[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f66wyGqoMiy9aFcuxmk7nj1H1lCC86cOUGHJ9qSWe3h0":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":13,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29,"vulnerabilities":30,"developer":31,"crawl_stats":28,"alternatives":37,"analysis":140,"fingerprints":298},"beetle-tracking","Beetle Tracking – Cloudflare Zaraz for WooCommerce","1.6.27","Rocket Beetle","https:\u002F\u002Fprofiles.wordpress.org\u002Frocketbeetlecom\u002F","\u003Ch3>Beetle Tracking: Plug and Play Server-Side Tracking for WordPress\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>Are you tired of spending money on high-cost marketing campaigns that aren’t delivering results?\u003C\u002Fstrong> Beetle Tracking gives you the clear view you need to understand your website visitors and target your campaigns more effectively.\u003C\u002Fp>\n\u003Ch3>\u003Cstrong>The Blurry Vision Problem\u003C\u002Fstrong>\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>Imagine you’re the owner of a thriving online store.\u003C\u002Fstrong> You’ve got amazing products, and you want to attract as many customers as possible, but you’re wearing blurry glasses. This means you can’t see your customers clearly, so you can’t market your products effectively.\u003C\u002Fp>\n\u003Ch3>The Solution: New Crystal Clear Glasses\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>Introducing Beetle Tracking, your new pair of marketing glasses.\u003C\u002Fstrong>It helps you see your customers clearly, so you can understand their needs and preferences better. This means you can target your marketing efforts more accurately and spend less money on advertising. With Beetle Tracking, you’ll be able to connect with your customers on a deeper level and increase your sales.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Beetle Tracking is your most dedicated employee.\u003C\u002Fstrong> It works tirelessly behind the scenes to collect accurate data, so you can make informed decisions and grow your business.\u003C\u002Fp>\n\u003Ch3>Key Benefits of Beetle Tracking:\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>✅ 20-40% More Accurate Data\u003C\u002Fstrong>: With Beetle Tracking’s server-side tracking, you capture up to 40% more data than traditional client-side methods, which are often blocked by ad blockers or restricted by browsers. This gives you a more complete understanding of your users’ behavior, directly improving your marketing insights.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>✅ Boost Your Ad Campaigns\u003C\u002Fstrong>: More accurate data fuels the algorithms behind Google Ads, Facebook, and other advertising platforms. This leads to \u003Cstrong>higher conversion rates\u003C\u002Fstrong>, as you can fine-tune your targeting, resulting in \u003Cstrong>better-performing campaigns\u003C\u002Fstrong> and more return on your ad spend.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>✅ Lower Ad Costs\u003C\u002Fstrong>: By leveraging the full potential of server-side tracking, you cut wasted ad spend. With enhanced data accuracy, you can spend \u003Cstrong>less on ads\u003C\u002Fstrong> while achieving \u003Cstrong>better results\u003C\u002Fstrong>, maximizing the efficiency of your campaigns.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>✅ Simple Plug-and-Play effortless Setup\u003C\u002Fstrong>: Unlike other server-side tracking solutions on the market, which often require complex setups and tech specialists, Beetle Tracking is designed for \u003Cstrong>non-tech users,\u003C\u002Fstrong> webshop owners, marketing people and agencies. It’s an easy-to-install WordPress plugin that gets you up and running in minutes – no coding or expertise required.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>✅ Faster Site Speed\u003C\u002Fstrong>: By moving tracking processes to the server, Beetle Tracking reduce the load on your customer’s browser, making it faster and more responsive for visitors, ensuring a smoother user experience. This leads to lower bounce rates and more engagement.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>✅ Enhanced Privacy Compliance\u003C\u002Fstrong>: Stay ahead of privacy regulations like GDPR and CCPA. With server-side tracking, you’re in control of user data and can securely manage how it’s processed.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>✅  Works with All Popular Platforms\u003C\u002Fstrong>: Easily integrate with platforms like \u003Cstrong>Google Analytics\u003C\u002Fstrong>, \u003Cstrong>Meta Pixel\u003C\u002Fstrong> (Facebook), \u003Cstrong>Google Ads\u003C\u002Fstrong>, \u003Cstrong>LinkedIn\u003C\u002Fstrong>, \u003Cstrong>Pinterest\u003C\u002Fstrong>, \u003Cstrong>Bing\u003C\u002Fstrong> and \u003Cstrong>TikTok\u003C\u002Fstrong> without technical headaches.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>✅  Free and Pro Versions\u003C\u002Fstrong>: Start with the \u003Cstrong>free version\u003C\u002Fstrong> of Beetle Tracking to enhance your tracking, or upgrade to the \u003Cstrong>Pro version\u003C\u002Fstrong> to unlock powerful features like:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Beetle Consent\u003C\u002Fstrong>: A GDPR-compliant, customizable cookie banner that helps you collect valid consents from all users, ensuring full compliance with privacy laws.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Gravity Forms Tracking\u003C\u002Fstrong>: Automatically track form submissions with form ID and title, working seamlessly with both AJAX and traditional page reload submissions.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Page Scroll Measurement\u003C\u002Fstrong>: Gain deeper insights into how far users scroll on your pages and optimize content accordingly.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Conversion Recovery\u003C\u002Fstrong>: With Pro, Beetle Tracking ensures you capture purchase events even when users don’t return to the “thank you” page. By matching checkout information with the payment gateway’s order status, purchase data is sent server-to-server, ensuring complete and accurate tracking of every sale.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Consent Management: Putting You in Control (For Beetle Tracking Pro)\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>Building trust is key to any successful business.\u003C\u002Fstrong> With the ever-changing landscape of data privacy regulations, it’s crucial to ensure you’re collecting user data ethically and transparently.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>That’s where Beetle Consent comes in (included in Beetle Tracking Pro).\u003C\u002Fstrong> This powerful feature makes managing user consent a breeze:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Easy-to-customize consent banners:\u003C\u002Fstrong> Create clear and user-friendly banners that inform visitors about how their data is used.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Granular control:\u003C\u002Fstrong> Allow users to choose exactly which data they’re comfortable sharing.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Compliance with regulations:\u003C\u002Fstrong> Stay ahead of the curve by ensuring your website adheres to data privacy regulations like GDPR and CCPA.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>With Beetle Consent, you can focus on building relationships with your customers, knowing you’re handling their data responsibly.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Ch3>Why Choose Beetle Tracking?\u003C\u002Fh3>\n\u003Cp>Beetle Tracking is built for webshop owners who care about their customers’ experience and want to ensure that every conversion is accurately tracked. Unlike client-side tracking, our server-side solution works behind the scenes to capture every detail while improving your site’s performance. With just a few clicks, you can unlock the full potential of your tracking, boosting both your insights and your bottom line.\u003C\u002Fp>\n\u003Cp>Ready to upgrade your tracking? Install \u003Cstrong>Beetle Tracking\u003C\u002Fstrong> today and take control of your data like never before.