[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fpV6mUA8qS09WwSe97ewRLBS-zXBJhI8JwYQ5mC9C10Y":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":22,"download_link":23,"security_score":24,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":26,"vulnerabilities":27,"developer":28,"crawl_stats":25,"alternatives":36,"analysis":142,"fingerprints":213},"forget-user-info","Forget User Info","0.2","Mark Jaquith","https:\u002F\u002Fprofiles.wordpress.org\u002Fmarkjaquith\u002F","\u003Cp>This simple plugin inserts the following into the comment form:\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>Not \u003Ccode>USER'S NAME\u003C\u002Fcode>? Click here to clear this info.\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Cp>When clicked, the comment cookies will be cleared, and the form will become empty. This only shows up if the user is not logged in (as most comment forms have a “log out” link for them), and if the user has a comment cookie.\u003C\u002Fp>\n","Inserts a link into the comments form that will clear a user's comment info cookie",10,2513,0,"2009-09-08T09:06:00.000Z","2.8.4","2.8","",[19,20,21],"comments","cookies","privacy","http:\u002F\u002Ftxfx.net\u002Fwordpress-plugins\u002Fforget-user-info\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fforget-user-info.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":29,"display_name":7,"profile_url":8,"plugin_count":30,"total_installs":31,"avg_security_score":32,"avg_patch_time_days":33,"trust_score":34,"computed_at":35},"markjaquith",29,176350,86,3337,69,"2026-04-04T09:10:59.896Z",[37,62,81,101,120],{"slug":38,"name":39,"version":40,"author":41,"author_profile":42,"description":43,"short_description":44,"active_installs":45,"downloaded":46,"rating":47,"num_ratings":48,"last_updated":49,"tested_up_to":50,"requires_at_least":51,"requires_php":52,"tags":53,"homepage":57,"download_link":58,"security_score":59,"vuln_count":60,"unpatched_count":13,"last_vuln_date":61,"fetched_at":26},"cookie-notice","Cookie Notice & Compliance for GDPR \u002F CCPA","2.5.14","Humanityco","https:\u002F\u002Fprofiles.wordpress.org\u002Fhumanityco\u002F","\u003Cp>\u003Cstrong>Cookie Notice\u003C\u002Fstrong> provides a simple, customizable website banner that can be used to help your website comply with certain cookie consent requirements under the EU GDPR cookie law and CCPA regulations and includes \u003Cstrong>seamless integration\u003C\u002Fstrong> with Cookie Compliance to help your site comply with the latest updates to existing consent laws.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Cookie Compliance\u003C\u002Fstrong> is a fully featured Consent Management Platform (CMP) that provides automated compliance features and enhanced design controls in a state-of-the-art web application. Cookie Compliance enables websites to \u003Cstrong>take a proactive approach to data protection and consent laws\u003C\u002Fstrong>. It is the first solution to offer Intentional Consent, a new consent framework that incorporates the latest guidelines from over 100+ countries, and emerging standards from leading international organizations like the IEEE and European Center for Digital Rights (noyb.eu). Cookie Compliance provides a beautiful, multi-level experience and includes new choices and controls for site visitors to better understand and engage in data privacy decisions.\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>Our Cookie Compliance web application introduces a more ethical, proactive way to capture and manage consent.  This early version of the emerging Intentional Consent framework is a result of Hu-manity.co’s ongoing work with top Fortune 500 companies, governments, and standards organizations, who believe that the imbalanced relationship between consumers and corporations is unsustainable when it comes to data privacy and consent online. We are making it available for all website owners and operators who share this belief and support our mission to eliminate the dark patterns in online consent.