Source evidence

Vulnerability in <= 5.0.6

Team – Team Members Showcase Plugin · support · 2025-09-24T09:40:00+00:00

Team – Team Members Showcase Plugin plugin evidence original source source API

mixedsentiment

highseverity

0.94relevance

3replies

Evidence linked to opportunitycommercial context

Proof Health

Open evidence

Commercial opportunities need traceable source links before they are treated as build-worthy.

6 / 17 rows with source links

35.3% of this page's analysis has direct source links.

0 build-decision rows missing links

0 rows here require auditable proof before promotion.

11 rows with no attached evidence

0 rows have source counts but still need direct links.

Conversation

support

cmarcc resolved

Hi, I think that there is a (low) risk vulnerability with this plugin: https://patchstack.com/database/wordpress/plugin/tlp-team/vulnerability/wordpress-team-plugin-5-0-6-broken-access-control-vulnerability?_a_id=350 Can you please provide an update? Hi, Sorry for this issue. We will release our new version as soon as posible. Same issue here, only that WordFence states it as critical and recommends to deactivate it. And version 5.0.6 is no exception: https://www.wordfence.com/threat-intel/vulnerabilities/id/e16b8686-a502-4a73-b955-10f2800fd5dc?source=plugin Thank you for the effort; it’s just that I installed the plugin for a client site with a good deal of effort put into individual team members, layout, etc. I’d be very grateful for a quick fix. Thanks again! Thanks a lot!!

Commercial Context

Opportunity

agency visual QA and update safety

agency visual QA and update safety for preventing client-site regressions before updates or edits go live

Buyer: site builders and agencies

Wedge: run pre-update checks, detect visible regressions, and produce client-safe rollback guidance

Investigate Pain card complete market

Analysis

heuristic-v1

Summary: Vulnerability in <= 5.0.6: users show security, bugs, performance pain that may indicate a product gap.

Evidence quote: Vulnerability in <= 5.0.6 Hi, I think that there is a (low) risk vulnerability with this plugin: https://patchstack.com/database/wordpress/plugin/tlp-team/vulnerability/wordpress-team-plugin-5-0-6-broken-access-control-vulnerability?_a_id=350 Can you please provide an update?

Affected feature: security

security bugs performance setup

Plugin

API

Team – Team Members Showcase Plugin

10.0K active installs · 522.3K downloads · rating 90.0

team team members team plugin team showcase team slider

Comments

3 shown

Monjur Hasan Milton 2025-09-29T03:40:00+00:00

Hi, Sorry for this issue. We will release our new version as soon as posible.

Oligraph 2025-09-29T07:27:00+00:00

Same issue here, only that WordFence states it as critical and recommends to deactivate it. And version 5.0.6 is no exception: https://www.wordfence.com/threat-intel/vulnerabilities/id/e16b8686-a502-4a73-b955-10f2800fd5dc?source=plugin Thank you for the effort; it’s just that I installed the plugin for a client site with a good deal of effort put into individual team members, layout, etc. I’d be very grateful for a quick fix. Thanks again!

Mamunur Rashid 2025-10-01T15:23:00+00:00

Thanks a lot!!