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fbeetle-tracking.com\u002F\" rel=\"nofollow ugc\">Learn More at beetle-tracking.com\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>External Services\u003C\u002Fh3>\n\u003Cp>This plugin connects to the following external services:\u003C\u002Fp>\n\u003Ch4>Cloudflare Zaraz API\u003C\u002Fh4>\n\u003Cp>Beetle Tracking uses the Cloudflare Zaraz API to send tracking events server-side. When enabled, the plugin sends event data to Cloudflare’s edge network for processing and forwarding to your configured analytics platforms.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>When data is sent:\u003C\u002Fstrong> Event data is transmitted when users interact with your website (page views, add to cart, purchases, etc.) and when you push configuration settings to Cloudflare.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>What data is sent:\u003C\u002Fstrong> Event names, timestamps, page URLs, product information, and user identifiers that you configure in the plugin settings.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Service links:\u003C\u002Fstrong>\u003Cbr \u002F>\n– \u003Ca href=\"https:\u002F\u002Fwww.cloudflare.com\u002Fterms\u002F\" rel=\"nofollow ugc\">Cloudflare Terms of Service\u003C\u002Fa>\u003Cbr \u002F>\n– \u003Ca href=\"https:\u002F\u002Fwww.cloudflare.com\u002Fprivacypolicy\u002F\" rel=\"nofollow ugc\">Cloudflare Privacy Policy\u003C\u002Fa>\u003Cbr \u002F>\n– \u003Ca href=\"https:\u002F\u002Fdevelopers.cloudflare.com\u002Fzaraz\u002F\" rel=\"nofollow ugc\">Cloudflare Zaraz Documentation\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Source Code\u003C\u002Fh3>\n\u003Cp>The JavaScript files in this plugin are compiled from source files using standard WordPress build tools.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Build process:\u003C\u002Fstrong>\u003Cbr \u002F>\n– Source files are located in the \u003Ccode>src\u002Fjs\u002F\u003C\u002Fcode> directory\u003Cbr \u002F>\n– Uses \u003Ccode>@wordpress\u002Fscripts\u003C\u002Fcode> for compilation\u003Cbr \u002F>\n– Run \u003Ccode>npm install\u003C\u002Fcode> then \u003Ccode>npm run build\u003C\u002Fcode> to rebuild from source\u003C\u002Fp>\n\u003Cp>The full source code is included in the plugin and can be found in the \u003Ccode>src\u002F\u003C\u002Fcode> directory.\u003C\u002Fp>\n","Track Key Events and Parameters on WordPress Effortlessly with Cloudflare Zaraz's Real Edge Server-Side Tracking Technology.",200,10850,100,6,"2026-02-19T07:04:00.000Z","6.9.4","5.8","7.4",[20,21,22,23,24],"cloudflare","gdpr","server-side-tracking","woocommerce","zaraz","https:\u002F\u002Frocketbeetle.com\u002Fbeetle-tracking","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbeetle-tracking.1.6.27.zip",0,null,"2026-03-15T15:16:48.613Z",[],{"slug":32,"display_name":7,"profile_url":8,"plugin_count":33,"total_installs":11,"avg_security_score":13,"avg_patch_time_days":34,"trust_score":35,"computed_at":36},"rocketbeetlecom",1,30,94,"2026-04-04T14:11:48.339Z",[38,59,79,99,121],{"slug":39,"name":40,"version":41,"author":42,"author_profile":43,"description":44,"short_description":45,"active_installs":46,"downloaded":47,"rating":48,"num_ratings":49,"last_updated":50,"tested_up_to":16,"requires_at_least":51,"requires_php":52,"tags":53,"homepage":57,"download_link":58,"security_score":13,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"etracker","etracker analytics","2.7.7","etracker GmbH","https:\u002F\u002Fprofiles.wordpress.org\u002Fetrackerofficial\u002F","\u003Cp>The plugin is the perfect solution for seamlessly integrating powerful web analytics into your WordPress website or WooCommerce store with etracker analytics. With \u003Ca href=\"https:\u002F\u002Fwww.etracker.com\u002F?etcc_cmp=eA%20Plugin&etcc_med=Pluginstore&etcc_grp=wordpress&etcc_ctv=plugindescription\" rel=\"nofollow ugc\">etracker analytics\u003C\u002Fa>, you can achieve comprehensive data analyses without data loss, even if blocking add-ons or browser protection measures are activated. Thanks to data privacy-friendly processing in compliance with GDPR and TDDDG, outstanding data quality is achieved!\u003C\u002Fp>\n\u003Ch3>Functions of the plugin\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Integration of the tracking code via plugin:\u003C\u002Fstrong> Automatically record page views, scroll and download events, video playbacks and clicks on external links.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Optimized for WooCommerce:\u003C\u002Fstrong> In addition to the general tracking functions in WooCommerce stores, automatically receive e-commerce activities such as product views, items added to the shopping cart, removed items and orders.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Integrated tag and consent management:\u003C\u002Fstrong> For third-party tags, the integrated \u003Ca href=\"https:\u002F\u002Fwww.etracker.com\u002Fen\u002Ftag-manager\u002F?etcc_cmp=eA%20Plugin&etcc_med=Pluginstore&etcc_grp=wordpress&etcc_ctv=plugindescription\" rel=\"nofollow ugc\">etracker tag manager\u003C\u002Fa> and \u003Ca href=\"https:\u002F\u002Fwww.etracker.com\u002Fen\u002Fconsent-manager\u002F?etcc_cmp=eA%20Plugin&etcc_med=Pluginstore&etcc_grp=wordpress&etcc_ctv=plugindescription\" rel=\"nofollow ugc\">etracker consent manager\u003C\u002Fa> is the comfortable \u003Cstrong>all-in-one solution\u003C\u002Fstrong> for managing consent easily as well as controlling it conveniently and in compliance with data protection regulations. Google Consent Mode is supported as standard for Google tags.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Easy setup\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>Already have an etracker account?\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Activate the plugin, enter your etracker account key and you’re ready to go!\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Don’t have an etracker account yet?\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Go to \u003Ca href=\"https:\u002F\u002Fwww.etracker.com\u002Fen\u002Fsignup\u002F\" rel=\"nofollow ugc\">etracker.com\u003C\u002Fa>, start your 30-day no-obligation trial and convince yourself of etracker analytics!\u003C\u002Fp>\n\u003Cp>\u003Cem>Optimize your website or online store with etracker analytics, the data protection-compliant web analysis without data loss made in Germany.\u003C\u002Fem>\u003C\u002Fp>\n","Consent-free, despite ad blockers and tracking prevention: Web analytics, tag and consent manager for best data quality, ad returns and conversions.",1000,36947,78,7,"2025-12-02T14:41:00.000Z","5.5","7.2",[54,55,21,56,23],"analytics","dsgvo","tracking","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fetracker","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fetracker.2.7.7.zip",{"slug":60,"name":61,"version":62,"author":63,"author_profile":64,"description":65,"short_description":66,"active_installs":67,"downloaded":68,"rating":69,"num_ratings":70,"last_updated":71,"tested_up_to":16,"requires_at_least":72,"requires_php":18,"tags":73,"homepage":77,"download_link":78,"security_score":13,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"pixelavo","Pixelavo – Server Side Tracking & Pixel + AI Ads Tools","1.5.3","HasThemes","https:\u002F\u002Fprofiles.wordpress.org\u002Fhasthemes\u002F","\u003Ch3>Pixelavo – Pixel Tracking & AI Ad Tools for WordPress\u003C\u002Fh3>\n\u003Cp>Pixelavo helps you install and manage Facebook Pixel (Meta Pixel) on your WordPress site. It combines two main capabilities:\u003C\u002Fp>\n\u003Cp>\u003Cstrong>1. Pixel Tracking & Conversions API:\u003C\u002Fstrong>\u003Cbr \u002F>\nSet up Facebook Pixel tracking with support for the Conversions API (server-side tracking). Track visitor interactions such as page views, purchases, add-to-cart actions, form submissions, and more. Server-side tracking via the Conversions API helps maintain tracking accuracy even when browser-based methods are blocked by ad blockers or privacy settings. Pixelavo supports both WooCommerce and Easy Digital Downloads stores.