\u003Cbr \u002F>\n  Matt Sinderbrand – Chief Platform Officer, Hu-manity.co\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Ch3>Cookie Notice (plugin only)\u003C\u002Fh3>\n\u003Cp>Cookie Notice provides a simple, customizable website banner to help your website comply with certain cookie consent requirements.\u003C\u002Fp>\n\u003Ch4>Banner features:\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Customizable notice message\u003C\u002Fli>\n\u003Cli>Consent on click, scroll or close\u003C\u002Fli>\n\u003Cli>Multiple cookie expiry options\u003C\u002Fli>\n\u003Cli>Link to Privacy Policy page\u003C\u002Fli>\n\u003Cli>WordPress Privacy Policy page synchronization\u003C\u002Fli>\n\u003Cli>WPML and Polylang compatible\u003C\u002Fli>\n\u003Cli>SEO friendly\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Cookie Compliance (plugin + web application)\u003C\u002Fh3>\n\u003Cp>Cookie Compliance gives you access to the most up-to-date formatting guidelines and technical compliance requirements for over 100 countries and legal jurisdictions.\u003C\u002Fp>\n\u003Ch4>Banner features:\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Intentional Consent\u003C\u002Fstrong> provides 3 equal buttons to give site visitors the ability to accept none, some, or all cookies through packaged choices called Data Access Levels. Data Access Levels improve consent conversion and eliminate the dark pattern of deceptive, non-equal choices in the first layer. \u003Cem>Complies with equal choice principle prescribed under GDPR and other data protection laws.\u003C\u002Fem>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Consent duration selector\u003C\u002Fstrong> gives visitor control over how long their consent remains valid for your site.  \u003Cem>Enables your site to align with recent guidelines from EU Data Protection Authorities, which state that cookie consent should be valid for no longer than a period of 6 months.\u003C\u002Fem>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Cookie purpose categories\u003C\u002Fstrong> make it easy for website visitors to customize their consent by category. \u003Cem>Complies with affirmative, opt-in consent requirements prescribed under GDPR and other data protection laws.\u003C\u002Fem>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Consent metrics\u003C\u002Fstrong> displays the visitor’s consent record and a list of blocked \u002F allowed 3rd parties directly in the expanded level of the banner. \u003Cem>Complies with latest guidance from EU Data Protection Authorities like CNIL (France) and ICO (UK). \u003C\u002Fem>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Customizable Privacy Paper\u003C\u002Fstrong> provides helpful information to improve visitor comprehension and understanding of the data sharing risks and benefits. Allows you to summarize core components of your sites privacy notice and \u003Cem>aligns with the informed principle prescribed by GDPR rules for valid consent capture. \u003C\u002Fem>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Configurable Privacy Contact\u003C\u002Fstrong> allows you to provide contact information for a business’ data privacy admin, as well as helpful links to data subject request forms and other data privacy resources. \u003Cem>Aligns with the informed principle prescribed by GDPR rules for valid consent capture.\u003C\u002Fem>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Web Application features:\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Consent analytics dashboard\u003C\u002Fstrong> shows event data for number of visits and provides a “trust score” to help you track how site visitors are setting their consent. Make adjustments to your banner to improve your cookie acceptance rate and monitor progress via the consent activity graph.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Default configurations\u003C\u002Fstrong> for GDPR, CCPA and more help to remove dark patterns and allow for quick and easy deployment of the consent banner without any guesswork. Customize the design of any default configuration to match the look and feel of your site.