
1 CVE in 2024
2024
Patched Has unpatched

Severity Breakdown

High
1
Medium
1

2 total CVEs

CVE-2024-52385high · 7.2Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')

Team Member <= 7.4 - Authenticated (Editor+) Local File Inclusion

Nov 11, 2024 Patched in 7.5 (73d)
CVE-2023-23647medium · 6.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Team Member <= 4.4 - Authenticated (Editor+) Stored Cross-Site Scripting via new_style_name

Mar 21, 2023 Patched in 4.5 (308d)
Code Analysis
Analyzed Mar 16, 2026

Team Members – Multi Language Supported Team Plugin Code Analysis

Dangerous Functions
0
Raw SQL Queries
125
207 prepared
Unescaped Output
1534
11370 escaped
Nonce Checks
2
Capability Checks
3
File Operations
1
External Requests
1
Bundled Libraries
0

SQL Query Safety

62% prepared332 total queries

Output Escaping

88% escaped12904 total outputs
Data Flows
15 unsanitized

Data Flow Analysis

18 flows15 with unsanitized paths
<license> (license.php:0)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
5 unprotected

Team Members – Multi Language Supported Team Plugin Attack Surface

Entry Points6
Unprotected5

AJAX Handlers 5

authwp_ajax_wpm_6310_team_member_info222index.php:69
authwp_ajax_wpm_6310_team_member_infoindex.php:75
authwp_ajax_wpm_6310_team_member_detailsindex.php:85
noprivwp_ajax_wpm_6310_team_member_detailsindex.php:87
noprivwp_ajax_wpm_6310_team_member_detailsindex.php:90

Shortcodes 1

[wpm_team_showcase] index.php:21
WordPress Hooks 6
actionadmin_menuindex.php:32
actionwp_enqueue_scriptsindex.php:82
actionactivated_pluginindex.php:98
actionplugins_loadedindex.php:105
actioninitindex.php:134
filtertemplate_includeindex.php:148
Maintenance & Trust

Team Members – Multi Language Supported Team Plugin Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedFeb 16, 2026
PHP min version5.6
Downloads299K

Community Trust

Rating100/100
Number of ratings81
Active installs7K
Alternatives

Team Members – Multi Language Supported Team Plugin Alternatives

Team Members Showcase

Team Members Showcase

wps-team

A
95

WordPress Team Members Showcase plugin – display staff or team profiles in grids, sliders, tables, or lists with filters, popups, drawers & panels.

4K 3 CVEs
Team – Team Members Showcase Plugin

Team – Team Members Showcase Plugin

tlp-team

A
90

WordPress team plugin to showcase team members with grid, slider, and filterable layouts. Fully compatible with Elementor & Gutenberg.

10K 5 CVEs
Team Builder – Team Member Showcase With Grid and slider, Compatible With Elementor, Gutenberg

Team Builder – Team Member Showcase With Grid and slider, Compatible With Elementor, Gutenberg

team-builder

A
100

Team Plugin comes with 6 Design Layout with Add unlimited Team Members. Grid Team and slider layout with Drag & Drop Builder, Easily add and delet &hellip;

7K No CVEs
Responsive Team Members Showcase, Team Grid, Team Slider, and Staff List – SmartTeam (formerly WP Team)

Responsive Team Members Showcase, Team Grid, Team Slider, and Staff List – SmartTeam (formerly WP Team)

team-free

A
100

A WordPress plugin to display team members in Carousel, Grid, or List layouts. Customizable.

5K No CVEs
Team Member Team Showcase

Team Member Team Showcase

team-builder-member-showcase

A
100

Display your team members with photos, bios, designations and social links in grid or slider layouts.

2K No CVEs
Developer Profile

Team Members – Multi Language Supported Team Plugin Developer Profile

wpmart

6 plugins · 13K total installs

77
trust score
Avg Security Score
97/100
Avg Patch Time
191 days
View full developer profile
Detection Fingerprints

How We Detect Team Members – Multi Language Supported Team Plugin

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/team-showcase-supreme/assets/css/style.css/wp-content/plugins/team-showcase-supreme/header.php/wp-content/plugins/team-showcase-supreme/home.php/wp-content/plugins/team-showcase-supreme/template-menu.php/wp-content/plugins/team-showcase-supreme/settings/helper/functions.php
Script Paths
/wp-content/plugins/team-showcase-supreme/assets/js/ajaxdata.js
Version Parameters
team-showcase-supreme/assets/css/style.css?ver=team-showcase-supreme/assets/js/ajaxdata.js?ver=

HTML / DOM Fingerprints

CSS Classes
wpm-6310-carouselwpm-6310-owl-carouselwpm_6310_team_style_wpm_6310_team_member_infowpm-6310-team-section
HTML Comments
<!--Team Showcase Supreme -->
Data Attributes
link-idlink-urlprofile-details-type
JS Globals
my_ajax_object
Shortcode Output
[wpm_team_showcase]
FAQ

Frequently Asked Questions about Team Members – Multi Language Supported Team Plugin