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>2. AI-Powered Ad Tools:\u003C\u002Fstrong>\u003Cbr \u002F>\nPixelavo includes two AI tools that run in your WordPress dashboard:\u003Cbr \u002F>\n– \u003Cstrong>AI Ad Copy Generator\u003C\u002Fstrong>: Input your product details, target audience, and campaign objectives to generate multiple variations of ad text, headlines, and descriptions. Supports tone adaptation (professional, casual, urgent, luxury) and campaign-specific optimization.\u003Cbr \u002F>\n– \u003Cstrong>AI Marketing Consultant\u003C\u002Fstrong>: A chat-based interface for Facebook advertising questions. Ask about campaign setup, targeting strategies, pixel troubleshooting, budget allocation, and more. Conversation history is saved so you can pick up where you left off.\u003Cbr \u002F>\n– \u003Cstrong>Multiple AI Models\u003C\u002Fstrong>: Choose from OpenAI (GPT-3.5, GPT-4, GPT-5) or Google Gemini models depending on your preference and budget.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>How AI features work:\u003C\u002Fstrong> Pixelavo connects to OpenAI or Google Gemini using your own API key (BYOK — Bring Your Own Key). There is no subscription fee for the AI features — you pay the API provider directly based on your usage. No credit card is required by Pixelavo itself.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fpixelavo.com\u002Fpricing\u002F#pixelavo-pricing\" rel=\"nofollow ugc\">Get Pro Features\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fpixelavo.com\u002Fdocs\u002F\" rel=\"nofollow ugc\">Documentation\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fportal.hasthemes.com\u002Fcontact\u002F\" rel=\"nofollow ugc\">Support\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Who Is Pixelavo For?\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>E-commerce store owners\u003C\u002Fstrong> using WooCommerce or Easy Digital Downloads who need Facebook Pixel tracking\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Digital marketers\u003C\u002Fstrong> managing Facebook ad campaigns who want AI-assisted ad copy creation\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Small businesses\u003C\u002Fstrong> looking to set up conversion tracking and server-side events\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Agencies\u003C\u002Fstrong> managing Facebook Pixels across multiple client sites (Pro)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Beginners\u003C\u002Fstrong> who want guided help with Facebook advertising through the AI consultant\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Key features:\u003C\u002Fh3>\n\u003Col>\n\u003Cli>\u003Cstrong>WordPress integration:\u003C\u002Fstrong> Pixelavo integrates with WordPress, allowing you to implement the Conversions API and server-side tracking on your website.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Event tracking:\u003C\u002Fstrong> With Pixelavo, businesses can track a variety of events on their website, including purchases, leads, pageviews, and more. This data can be used to optimize Facebook advertising campaigns and improve targeting.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Custom event tracking:\u003C\u002Fstrong> In addition to standard events, Pixelavo allows businesses to track custom events, such as button clicks, form submissions, or any other actions that are valuable to their business.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Automatic event matching:\u003C\u002Fstrong> Pixelavo automatically matches events on the website to the corresponding events in Facebook Ads Manager, making it easy to track conversions and optimize campaigns.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Real-time event tracking:\u003C\u002Fstrong> Pixelavo provides real-time event tracking, allowing businesses to quickly see how users are interacting with their website and make data-driven decisions about their advertising campaigns.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Exclude Roles:\u003C\u002Fstrong> Exclude members of your team to ensure your Pixel data remains accurate. You can exclude specific WordPress user levels, such as Admins, Editors, and Contributors.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Product Feed:\u003C\u002Fstrong> Generate Dynamic Product Ads and Custom Audiences feeds for Facebook ad targeting.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Create Custom Events:\u003C\u002Fstrong> Define custom events to track specific activities on your site, including page visits, button clicks, and link interactions.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>AI Ad Copy Generator:\u003C\u002Fstrong> Generate Facebook ad copy using AI. Input your product details, target audience, and campaign objectives to get multiple variations of primary text, headlines, and descriptions. Supports OpenAI (GPT-4\u002FGPT-5) and Google Gemini models with tone adaptation (professional, casual, urgent, luxury) and campaign-specific settings.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>AI Marketing Consultant:\u003C\u002Fstrong> Chat-based Facebook advertising guidance in your WordPress dashboard. Ask questions about campaign optimization, targeting strategies, pixel setup, conversion tracking, and advertising best practices. Includes persistent chat history. Powered by OpenAI or Google Gemini.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>AI Features:\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>AI Ad Copy Generator:\u003C\u002Fstrong>\u003Cbr \u002F>\nInput your product details, target audience, and campaign objectives to generate 3 variations each of:\u003Cbr \u002F>\n– Primary text tailored for your campaign objective (awareness, traffic, conversions, or retargeting)\u003Cbr \u002F>\n– Headlines for your ad creative\u003Cbr \u002F>\n– Descriptions to complement the headline\u003Cbr \u002F>\n– Optimization tips based on your inputs\u003C\u002Fp>\n\u003Cp>\u003Cstrong>AI Marketing Consultant:\u003C\u002Fstrong>\u003Cbr \u002F>\nAsk questions about:\u003Cbr \u002F>\n– Campaign optimization strategies\u003Cbr \u002F>\n– Audience targeting\u003Cbr \u002F>\n– Pixel setup and troubleshooting\u003Cbr \u002F>\n– iOS 14.5+ tracking solutions\u003Cbr \u002F>\n– Budget optimization and scaling\u003Cbr \u002F>\n– Creative testing strategies\u003C\u002Fp>\n\u003Cp>Both AI features support OpenAI (GPT-3.5\u002FGPT-4\u002FGPT-5) and Google Gemini models. API keys are stored with AES-256-CBC encryption. Requires your own API key from OpenAI or Google.\u003C\u002Fp>\n\u003Ch3>Available Events:\u003C\u002Fh3>\n\u003Cp>Pixelavo supports tracking of numerous Facebook pixel events, including:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>View Content\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>View Category\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Search\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Remove From Cart\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Add To Cart\u003C\u002Fstrong> [Pro]\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Initiate Checkout\u003C\u002Fstrong> [Pro]\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Purchase\u003C\u002Fstrong> [Pro]\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Refund\u003C\u002Fstrong> [Pro]\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Subscription\u003C\u002Fstrong> [Pro] (SubscriptionCreated, SubscriptionRenewed & SubscriptionCancelled)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Customize Product\u003C\u002Fstrong> (WooCommerce Only) [Pro]\u003C\u002Fli>\n\u003Cli>\u003Cstrong>PageScroll\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>TimeOnPage\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>FormSubmission\u003C\u002Fstrong> (Fluent Forms, Contact Form 7, WPForms & HT Contact Form)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Download\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>CompleteRegistration\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Login\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>TelClick\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>InternalLinks\u003C\u002Fstrong> [Pro]\u003C\u002Fli>\n\u003Cli>\u003Cstrong>ExternalLinks\u003C\u002Fstrong> [Pro]\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Video\u003C\u002Fstrong> (YouTube, Vimeo & SelfHosted) [Pro]\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Integrations:\u003C\u002Fh3>\n\u003Col>\n\u003Cli>\u003Cstrong>WooCommerce:\u003C\u002Fstrong> Integrates with WooCommerce to track key events like purchases, add-to-cart actions, and product views. Supports both browser-side pixel and server-side Conversions API tracking for WooCommerce stores.