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Automatic script blocking\u003C\u002Fstrong> blocks all non-essential cookie scripts and iFrames by default and \u003Cem>complies with valid consent rules under GDPR and other data protection laws\u003C\u002Fem>; in order to be compliant, your site must record visitor consent before setting or sending cookies.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Google Consent Mode\u003C\u002Fstrong> ensures that your website can still gather valuable insights and perform effectively while respecting users’ privacy preferences by \u003Cem>dynamically adjusting the behavior of Google services according to user consent.\u003C\u002Fem>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Facebook Consent Mode\u003C\u002Fstrong> allows your website to \u003Cem>measure the impact of your ads on Facebook\u003C\u002Fem>, track website activities and conversions and automatically deliver ads to Facebook if the user has agreed to.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Consent record storage\u003C\u002Fstrong> automatically stores a record of each consent and makes these records available for export. \u003Cem>Complies with proof-of-consent requirements prescribed under GDPR and other data protection laws.\u003C\u002Fem>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Multilingual support\u003C\u002Fstrong> automatically translates all banner text strings and allows you to provide custom translations for every text field to ensure visitors get a consistent consent experience.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Multidomain management\u003C\u002Fstrong> allows you to manage additional Free or Professional domains under a single account and enables you to customize banner configuration and design for each domain independently.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Cookie Compliance proactive approach:\u003C\u002Fh4>\n\u003Cp>For all businesses, the resources required to stay ahead of the latest regulations increases with the passage of each new law. With enforcement of compliance violations increasing daily, we believe it is critical for us as a trusted consent vendor to do everything in our power to help you stay ahead of these laws and remove the risk to your business\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Cookie Compliance covers all current and upcoming regulations:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>GDPR (EU)\u003C\u002Fli>\n\u003Cli>ePrivacy Directive (EU)\u003C\u002Fli>\n\u003Cli>ePrivacy Regulation (EU)\u003C\u002Fli>\n\u003Cli>PECR (UK)\u003C\u002Fli>\n\u003Cli>LGPD (Brazil)\u003C\u002Fli>\n\u003Cli>PIPEDA (Canada)\u003C\u002Fli>\n\u003Cli>PDPB (India)\u003C\u002Fli>\n\u003Cli>CCPA (California, US)\u003C\u002Fli>\n\u003Cli>VCDPA (Virginia, US)\u003C\u002Fli>\n\u003Cli>Colorado Privacy Act (US)\u003C\u002Fli>\n\u003Cli>CPRA (California, US)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Cookie Compliance incorporates all recent formatting guidance:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>European Data Protection Supervisor (EDPS)\u003C\u002Fli>\n\u003Cli>ICO (United Kingdom)\u003C\u002Fli>\n\u003Cli>CNIL (France)\u003C\u002Fli>\n\u003Cli>GPDP (Italy)\u003C\u002Fli>\n\u003Cli>BfDl (Germany)\u003C\u002Fli>\n\u003Cli>AEPD (Spain)\u003C\u002Fli>\n\u003Cli>European Center for Digital Rights (noyb.eu)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Cookie Compliance targets dark patterns\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Dark Patterns are user interface (UI) techniques that push site visitors to make decisions (such as agreeing to the installation of cookies on their devices) that they might not otherwise make. The most common Dark Pattern is the lack of an equal “reject all” button on the first layer of the consent notice. Dark Patterns are explicitly banned under GDPR and other data protection laws.\u003C\u002Fp>\n\u003Cp>As a part of our proactive approach, Cookie Compliance is configured by default to prevent Dark Patterns through our unique Intentional Consent design.