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Easy Digital Downloads (EDD):\u003C\u002Fstrong> Supports Easy Digital Downloads to track Facebook Pixel events and conversion data. Integrates with Facebook’s Conversions API for server-side tracking of digital product purchases and downloads.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>Quick Setup:\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Install and activate Pixelavo\u003C\u002Fli>\n\u003Cli>Add your Facebook Pixel ID\u003C\u002Fli>\n\u003Cli>Optionally add an API key from OpenAI or Google for AI features\u003C\u002Fli>\n\u003Cli>Configure events and start tracking\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>Security:\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>AES-256-CBC encryption for API keys\u003C\u002Fli>\n\u003Cli>Data stays on your WordPress site\u003C\u002Fli>\n\u003Cli>No third-party data sharing for tracking data\u003C\u002Fli>\n\u003Cli>AI queries are sent directly to your chosen provider (OpenAI\u002FGoogle) — Pixelavo does not proxy or store your conversations\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Pro Features:\u003C\u002Fh3>\n\u003Cp>Upgrade to Pro for advanced tracking and optimization features:\u003C\u002Fp>\n\u003Col>\n\u003Cli>\u003Cstrong>Multiple pixel support:\u003C\u002Fstrong> Add multiple Facebook Pixels to track data across different ad accounts or campaigns.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Advanced WooCommerce Events:\u003C\u002Fstrong> Track purchases, add-to-cart, initiate checkout, and more e-commerce events.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Advanced EDD Events:\u003C\u002Fstrong> Full Easy Digital Downloads integration with purchase tracking.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Exclude Bouncing Visitors:\u003C\u002Fstrong> Time delay settings to prevent bouncing visitors from triggering events.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Advanced Matching:\u003C\u002Fstrong> Send additional customer information to improve attribution accuracy.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Additional user information:\u003C\u002Fstrong> Include referrer, language, categories, and tags as event parameters.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Additional Purchase Information:\u003C\u002Fstrong> Track coupon usage and shipping details for better audience targeting.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Premium Events:\u003C\u002Fstrong> Video tracking, internal\u002Fexternal links, subscription events, and more.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>Facebook Conversions API\u003C\u002Fh3>\n\u003Cp>Facebook Conversions API (formerly known as the Server-Side API) is a tool that allows businesses to send their website or app conversion data directly to Facebook’s servers, bypassing the need for browser-based tracking methods like the Facebook Pixel.\u003Cbr \u002F>\nUsing the Conversions API, businesses can track actions such as purchases, sign-ups, and other valuable events that occur on their website or app. This data can then be used to optimize Facebook advertising campaigns, such as retargeting ads to users who have already taken specific actions on the business’s website or app.\u003C\u002Fp>\n\u003Ch3>Some benefits of using Facebook Conversions API include:\u003C\u002Fh3>\n\u003Col>\n\u003Cli>\u003Cstrong>Helps improve tracking accuracy:\u003C\u002Fstrong> By bypassing the need for browser-based tracking, businesses can ensure that all conversion data is captured accurately, even if a user’s browser settings or ad-blocking software prevent the Facebook Pixel from tracking their actions.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Increased privacy:\u003C\u002Fstrong> Because the Conversions API sends data directly to Facebook’s servers, businesses can reduce the amount of user data that is shared with third-party trackers, potentially improving user privacy and security.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Greater control:\u003C\u002Fstrong> The Conversions API allows businesses to track and send custom data points to Facebook, giving them greater flexibility and control over how they track and optimize their advertising campaigns.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Helps reduce potential data loss:\u003C\u002Fstrong> Because the Conversions API relies on server-to-server communication, rather than browser-based tracking, businesses can reduce the risk of data loss due to issues like browser crashes or network outages.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>Overall, the Facebook Conversions API can provide businesses with a more accurate, flexible, and privacy-focused way to track and optimize their Facebook advertising campaigns.\u003C\u002Fp>\n\u003Ch3>Need Help?\u003C\u002Fh3>\n\u003Cp>Is there any feature that you want to get in this plugin?\u003Cbr \u002F>\nNeeds assistance to use this plugin?\u003Cbr \u002F>\nFeel free to \u003Ca href=\"https:\u002F\u002Fhasthemes.com\u002Fcontact-us\u002F\" rel=\"nofollow ugc\">Contact us\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>External Services\u003C\u002Fh3>\n\u003Cp>This plugin connects to several third-party services to provide enhanced functionality. Below are the services used and the data transmitted:\u003C\u002Fp>\n\u003Ch4>HasThemes Feed Service\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Purpose\u003C\u002Fstrong>: Used for fetching and displaying plugin notices, announcements content within the WordPress admin dashboard.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>When\u003C\u002Fstrong>: During plugin activation, admin dashboard visits, and periodic checks for new notices (cached for 2 days).\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Service Provider\u003C\u002Fstrong>: HasThemes\u003C\u002Fli>\n\u003Cli>Terms and Conditions: https:\u002F\u002Fhasthemes.com\u002Fterms-conditions\u002F\u003C\u002Fli>\n\u003Cli>Privacy Policy: https:\u002F\u002Fhasthemes.com\u002Fprivacy-policy\u002F\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Diagnostic Data Webhook\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Purpose\u003C\u002Fstrong>: Used for sending diagnostic data when users opt-in to help improve plugin compatibility, performance and inform client for any critical issues.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Data Sent\u003C\u002Fstrong>: Complete diagnostic information including site details, admin email, admin name, server configuration, WordPress setup, theme information & plugin lists.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>When\u003C\u002Fstrong>: Only when users explicitly agree to share diagnostic data through the admin notice.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Service Provider\u003C\u002Fstrong>: Pixelavo \u002F HasThemes (we operate this webhook on our own infrastructure; all domains are owned by us)\u003C\u002Fli>\n\u003Cli>Terms and Conditions: https:\u002F\u002Fpixelavo.com\u002Fterms-conditions\u002F\u003C\u002Fli>\n\u003Cli>Privacy Policy: https:\u002F\u002Fpixelavo.com\u002Fprivacy-policy\u002F\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Google Base Namespace\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Purpose\u003C\u002Fstrong>: Used for generating product feeds compatible with Google Shopping, Google Merchant Center, and other services that support Google’s product feed format.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Data Sent\u003C\u002Fstrong>: Product information including names, prices, descriptions, categories, images, availability, and attributes from your WooCommerce\u002FEDD store.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>When\u003C\u002Fstrong>: When generating product feeds via the feed URLs (yoursite.com\u002Ffeed\u002Fpixelavo or yoursite.com\u002Ffeed\u002Fpixelavo-edd).\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Service Provider\u003C\u002Fstrong>: Google (namespace specification only – no data sent directly to Google)\u003C\u002Fli>\n\u003Cli>Terms of Service: https:\u002F\u002Fpolicies.google.com\u002Fterms\u003C\u002Fli>\n\u003Cli>Privacy Policy: https:\u002F\u002Fpolicies.google.com\u002Fprivacy\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Data Privacy Notice\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Diagnostic data collection is completely optional and requires explicit user consent through an admin notice.\u003C\u002Fli>\n\u003Cli>No personal user data is transmitted without explicit consent.\u003C\u002Fli>\n\u003Cli>All data transmission occurs over secure HTTPS connections.\u003C\u002Fli>\n\u003Cli>Users can decline data sharing without affecting plugin functionality.\u003C\u002Fli>\n\u003Cli>The plugin works fully without connecting to external services.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Legal Compliance\u003C\u002Fh4>\n\u003Cp>By using this plugin, you acknowledge that data may be transmitted to the above-mentioned third-party services only when you explicitly consent to diagnostic data sharing or when generating product feeds.\u003C\u002Fp>\n","Add pixel tracking to your WordPress site with Conversions API, server-side tracking, AI ad copy generation, and AI marketing consultant.",800,16746,60,2,"2026-03-03T07:53:00.000Z","5.0",[74,75,76,22,23],"conversion-tracking","facebook-pixel","meta-pixel","https:\u002F\u002Fpixelavo.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpixelavo.1.5.3.zip",{"slug":80,"name":81,"version":82,"author":83,"author_profile":84,"description":85,"short_description":86,"active_installs":87,"downloaded":88,"rating":13,"num_ratings":89,"last_updated":90,"tested_up_to":16,"requires_at_least":91,"requires_php":92,"tags":93,"homepage":97,"download_link":98,"security_score":13,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"kitgenix-captcha-for-cloudflare-turnstile","Kitgenix CAPTCHA for Cloudflare Turnstile","1.0.17","Kitgenix","https:\u002F\u002Fprofiles.wordpress.org\u002Fkitgenix\u002F","\u003Cp>Spam is expensive: it wastes time, clogs inboxes, creates fake accounts, and on stores it can lead to abandoned checkout noise and fraudulent activity. Traditional CAPTCHA solutions can also hurt conversions by adding friction.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Cloudflare Turnstile\u003C\u002Fstrong> is a modern, privacy-first CAPTCHA alternative designed to reduce friction for real people while still blocking bots.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Kitgenix CAPTCHA for Cloudflare Turnstile\u003C\u002Fstrong> is a production-ready Turnstile integration for WordPress that focuses on reliability in real-world setups:\u003Cbr \u002F>\n– Server-side token verification (using Cloudflare’s official endpoint)\u003Cbr \u002F>\n– Fast, conditional loading (only where needed)\u003Cbr \u002F>\n– Support for dynamic\u002FAJAX forms and modern WooCommerce Blocks \u002F Store API checkout\u003Cbr \u002F>\n– Security features: replay protection, proxy-aware IP handling, whitelisting, and developer mode (warn-only)\u003C\u002Fp>\n\u003Cp>You can enable\u002Fdisable each integration (and many per-form toggles), choose auto-injection vs shortcode-only placement, customise display and messaging, and use built-in diagnostics and Site Health checks to troubleshoot.\u003C\u002Fp>\n\u003Ch4>Supported integrations (where Turnstile can be added)\u003C\u002Fh4>\n\u003Cp>All integrations are enable-able from settings. Many also support \u003Cstrong>Mode: Auto vs Shortcode\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>WordPress Core\u003C\u002Fstrong>\u003Cbr \u002F>\n– Login\u003Cbr \u002F>\n– Registration\u003Cbr \u002F>\n– Lost password\u003Cbr \u002F>\n– Reset password\u003Cbr \u002F>\n– Comments (including safe handling for comment failures\u002Fredirects)\u003C\u002Fp>\n\u003Cp>\u003Cstrong>WooCommerce (Classic)\u003C\u002Fstrong>\u003Cbr \u002F>\n– Checkout\u003Cbr \u002F>\n– My Account login\u003Cbr \u002F>\n– My Account registration\u003Cbr \u002F>\n– Lost password\u003C\u002Fp>\n\u003Cp>\u003Cstrong>WooCommerce Blocks (Store API \u002F Block Checkout)\u003C\u002Fstrong>\u003Cbr \u002F>\n– UI rendering inside block-based checkout\u003Cbr \u002F>\n– Adds token to Store API requests (header and\u002For extensions payload when available)\u003Cbr \u002F>\n– Server-side validation of Store API checkout requests\u003Cbr \u002F>\n– Supports “shortcode-only mode” behaviour so you can control placement\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Easy Digital Downloads (EDD)\u003C\u002Fstrong>\u003Cbr \u002F>\n– Checkout\u003Cbr \u002F>\n– Login\u003Cbr \u002F>\n– Register\u003Cbr \u002F>\n– Profile editor\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Form plugins\u003C\u002Fstrong>\u003Cbr \u002F>\n– Contact Form 7 (CF7)\u003Cbr \u002F>\n– WPForms\u003Cbr \u002F>\n– Fluent Forms\u003Cbr \u002F>\n– Formidable Forms\u003Cbr \u002F>\n– Forminator\u003Cbr \u002F>\n– Gravity Forms\u003Cbr \u002F>\n– JetFormBuilder\u003Cbr \u002F>\n– Jetpack Forms\u003Cbr \u002F>\n– Kadence Forms\u003Cbr \u002F>\n– Elementor Forms (including popups and AJAX submissions)\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Community \u002F forums\u003C\u002Fstrong>\u003Cbr \u002F>\n– bbPress (topic\u002Freply flows where applicable)\u003Cbr \u002F>\n– BuddyPress (flows where applicable)\u003C\u002Fp>\n\u003Ch4>Core features (site-wide)\u003C\u002Fh4>\n\u003Cp>\u003Cstrong>Turnstile widget rendering\u003C\u002Fstrong>\u003Cbr \u002F>\n– Uses Cloudflare’s official Turnstile API script\u003Cbr \u002F>\n– Widget options:\u003Cbr \u002F>\n  – Theme: auto \u002F light \u002F dark\u003Cbr \u002F>\n  – Size: small \u002F medium \u002F large \u002F normal \u002F flexible\u003Cbr \u002F>\n  – Appearance: stored as Turnstile “appearance” option (defaults to always)\u003Cbr \u002F>\n  – Language: auto or explicit locale (passed via \u003Ccode>hl=...\u003C\u002Fcode>)\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Settings & admin experience\u003C\u002Fstrong>\u003Cbr \u002F>\n– Settings page under the shared Kitgenix WP admin menu\u003Cbr \u002F>\n– Live “test widget” preview on the settings screen (renders when a Site Key is present)\u003Cbr \u002F>\n– Site Key + Secret Key storage (secret not printed in HTML by default)\u003Cbr \u002F>\n– “Reveal secret key” (admins only, nonce-protected AJAX action)\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Messaging & UX\u003C\u002Fstrong>\u003Cbr \u002F>\n– Custom error message (admin-configurable, used across integrations)\u003Cbr \u002F>\n– Extra message text (optional text displayed alongside\u002Funder the widget)\u003Cbr \u002F>\n– “Disable submit until completed” option (frontend behaviour via plugin JS)\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Replay protection (enabled by default)\u003C\u002Fstrong>\u003Cbr \u002F>\n– Detects re-used tokens (hash stored in transients) and blocks replays\u003Cbr \u002F>\n– TTL is filterable\u003Cbr \u002F>\n– Stores hashed token markers under the transient prefix \u003Ccode>kitgenix_captcha_for_cloudflare_turnstile_ts_\u003C\u002Fcode>\u003Cbr \u002F>\n– Sets a short-lived cookie (\u003Ccode>kitgenix_captcha_for_cloudflare_turnstile_ts_replay\u003C\u002Fcode>, ~120s) when replay is detected (for frontend behaviour\u002Fmessages)\u003Cbr \u002F>\n– Dedicated replay message (filterable)\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Developer mode (warn-only)\u003C\u002Fstrong>\u003Cbr \u002F>\n– Verification failures do \u003Cstrong>not\u003C\u002Fstrong> block submissions\u003Cbr \u002F>\n– Failures are logged (and emitted via a developer log action)\u003Cbr \u002F>\n– Optional inline warning annotation for admins (frontend config)\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Whitelisting (skip Turnstile + skip loading API script)\u003C\u002Fstrong>\u003Cbr \u002F>\n– Whitelist logged-in users\u003Cbr \u002F>\n– Whitelist by IP (exact, wildcards, CIDR — including IPv6)\u003Cbr \u002F>\n– Whitelist by User-Agent (substring or wildcard matching)\u003Cbr \u002F>\n– Filter hook to override whitelist