\u003C\u002Fp>\n","Cookie Notice allows you to you elegantly inform users that your site uses cookies and helps you comply with GDPR, CCPA and other data privacy laws.",900000,36171663,96,3020,"2026-03-04T01:02:00.000Z","6.9.4","4.9.6","7.4",[54,55,20,56,21],"ccpa","consent","gdpr","https:\u002F\u002Fcookie-compliance.co\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcookie-notice.2.5.14.zip",95,6,"2025-11-21 16:28:14",{"slug":63,"name":64,"version":65,"author":66,"author_profile":67,"description":68,"short_description":69,"active_installs":70,"downloaded":71,"rating":72,"num_ratings":73,"last_updated":74,"tested_up_to":50,"requires_at_least":75,"requires_php":52,"tags":76,"homepage":79,"download_link":80,"security_score":72,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":26},"wp-consent-api","WP Consent API","2.0.1","Rogier Lankhorst","https:\u002F\u002Fprofiles.wordpress.org\u002Frogierlankhorst\u002F","\u003Cp>WP Consent API is a plugin that standardizes the communication of accepted consent categories between plugins. It requires a cookie banner plugin and, at least, one other plugin that supports the WP Consent API.\u003C\u002Fp>\n\u003Cp>With this plugin, all supporting plugins can use the same set of methods to read and register the current consent category, allowing consent management plugins and other plugins to work together, improving compliance with privacy laws.\u003C\u002Fp>\n\u003Cp>WARNING: the plugin itself will not handle consent. It will show you how many plugins you have without Consent API support and will improve compliance on your site by ensuring smooth communication between cookie banner plugins and plugins that set cookies or track user data.\u003C\u002Fp>\n\u003Ch4>What problem does this plugin solve?\u003C\u002Fh4>\n\u003Cp>Currently, it is possible for a consent management plugin to block third-party services like Facebook, Google Maps, Twitter, etc. But if a WordPress plugin places a PHP cookie, a consent management plugin cannot prevent this.\u003C\u002Fp>\n\u003Cp>Secondly, some plugins integrate the tracking code on the clientside in javascript files that, when blocked, break the site.\u003C\u002Fp>\n\u003Cp>Or, if such a plugin’s javascript is minified, causing the URL to be unrecognizable and won’t get detected by an automatic blocking script.\u003C\u002Fp>\n\u003Cp>Lastly, the blocking approach requires a list of all types of URL’s that tracks data. A generic API where plugins adhere to can greatly\u003Cbr \u002F>\nfacilitate a webmaster in getting a site compliant.\u003C\u002Fp>\n\u003Ch4>Does usage of this API prevent third-party services from tracking user data?\u003C\u002Fh4>\n\u003Cp>Primary this API is aimed at compliant first-party cookies or tracking by WordPress plugins. If such a plugin triggers, for example, Facebook,\u003Cbr \u002F>\nusage of this API will be of help. If a user embeds a Facebook iframe, a blocking tool is needed that initially disables the iframe and or scripts.\u003C\u002Fp>\n\u003Cp>Third-party scripts have to blocked by blocking functionality in a consent management plugin. To do this in core would be to intrusive, and is also not applicable to all users: only users with visitors from opt-in regions such as the European Union require such a feature. Such a feature also has a risk of breaking things. Additionally, blocking these and showing a nice placeholder requires even more sophisticated code, all of which should in my opinion not be part of WordPress core, for the same reasons.\u003C\u002Fp>\n\u003Ch4>How does it work?\u003C\u002Fh4>\n\u003Cp>There are two indicators that together tell if consent is given for a specific consent category, e.g., “marketing”:\u003Cbr \u002F>\n1) the region based consent_type, which\u003Cbr \u002F>\ncan be opt-in, opt-out, or other possible consent_types;\u003Cbr \u002F>\n2) and the visitor’s choice: not set, allow, or deny.\u003C\u002Fp>\n\u003Cp>The consent_type is a function that wraps a filter, “wp_get_consent_type”. If there’s no consent management plugin to set it, it will return false. This will cause all consent categories to return true, allowing cookies to be set on all categories.\u003C\u002Fp>\n\u003Cp>If opt-in is set using this filter, a category will only return true if the value of the visitor’s choice is “allow”.