decision\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Proxy \u002F real-IP handling\u003C\u002Fstrong>\u003Cbr \u002F>\n– Optional trust of proxy headers (Cloudflare \u002F X-Forwarded-For style)\u003Cbr \u002F>\n– Trusted proxy IP list \u002F trust controls\u003Cbr \u002F>\n– Forwarded headers are only honoured when the request originates from a trusted proxy\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Performance & resilience\u003C\u002Fstrong>\u003Cbr \u002F>\n– Conditional script loading only where needed\u003Cbr \u002F>\n– Async\u002Fstrategy-based script loading (depending on WP version)\u003Cbr \u002F>\n– Adds resource hints (preconnect \u002F dns-prefetch) for Turnstile domain\u003Cbr \u002F>\n– Detects duplicate Turnstile API loaders (if another plugin\u002Ftheme enqueues \u003Ccode>api.js\u003C\u002Fcode>):\u003Cbr \u002F>\n  – Stores detection in the transient \u003Ccode>kitgenix_turnstile_duplicate_scripts\u003C\u002Fcode>\u003Cbr \u002F>\n  – Shows admin notice on settings and Plugins screen\u003Cbr \u002F>\n  – Includes dismiss link (nonce-protected, uses \u003Ccode>kitgenix_captcha_for_cloudflare_turnstile_ts_dismiss_dupe=1\u003C\u002Fcode>)\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Site Health + diagnostics\u003C\u002Fstrong>\u003Cbr \u002F>\n– Adds a Site Health test: “Cloudflare Turnstile readiness”\u003Cbr \u002F>\n– Checks:\u003Cbr \u002F>\n  – Keys present\u003Cbr \u002F>\n  – Duplicate API loader transient (\u003Ccode>kitgenix_turnstile_duplicate_scripts\u003C\u002Fcode>)\u003Cbr \u002F>\n  – Last verification success\u002Ffailure snapshot\u003Cbr \u002F>\n  – Heuristic warning if common optimisation\u002Fcaching plugins are active\u003Cbr \u002F>\n– Stores the last verify outcome (success, time, error codes) for Site Health display\u003Cbr \u002F>\n– Tracks privacy-safe counters in \u003Ccode>kitgenix_captcha_for_cloudflare_turnstile_metrics\u003C\u002Fcode> (checks total\u002Fpassed\u002Ffailed)\u003C\u002Fp>\n\u003Ch4>Manual placement (shortcode)\u003C\u002Fh4>\n\u003Cp>If you have a custom form or an unsupported plugin, you can manually render the widget:\u003C\u002Fp>\n\u003Cp>[kitgenix_turnstile]\u003C\u002Fp>\n\u003Cp>Shortcode output includes:\u003Cbr \u002F>\n– a nonce field\u003Cbr \u002F>\n– a hidden \u003Ccode>cf-turnstile-response\u003C\u002Fcode> input\u003Cbr \u002F>\n– the widget container (with \u003Ccode>data-sitekey\u003C\u002Fcode>)\u003Cbr \u002F>\n– support for passing arbitrary attributes via shortcode attributes\u003C\u002Fp>\n\u003Cp>Many supported integrations also offer \u003Cstrong>Shortcode-only\u003C\u002Fstrong> mode (you place the shortcode where you want; the plugin validates server-side without auto-injection).\u003C\u002Fp>\n\u003Ch4>Quick Start\u003C\u002Fh4>\n\u003Col>\n\u003Cli>Install and activate the plugin.\u003C\u002Fli>\n\u003Cli>Open the Turnstile settings under the Kitgenix hub in wp-admin.\u003C\u002Fli>\n\u003Cli>Add your Cloudflare Turnstile Site Key and Secret Key.\u003C\u002Fli>\n\u003Cli>Configure widget options (theme\u002Fsize\u002Fappearance\u002Flanguage) and messaging if needed.\u003C\u002Fli>\n\u003Cli>Enable the integrations (and per-form toggles) you want.\u003C\u002Fli>\n\u003Cli>Save, then test the key user journeys: login, registration, checkout, and your main contact form.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>Tip: Start with \u003Cstrong>Developer mode (warn-only)\u003C\u002Fstrong> on staging or during rollout. Once you’re satisfied, disable warn-only to enforce blocking.\u003C\u002Fp>\n\u003Ch4>Performance and caching notes (important for stores)\u003C\u002Fh4>\n\u003Cp>Turnstile is lightweight, but aggressive optimisation can break rendering or token freshness.\u003C\u002Fp>\n\u003Cp>If you use caching\u002Foptimisation plugins:\u003Cbr \u002F>\n– Allowlist https:\u002F\u002Fchallenges.cloudflare.com\u003Cbr \u002F>\n– Avoid full-page caching on login\u002Faccount\u002Fcheckout pages\u003Cbr \u002F>\n– Avoid combining\u002Finlining the Turnstile loader\u003Cbr \u002F>\n– Avoid heavily delaying Elementor\u002Fform plugin scripts\u003Cbr \u002F>\n– Ensure outbound HTTP requests to Cloudflare are not blocked (needed for server-side verification)\u003C\u002Fp>\n\u003Ch3>Settings Overview\u003C\u002Fh3>\n\u003Cp>Main settings:\u003Cbr \u002F>\n– Site Key\u003Cbr \u002F>\n– Secret Key (with “secret present” state, clear\u002Freveal)\u003Cbr \u002F>\n– Theme (auto\u002Flight\u002Fdark)\u003Cbr \u002F>\n– Size (small\u002Fmedium\u002Flarge\u002Fnormal\u002Fflexible)\u003Cbr \u002F>\n– Appearance (Turnstile appearance option)\u003Cbr \u002F>\n– Language (auto or specific locale)\u003Cbr \u002F>\n– Disable submit until completed\u003Cbr \u002F>\n– Custom error message\u003Cbr \u002F>\n– Extra message text\u003C\u002Fp>\n\u003Cp>Security & advanced:\u003Cbr \u002F>\n– Replay protection (on\u002Foff)\u003Cbr \u002F>\n– Developer mode (warn-only)\u003Cbr \u002F>\n– Whitelist logged-in users\u003Cbr \u002F>\n– Whitelist IPs (wildcards\u002FCIDR, including IPv6)\u003Cbr \u002F>\n– Whitelist user agents\u003Cbr \u002F>\n– Proxy trust (enable\u002Fdisable)\u003Cbr \u002F>\n– Trusted proxy IPs \u002F trust controls\u003C\u002Fp>\n\u003Cp>Integrations (enable + per-form toggles where available):\u003Cbr \u002F>\n– WordPress Core (login\u002Fregister\u002Flost password\u002Freset password\u002Fcomments)\u003Cbr \u002F>\n– WooCommerce (checkout\u002Flogin\u002Fregister\u002Flost password)\u003Cbr \u002F>\n– WooCommerce Blocks mode (auto vs shortcode-only)\u003Cbr \u002F>\n– Easy Digital Downloads (checkout\u002Flogin\u002Fregister\u002Fprofile)\u003Cbr \u002F>\n– Contact Form 7\u003Cbr \u002F>\n– WPForms\u003Cbr \u002F>\n– Fluent Forms\u003Cbr \u002F>\n– Formidable Forms\u003Cbr \u002F>\n– Forminator\u003Cbr \u002F>\n– Gravity Forms\u003Cbr \u002F>\n– Jetpack Forms\u003Cbr \u002F>\n– Kadence Forms\u003Cbr \u002F>\n– Elementor Forms\u003Cbr \u002F>\n– bbPress\u003Cbr \u002F>\n– BuddyPress\u003C\u002Fp>\n\u003Ch3>Developers\u003C\u002Fh3>\n\u003Cp>Shortcode:\u003Cbr \u002F>\n[kitgenix_turnstile]\u003C\u002Fp>\n\u003Cp>Server-side verification endpoint:\u003Cbr \u002F>\nhttps:\u002F\u002Fchallenges.cloudflare.com\u002Fturnstile\u002Fv0\u002Fsiteverify\u003C\u002Fp>\n\u003Cp>Filters (script\u002Floading):\u003Cbr \u002F>\n– kitgenix_captcha_for_cloudflare_turnstile_script_url( $url, $settings )\u003Cbr \u002F>\n– kitgenix_turnstile_freshness_ms\u003Cbr \u002F>\n– kitgenix_turnstile_inline_style\u003C\u002Fp>\n\u003Cp>Filters (verification \u002F request handling):\u003Cbr \u002F>\n– kitgenix_turnstile_siteverify_url\u003Cbr \u002F>\n– kitgenix_turnstile_siteverify_timeout\u003Cbr \u002F>\n– kitgenix_turnstile_siteverify_sslverify\u003Cbr \u002F>\n– kitgenix_turnstile_siteverify_http_args\u003Cbr \u002F>\n– kitgenix_turnstile_send_remoteip\u003Cbr \u002F>\n– kitgenix_turnstile_remote_ip\u003Cbr \u002F>\n– kitgenix_turnstile_token_from_request\u003Cbr \u002F>\n– kitgenix_turnstile_error_codes\u003Cbr \u002F>\n– kitgenix_turnstile_error_message\u003Cbr \u002F>\n– kitgenix_turnstile_replay_message\u003Cbr \u002F>\n– kitgenix_captcha_for_cloudflare_turnstile_{context}_turnstile_error_message\u003C\u002Fp>\n\u003Cp>Filters (replay protection):\u003Cbr \u002F>\n– kitgenix_turnstile_replay_ttl\u003C\u002Fp>\n\u003Cp>Filters (whitelist \u002F proxy trust):\u003Cbr \u002F>\n– kitgenix_turnstile_is_whitelisted( $is_whitelisted, $details )\u003Cbr \u002F>\n– kitgenix_turnstile_trust_headers\u003Cbr \u002F>\n– kitgenix_turnstile_trusted_proxies\u003C\u002Fp>\n\u003Cp>Internal identifiers (options \u002F transients \u002F cookies \u002F meta):\u003Cbr \u002F>\n– Option: kitgenix_captcha_for_cloudflare_turnstile_settings\u003Cbr \u002F>\n– Settings group (Settings API): kitgenix_captcha_for_cloudflare_turnstile_settings_group\u003Cbr \u002F>\n– Option: kitgenix_captcha_for_cloudflare_turnstile_metrics\u003Cbr \u002F>\n– Option: kitgenix_turnstile_last_verify\u003Cbr \u002F>\n– Transient: kitgenix_captcha_for_cloudflare_turnstile_do_activation_redirect\u003Cbr \u002F>\n– Transient: kitgenix_turnstile_duplicate_scripts\u003Cbr \u002F>\n– Transient prefix (replay protection): kitgenix_captcha_for_cloudflare_turnstile_ts_\u003Cbr \u002F>\n– Cookie (replay notice): kitgenix_captcha_for_cloudflare_turnstile_ts_replay\u003Cbr \u002F>\n– WooCommerce order meta (Blocks\u002FStore API verification): _kitgenix_turnstile_verified\u003C\u002Fp>\n\u003Cp>Internal nonces \u002F actions:\u003Cbr \u002F>\n– Shortcode\u002Fform nonce field name: kitgenix_captcha_for_cloudflare_turnstile_nonce\u003Cbr \u002F>\n– Shortcode\u002Fform nonce action: kitgenix_captcha_for_cloudflare_turnstile_action\u003Cbr \u002F>\n– Settings save nonce field name: kitgenix_captcha_for_cloudflare_turnstile_settings_nonce\u003Cbr \u002F>\n– Settings save nonce action: kitgenix_captcha_for_cloudflare_turnstile_settings_save\u003Cbr \u002F>\n– Admin AJAX action (reveal saved secret): kitgenix_turnstile_get_secret (WordPress hook: wp_ajax_kitgenix_turnstile_get_secret)\u003Cbr \u002F>\n– Admin AJAX nonce action (reveal saved secret): kitgenix_turnstile_reveal_secret\u003Cbr \u002F>\n– Duplicate-loader notice dismiss query arg: kitgenix_captcha_for_cloudflare_turnstile_ts_dismiss_dupe\u003Cbr \u002F>\n– Duplicate-loader notice dismiss nonce action: kitgenix_captcha_for_cloudflare_turnstile_ts_dismiss\u003C\u002Fp>\n\u003Cp>Actions (developer logging):\u003Cbr \u002F>\n– kitgenix_turnstile_dev_log\u003C\u002Fp>\n\u003Ch3>External Services\u003C\u002Fh3>\n\u003Cp>This plugin uses \u003Cstrong>Cloudflare Turnstile\u003C\u002Fstrong> to verify requests and prevent spam and abuse.\u003C\u002Fp>\n\u003Cp>The plugin may:\u003Cbr \u002F>\n– Load the Turnstile script:\u003Cbr \u002F>\n  https:\u002F\u002Fchallenges.cloudflare.com\u002Fturnstile\u002Fv0\u002Fapi.js\u003Cbr \u002F>\n– Submit verification requests server-side to:\u003Cbr \u002F>\n  https:\u002F\u002Fchallenges.cloudflare.com\u002Fturnstile\u002Fv0\u002Fsiteverify\u003C\u002Fp>\n\u003Cp>When verification is enabled, the plugin sends to Cloudflare:\u003Cbr \u002F>\n– Your Turnstile secret key\u003Cbr \u002F>\n– The Turnstile response token\u003Cbr \u002F>\n– The visitor IP address (as the optional \u003Ccode>remoteip\u003C\u002Fcode> parameter, when enabled)\u003C\u002Fp>\n\u003Cp>The plugin does not send the visitor’s browser user agent to Cloudflare as part of the verification payload (the HTTP request itself is made server-side by WordPress).\u003C\u002Fp>\n\u003Cp>If proxy trust is enabled, the plugin may read forwarding headers (e.g. \u003Ccode>CF-Connecting-IP\u003C\u002Fcode>, \u003Ccode>X-Forwarded-For\u003C\u002Fcode>) to determine the client IP, but only when requests originate from configured trusted proxies.\u003C\u002Fp>\n\u003Cp>The plugin does not add tracking cookies itself and does not sell or share personal data.\u003C\u002Fp>\n\u003Cp>Cloudflare Turnstile Terms: https:\u002F\u002Fdevelopers.cloudflare.com\u002Fturnstile\u002F\u003Cbr \u002F>\nCloudflare Privacy Policy: https:\u002F\u002Fwww.cloudflare.com\u002Fprivacypolicy\u002F\u003C\u002Fp>\n\u003Cp>This plugin also includes a shared “Kitgenix hub” component in wp-admin which may fetch publicly available plugin metadata from WordPress.org using the WordPress core \u003Ccode>plugins_api()\u003C\u002Fcode> function (WordPress.org Plugins API).\u003C\u002Fp>\n\u003Cul>\n\u003Cli>When it runs: only in wp-admin (Kitgenix plugin admin pages)\u003C\u002Fli>\n\u003Cli>Data sent: plugin slug(s) (no personal data)\u003C\u002Fli>\n\u003Cli>Data received: publicly available plugin information (e.g. active installs, ratings)\u003C\u002Fli>\n\u003Cli>Caching: responses are cached locally using transients for ~1 day:\n\u003Cul>\n\u003Cli>\u003Ccode>kitgenix_hub_wporg_active_installs_v1\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>kitgenix_hub_wporg_ratings_v1\u003C\u002Fcode>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Trademark Notice\u003C\u002Fh3>\n\u003Cp>“Cloudflare” and the Cloudflare logo are trademarks of Cloudflare, Inc. This plugin is not affiliated with or endorsed by Cloudflare, Inc.\u003C\u002Fp>\n\u003Ch3>Support Development\u003C\u002Fh3>\n\u003Cp>If this plugin helps keep spam away without slowing your site down, you can support ongoing development here:\u003Cbr \u002F>\nhttps:\u002F\u002Fbuymeacoffee.com\u002Fkitgenix\u003C\u002Fp>\n\u003Ch3>Credits\u003C\u002Fh3>\n\u003Cp>Built with ❤︎ by @kitgenix – https:\u002F\u002Fkitgenix.com\u003C\u002Fp>\n","Add Cloudflare Turnstile to WordPress, WooCommerce, Elementor, and popular form plugins. Privacy-first spam protection with server-side verification.",300,2095,5,"2026-02-19T22:09:00.000Z","6.0","8.1",[94,95,20,96,23],"anti-spam","captcha","turnstile","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fkitgenix-captcha-for-cloudflare-turnstile\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fkitgenix-captcha-for-cloudflare-turnstile.1.0.17.zip",{"slug":100,"name":101,"version":102,"author":103,"author_profile":104,"description":105,"short_description":106,"active_installs":87,"downloaded":107,"rating":13,"num_ratings":33,"last_updated":108,"tested_up_to":109,"requires_at_least":110,"requires_php":111,"tags":112,"homepage":118,"download_link":119,"security_score":120,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"myagilepixel","My Agile Pixel – The GDPR Analytics and Tracking Pixel Solution","3.0.8","Formula Agile","https:\u002F\u002Fprofiles.wordpress.org\u002Fformulaagile\u002F","\u003Cp>This plugin helps you to prevent the illegal use of trackers on your website.\u003C\u002Fp>\n\u003Cp>With different level of proxification, you can send anonymous data to USA and get compliant with GDPR.\u003C\u002Fp>\n\u003Cp>You can continue to use Google Analytics, Facebook Pixel and TikTok Pixel and track your advertising campaign without worries about legal compliance.\u003C\u002Fp>\n\u003Cp>With the added functionality of “User Property Tracking”, you can enhance your web analysis and marketing campaigns by sending custom user properties to Google Analytics 4.\u003C\u002Fp>\n\u003Cp>This software is compatible with Google Tag Manager and Google Ads Conversion Tracking.\u003C\u002Fp>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FtOQhmhqaBvI?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\n\u003Ch3>Key Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\n\u003Cp>⭐ Easy to use\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>🚀 One click setup\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>⚡️GDPR Compliant\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>⭐ Compatible with \u003Ca href=\"https:\u002F\u002Fwww.myagileprivacy.com\u002F\" rel=\"nofollow ugc\">My Agile Privacy\u003C\u002Fa>, Iubenda, Cookiebot, CookieYes and Complianz.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n","Avoid legal issues with Google Analytics, Facebook Pixel, and TikTok Pixel. Boost marketing with custom user properties in Google Analytics 4.",10733,"2024-08-07T06:27:00.000Z","6.6.5","4.4.0","5.6",[113,114,115,116,117],"facebook-fbcapi-server-side","gdpr-and-compliance","google-analytics-4-events","google-analytics-server-side","woocommerce-events","https:\u002F\u002Fwww.myagilepixel.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmyagilepixel.3.0.8.zip",92,{"slug":122,"name":123,"version":124,"author":125,"author_profile":126,"description":127,"short_description":128,"active_installs":11,"downloaded":129,"rating":13,"num_ratings":70,"last_updated":130,"tested_up_to":131,"requires_at_least":72,"requires_php":132,"tags":133,"homepage":137,"download_link":138,"security_score":139,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29},"gdpr-settings-for-wc","GDPR Settings for WooCommerce","1.2.1","Santiago Alonso","https:\u002F\u002Fprofiles.wordpress.org\u002Fsalonsoweb\u002F","\u003Cp>Adapt your e-commerce to the GDPR rules.\u003C\u002Fp>\n\u003Cp>This plugin allows you to easily add a check box to the woocommerce checkout to obtain the consent of the users before sending them promotions.\u003C\u002Fp>\n\u003Cp>In addition, you can add the first layer of privacy before completing the checkout, as required by the RGPD.\u003C\u002Fp>\n\u003Ch3>GDPR Promo consent\u003C\u002Fh3>\n\u003Cp>With RGPD\u002FGPDR Settings for WooCommerce you can include an optional checkbox in your checkout to obtain your user’s consent for send news and promotions later.