\u003C\u002Fp>\n\u003Cp>If the region based consent_type is opt-out, it will return true if the visitor’s choice is not set or is “allow”.\u003C\u002Fp>\n\u003Cp>Clientside, a consent management plugin can dynamically manipulate the consent type and set several cookie categories.\u003C\u002Fp>\n\u003Cp>A plugin can use a hook to listen for changes or check the value of a given category.\u003C\u002Fp>\n\u003Cp>Categories and most other stuff can be extended with a filter.\u003C\u002Fp>\n\u003Ch3>Existing integrations\u003C\u002Fh3>\n\u003Cp>Categorized, and sorted alphabetically\u003C\u002Fp>\n\u003Ch4>Example plugin\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Frlankhorst\u002Fconsent-api-example-plugin\" rel=\"nofollow ugc\">Example plugin\u003C\u002Fa>. The plugin basically consists of a shortcode, with a div that shows a tracking or not tracking message. No actual tracking is done 🙂\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Consent Management Providers\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fsirdata-cmp\u002F\" rel=\"ugc\">Abconsent Sirdata CMP\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fbeautiful-and-responsive-cookie-consent\u002F\" rel=\"ugc\">Beautiful Cookie Consent Banner\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fclickio-consent\u002F\" rel=\"ugc\">Clickio Consent\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fcomplianz-gdpr\u002F\" rel=\"ugc\">Complianz GDPR\u002FCCPA\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fconsent.studio\u002F\" rel=\"nofollow ugc\">Consent Studio\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fconsent-manager\u002F\" rel=\"ugc\">consentmanager\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fconzent.net\u002F\" rel=\"nofollow ugc\">Conzent\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fcookiebot\u002F\" rel=\"ugc\">Cookiebot\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fcookiefirst-gdpr-cookie-consent-banner\u002F\" rel=\"ugc\">CookieFirst\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fcookiehub\u002F\" rel=\"ugc\">CookieHub\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fcookietractor\u002F\" rel=\"ugc\">CookieTractor\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fcookie-law-info\u002F\" rel=\"ugc\">CookieYes – Cookie Banner for Cookie Consent\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fgdpr-cookie-compliance\u002F\" rel=\"ugc\">GDPR Cookie Compliance\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.webtoffee.com\u002Fproduct\u002Fgdpr-cookie-consent\u002F\" rel=\"nofollow ugc\">GDPR Cookie Consent Plugin – CCPA Ready\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fgetterms.io\u002Fconsent-manager\u002F\" rel=\"nofollow ugc\">GetTerms\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fiubenda-cookie-law-solution\u002F\" rel=\"ugc\">iubenda | All-in-one Compliance\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fpressidium-cookie-consent\u002F\" rel=\"ugc\">Pressidium Cookie Consent\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Ftrustarc-cookie-consent-manager\u002F\" rel=\"ugc\">TrustArc Cookie Consent Manager\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Consent Requiring Plugins\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fadd-to-any\u002F\" rel=\"ugc\">AddToAny\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.appfromlab.com\u002Fproduct\u002Fwoocommerce-utm-tracker-plugin\u002F\" rel=\"nofollow ugc\">AFL UTM Tracker Plugin\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fburst-statistics\u002F\" rel=\"ugc\">Burst Statistics\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fgoogle-site-kit\u002F\" rel=\"ugc\">Google Site Kit\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwoocommerce-google-adwords-conversion-tracking-tag\u002F\" rel=\"ugc\">Pixel Manager for WooCommerce\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwoocommerce\u002F\" rel=\"ugc\">Woo\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwp-statistics\u002F\" rel=\"ugc\">WP Statistics\u003C\u002Fa>.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Demo site\u003C\u002Fh3>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwpconsentapi.org\u002F\" rel=\"nofollow ugc\">wpconsentapi.org\u003C\u002Fa>\u003Cbr \u002F>\nBelow are the plugins used to set up the demo site:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Complianz\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Frlankhorst\u002Fconsent-api-example-plugin\" rel=\"nofollow ugc\">The example plugin\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>javascript, consent management plugin\u003C\u002Fh4>\n\u003Cpre>\u003Ccode>\u002F\u002Fset consent type\nwindow.wp_consent_type = 'optin'\n\n\u002F\u002Fdispatch event when consent type is defined. This is useful if the region is detected server side, so the consent type is defined later during the pageload\nlet event = new CustomEvent('wp_consent_type_defined');\ndocument.dispatchEvent( event );\n\n\n\u002F\u002Fconsent management plugin sets cookie when consent category value changes\nwp_set_consent('marketing', 'allow');\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch4>javascript, tracking plugin\u003C\u002Fh4>\n\u003Cpre>\u003Ccode>\u002F\u002Flisten to consent change event\ndocument.addEventListener(\"wp_listen_for_consent_change\", function (e) {\n  var changedConsentCategory = e.detail;\n  for (var key in changedConsentCategory) {\n    if (changedConsentCategory.hasOwnProperty(key)) {\n      if (key === 'marketing' && changedConsentCategory[key] === 'allow') {\n        console.log(\"just given consent, track user\")\n      }\n    }\n  }\n});\n\n\u002F\u002Fbasic implementation of consent check:\nif (wp_has_consent('marketing')){\n  activateMarketing();\n  console.log(\"set marketing stuff now!\");\n} else {\n  console.log(\"No marketing stuff please!\");\n}\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch4>PHP\u003C\u002Fh4>\n\u003Cpre>\u003Ccode>\u002F\u002Fdeclare compliance with consent level API\n$plugin = plugin_basename( __FILE__ );\nadd_filter( \"wp_consent_api_registered_{$plugin}\", '__return_true' );\n\n\u002F**\n* Example how a plugin can register cookies with the consent API\n * These cookies can then be shown on the front-end, to the user, with wp_get_cookie_info()\n *\u002F\n\nfunction my_wordpress_register_cookies(){\n    if ( function_exists( 'wp_add_cookie_info' ) ) {\n        wp_add_cookie_info( 'AMP_token', 'AMP', 'marketing', __( 'Session' ), __( 'Store a unique User ID.' ) );\n    }\n}\nadd_action('plugins_loaded', 'my_wordpress_register_cookies');\n\n\nif (wp_has_consent('marketing')){\n\u002F\u002Fdo marketing stuff\n}\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch4>Service-level consent\u003C\u002Fh4>\n\u003Cp>In addition to category-based consent, the API supports service-level consent control. This allows consent management plugins to grant or deny consent for specific services (like ‘google-analytics’ or ‘facebook-pixel’) independently from their category. When checking service consent with wp_has_service_consent(), the API first checks if explicit consent exists for that service. If no explicit consent is set, it falls back to the consent status of the service’s category. This enables fine-grained control: a user might accept statistics cookies in general, but explicitly deny a specific analytics service.\u003C\u002Fp>\n\u003Cp>Service consent can be checked and set both server-side (PHP) and client-side (JavaScript):\u003C\u002Fp>\n\u003Cp>PHP:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>\u002F\u002Fcheck if a specific service has consent\nif ( wp_has_service_consent( 'google-analytics' ) ) {\n    \u002F\u002Factivate google analytics\n}\n\n\u002F\u002Fcheck if a service is explicitly denied\nif ( wp_is_service_denied( 'facebook-pixel' ) ) {\n    \u002F\u002Fservice was explicitly denied by user\n}\n\n\u002F\u002Fset service consent\nwp_set_service_consent( 'google-analytics', true ); \u002F\u002Fgrant consent\nwp_set_service_consent( 'facebook-pixel', false ); \u002F\u002Fdeny consent\n\n\u002F\u002Flisten for service consent changes\nadd_action( 'wp_consent_service_changed', function( $service, $consented ) {\n    error_log( \"Service {$service} consent changed to: \" . ( $consented ? 