\u003C\u002Fp>\n\u003Cp>You can check the user consent in the admin order details and also in the admin new order email.\u003C\u002Fp>\n\u003Ch3>GDPR top privacy layer\u003C\u002Fh3>\n\u003Cp>According GDPR rules you need to include a simple extract about your privacy policies near to your place order button.\u003C\u002Fp>\n\u003Cp>With RGPD\u002FGPDR Settings for WC you can customize this first privacy layer easily too.\u003C\u002Fp>\n\u003Ch3>GDPR Settings tab\u003C\u002Fh3>\n\u003Cp>You can customize your GDPR texts under a new setting tab in the WooCommerce settings page\u003C\u002Fp>\n\u003Ch3>Plugin compatibility\u003C\u002Fh3>\n\u003Cp>RGPD\u002FGPDR Settings for WC will work with WooCommerce and all WordPress themes or any visual builder like Divi, Elementor, WPBakery, etc.\u003C\u002Fp>\n\u003Cp>This plugin use native WooCommerce hooks for total compatibility.\u003C\u002Fp>\n","Adapt your e-commerce to the GDPR rules. This plugin allows you to easily add a check box to the woocommerce checkout to obtain the consent of the us &hellip;",3446,"2021-08-02T12:53:00.000Z","5.8.13","5.2.4",[134,21,135,136,23],"cookies","privacy","rgpd","https:\u002F\u002Fsalonsoweb.es","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fgdpr-settings-for-wc.1.2.1.zip",85,{"attackSurface":141,"codeSignals":275,"taintFlows":289,"riskAssessment":290,"analyzedAt":297},{"hooks":142,"ajaxHandlers":250,"restRoutes":251,"shortcodes":272,"cronEvents":273,"entryPointCount":274,"unprotectedCount":33},[143,149,153,158,162,166,170,175,180,183,185,188,191,194,199,203,207,211,216,220,224,228,232,236,238,242,246],{"type":144,"name":145,"callback":146,"file":147,"line":148},"action","init","register_settings","includes\\Controller\\DashboardController.php",14,{"type":144,"name":150,"callback":151,"file":147,"line":152},"admin_menu","add_menu_item",15,{"type":154,"name":155,"callback":156,"file":147,"line":157},"filter","admin_body_class","set_admin_body_class",16,{"type":144,"name":159,"callback":160,"file":147,"line":161},"admin_enqueue_scripts","enqueue_scripts",17,{"type":154,"name":163,"callback":164,"file":147,"line":165},"default_option_beetle_tracking_settings","default_settings",19,{"type":154,"name":167,"callback":168,"file":147,"line":169},"option_beetle_tracking_settings","maybe_add_default_settings",20,{"type":154,"name":171,"callback":172,"priority":173,"file":147,"line":174},"rest_pre_dispatch","add_settings_to_wpml",10,21,{"type":144,"name":176,"callback":177,"file":178,"line":179},"rest_api_init","register_endpoint","includes\\Controller\\FeatureRequestController.php",9,{"type":144,"name":181,"callback":160,"file":182,"line":161},"wp_enqueue_scripts","includes\\Controller\\FrontendController.php",{"type":144,"name":176,"callback":177,"file":184,"line":179},"includes\\Controller\\NewsletterController.php",{"type":144,"name":176,"callback":177,"file":186,"line":187},"includes\\Controller\\SettingsPushController.php",11,{"type":144,"name":145,"callback":189,"file":190,"line":148},"upgrade","includes\\Controller\\UpgradeController.php",{"type":144,"name":176,"callback":192,"file":193,"line":165},"register_routes","includes\\Controller\\VariationDataController.php",{"type":144,"name":195,"callback":196,"priority":173,"file":197,"line":198},"wp_login","user_login","includes\\Controller\\WebsiteEventsController.php",29,{"type":144,"name":200,"callback":201,"file":197,"line":202},"user_register","user_register_handler",32,{"type":144,"name":204,"callback":205,"file":197,"line":206},"template_redirect","setup_static_events",35,{"type":144,"name":208,"callback":209,"file":210,"line":157},"add_meta_boxes","add_meta_box","includes\\Controller\\WooCommerce\\Admin\\OrderMetaBoxController.php",{"type":144,"name":212,"callback":213,"priority":33,"file":214,"line":215},"woocommerce_before_shop_loop_item","start_loop_collection","includes\\Controller\\WooCommerceController.php",33,{"type":144,"name":217,"callback":218,"file":214,"line":219},"woocommerce_after_shop_loop_item","collect_loop_product",36,{"type":154,"name":221,"callback":222,"priority":89,"file":214,"line":223},"woocommerce_product_loop_end","output_collected_loop_data",39,{"type":144,"name":225,"callback":226,"file":214,"line":227},"woocommerce_after_add_to_cart_button","setup_add_to_cart_product_data",42,{"type":154,"name":229,"callback":230,"priority":173,"file":214,"line":231},"woocommerce_blocks_product_grid_item_html","setup_blocks_product_data",43,{"type":144,"name":233,"callback":234,"file":214,"line":235},"wp_footer","setup_cart_content",47,{"type":144,"name":204,"callback":205,"file":214,"line":237},50,{"type":144,"name":239,"callback":240,"file":241,"line":34},"before_woocommerce_init","WooCommerceBeforeInit","includes\\TrackingPlugin.php",{"type":144,"name":243,"callback":244,"file":241,"line":245},"woocommerce_init","WooCommerceInit",31,{"type":154,"name":247,"callback":248,"file":249,"line":148},"beetle_tracking_events","closure","includes\\Utils\\AddEvent.php",[],[252,258,262,265],{"namespace":253,"route":254,"methods":255,"callback":257,"permissionCallback":248,"file":178,"line":148},"beetle-tracking\u002Fv1","\u002Ffeature-request",[256],"POST","handle_request",{"namespace":253,"route":259,"methods":260,"callback":261,"permissionCallback":248,"file":184,"line":148},"\u002Fnewsletter",[256],"handle_newsletter_signup",{"namespace":253,"route":263,"methods":264,"callback":257,"permissionCallback":248,"file":186,"line":157},"\u002Fpush-to-cloudflare",[256],{"namespace":253,"route":266,"methods":267,"callback":269,"permissionCallback":270,"file":193,"line":271},"\u002Fvariations\u002F(?P\u003Cproduct_id>\\d+)",[268],"GET","get_variations","__return_true",27,[],[],4,{"dangerousFunctions":276,"sqlUsage":277,"outputEscaping":279,"fileOperations":27,"externalRequests":287,"nonceChecks":27,"capabilityChecks":274,"bundledLibraries":288},[],{"prepared":27,"raw":27,"locations":278},[],{"escaped":280,"rawEcho":70,"locations":281},25,[282,285],{"file":214,"line":283,"context":284},344,"raw output",{"file":214,"line":286,"context":284},385,3,[],[],{"summary":291,"deductions":292},"The beetle-tracking plugin version 1.6.27 exhibits a generally good security posture with several strengths. The absence of dangerous functions, file operations, and vulnerabilities in its history are positive indicators. The plugin also demonstrates strong practices with 100% of SQL queries using prepared statements and a high rate of output escaping (93%).\n\nHowever, there are notable concerns that detract from its overall security. The presence of one unprotected REST API route represents a significant entry point that could be exploited without proper authentication, potentially leading to unauthorized actions or data exposure. Furthermore, the complete lack of nonce checks is a considerable weakness. While capability checks are present for some entry points, relying solely on them without nonces makes the plugin susceptible to Cross-Site Request Forgery (CSRF) attacks.\n\nThe plugin's vulnerability history, being entirely clear, is a positive sign, suggesting either a well-developed codebase or a lack of past targeted attacks. However, this does not negate the risks identified in the static analysis. The combination of an unprotected API route and a complete absence of nonce checks presents a clear and actionable risk that should be addressed.",[293,295],{"reason":294,"points":173},"Unprotected REST API route",{"reason":296,"points":173},"No nonce checks implemented","2026-03-16T20:23:16.398Z",{"wat":299,"direct":308},{"assetPaths":300,"generatorPatterns":303,"scriptPaths":304,"versionParams":305},[301,302],"\u002Fwp-content\u002Fplugins\u002Fbeetle-tracking\u002Fassets\u002Fcss\u002Fbeetle-tracking-admin.css","\u002Fwp-content\u002Fplugins\u002Fbeetle-tracking\u002Fassets\u002Fjs\u002Fbeetle-tracking-admin.js",[],[302],[306,307],"beetle-tracking-admin.css?ver=","beetle-tracking-admin.js?ver=",{"cssClasses":309,"htmlComments":311,"htmlAttributes":312,"restEndpoints":314,"jsGlobals":316,"shortcodeOutput":318},[310],"beetle-tracking-admin-page",[],[313],"data-beetle-tracking-settings",[315],"\u002Fwp-json\u002Fbeetle-tracking\u002Fv1\u002Fsettings",[317],"beetleTrackingAdmin",[]]