'granted' : 'denied' ) );\n}, 10, 2 );\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>JavaScript:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>\u002F\u002Fcheck service consent\nif ( wp_has_service_consent( 'youtube' ) ) {\n    \u002F\u002Factivate tracking\n}\n\n\u002F\u002Fcheck if explicitly denied\nif ( wp_is_service_denied( 'facebook-pixel' ) ) {\n    \u002F\u002Fservice denied\n}\n\n\u002F\u002Fset service consent\nwp_set_service_consent( 'youtube', true );\n\n\u002F\u002Flisten for service consent changes\ndocument.addEventListener( 'wp_consent_api_status_change_service', function( e ) {\n    console.log( 'Service: ' + e.detail.service + ', consented: ' + e.detail.value );\n});\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Any code suggestions? We’re on \u003Ca href=\"https:\u002F\u002Fgithub.com\u002FWordPress\u002Fwp-consent-level-api\" rel=\"nofollow ugc\">GitHub\u003C\u002Fa> as well!\u003C\u002Fp>\n","Simple Consent API to read and register the current consent category.",200000,779186,100,2,"2026-03-12T09:27:00.000Z","5.0",[77,78,55,20,21],"api","compliance","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwp-consent-api","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-consent-api.2.0.1.zip",{"slug":82,"name":83,"version":84,"author":85,"author_profile":86,"description":87,"short_description":88,"active_installs":89,"downloaded":90,"rating":72,"num_ratings":91,"last_updated":92,"tested_up_to":93,"requires_at_least":94,"requires_php":52,"tags":95,"homepage":99,"download_link":100,"security_score":72,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":26},"gravatar-enhanced","Gravatar Enhanced – Avatars, Profiles, and Privacy","0.13.0","Automattic","https:\u002F\u002Fprofiles.wordpress.org\u002Fautomattic\u002F","\u003Cp>Elevate your WordPress site with Gravatar Enhanced – the plugin that simplifies digital identity and improves user engagement.\u003C\u002Fp>\n\u003Cp>Seven Ways Gravatar Enhanced Improves WordPress:\u003C\u002Fp>\n\u003Cp>✓ Privacy Protection – Automatic referrer blocking and optional IP address proxy\u003Cbr \u002F>\n✓ Accessibility Improvements – Alt-text for all avatars to support screen readers\u003Cbr \u002F>\n✓ One-Click Profile Updates – Edit Gravatar directly from the WordPress dashboard\u003Cbr \u002F>\n✓ Versatile Profile Block & Patterns – Showcase authors and team members anywhere\u003Cbr \u002F>\n✓ Comment Engagement Tools – Remind users to create avatars for better discussions\u003Cbr \u002F>\n✓ Comment Form Integration – Show Gravatar directly in the comment form\u003Cbr \u002F>\n✓ WooCommerce Integration – Personalized account pages for customers\u003C\u002Fp>\n\u003Ch3>Privacy Protection\u003C\u002Fh3>\n\u003Cp>Just by enabling the plugin, the plugin ensures that no referrer information is sent to Gravatar. The opt-in proxy service also keeps IP addresses from being exposed or logged.\u003C\u002Fp>\n\u003Ch3>Accessibility Improvements\u003C\u002Fh3>\n\u003Cp>All avatars now include alt-text, enhancing the experience for users with screen readers. Alt-text can be edited in the Gravatar Profile editor.\u003C\u002Fp>\n\u003Ch3>One-Click Profile Updates\u003C\u002Fh3>\n\u003Cp>Visit Users > Your Profile to edit your Gravatar profile directly from WordPress. Preview your hovercard and make updates with ease.\u003C\u002Fp>\n\u003Ch3>Gravatar Profile Block & Patterns\u003C\u002Fh3>\n\u003Cp>Enhance your website with our custom Gravatar profile block and patterns. Seamlessly integrate Gravatar profiles into posts, pages, or biographies to elegantly showcase team members, guest contributors, speakers, event attendees, authors, and more.\u003C\u002Fp>\n\u003Ch3>Comment Engagement Tools\u003C\u002Fh3>\n\u003Cp>Automatically remind commenters without avatars to create a Gravatar, increasing visual engagement on your blog.\u003C\u002Fp>\n\u003Ch3>Comment Form Integration\u003C\u002Fh3>\n\u003Cp>When the plugin is enabled we will show a Gravatar profile directly in the comment form, and allow the profile to be updated, so users can feel confident their details are correct, and the site shows richer comments.\u003C\u002Fp>\n\u003Ch3>WooCommerce Integration\u003C\u002Fh3>\n\u003Cp>Enhance your WooCommerce store by displaying user Gravatar avatars on the My Account page. Customers can view and update their avatars directly from their account dashboard, improving personalization and user engagement.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Seamless Integration: Automatically works if WooCommerce is installed and activated.\u003C\u002Fli>\n\u003Cli>Direct Avatar Management: Users can change their Gravatar avatars without leaving your site.\u003C\u002Fli>\n\u003Cli>Improved Personalization: Adds a personal touch to the shopping experience, fostering customer loyalty.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Automatic Installation\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Click ‘Add New Plugin’ from your WordPress plugins page and search for ‘Gravatar Enhanced’\u003C\u002Fli>\n\u003Cli>Press the ‘Install Now’ button\u003C\u002Fli>\n\u003Cli>Activate the plugin\u003C\u002Fli>\n\u003Cli>Go to the “Discussion” Settings page to enable the new features.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>Manual Installation\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Download the plugin from https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fgravatar-enhanced\u002F\u003C\u002Fli>\n\u003Cli>Upload and extract the plugin to your \u003Ccode>\u002Fwp-content\u002Fplugins\u002F\u003C\u002Fcode> directory\u003C\u002Fli>\n\u003Cli>Activate the plugin through the ‘Plugins’ menu in WordPress\u003C\u002Fli>\n\u003Cli>Go to the “Discussion” Settings page to enable the new features.\u003C\u002Fli>\n\u003C\u002Fol>\n","The official Gravatar plugin, featuring privacy-focused settings, easy profile updates, and customizable Gravatar Profile blocks.",90000,31841,3,"2025-10-07T09:31:00.000Z","6.8.5","6.6",[96,19,21,97,98],"avatar","profile","profile-picture","https:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fgravatar-enhanced\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fgravatar-enhanced.0.13.0.zip",{"slug":102,"name":103,"version":104,"author":105,"author_profile":106,"description":107,"short_description":108,"active_installs":109,"downloaded":110,"rating":111,"num_ratings":112,"last_updated":113,"tested_up_to":114,"requires_at_least":115,"requires_php":17,"tags":116,"homepage":118,"download_link":119,"security_score":24,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":26},"cookies-for-comments","Cookies for Comments","0.5.5","Donncha O Caoimh (a11n)","https:\u002F\u002Fprofiles.wordpress.org\u002Fdonncha\u002F","\u003Cp>This plugin adds a stylesheet or image to your blog’s html source code. When a browser loads that stylesheet or image a cookie is dropped. If that user then leaves a comment the cookie is checked. If it doesn’t exist the comment is marked as spam.\u003Cbr \u002F>\nThe plugin can also check how long it took a user to enter a comment. If it’s too fast it’s probably a spam bot. How fast can a legitimate user enter their name, email, web address and enter a well thought out comment?\u003C\u002Fp>\n\u003Cp>For the adventurous, add these lines to your .htaccess and it will block spam attempts before they ever get to WordPress. Replace the Xs with the cookie that was set in your browser after viewing your blog. You can also find the cookie value by examining the page source code and looking for “css.php?k=XXXXXXXXXXXXXXXXXXX”. Make sure the lines go above the standard WordPress rules.\u003C\u002Fp>\n\u003Cpre>\u003Ccode>    RewriteCond %{HTTP_COOKIE} !^.*XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX.*$\n    RewriteRule ^wp-comments-post.php - [F,L]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>If you use WordPress MU, replace wp-comments-post.php above with wp-signup.php to block spam signups.\u003C\u002Fp>\n\u003Cpre>\u003Ccode>    RewriteCond %{HTTP_COOKIE} !^.*XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX.*$\n    RewriteRule ^wp-signup.php - [F,L]\n\u003C\u002Fcode>\u003C\u002Fpre>\n","Sets a cookie on a random URL that is then checked when a comment is posted. If the cookie is missing the comment is marked as spam.",20000,106867,98,18,"2019-06-04T16:47:00.000Z","5.2.24","3.1",[19,20,117],"spam","http:\u002F\u002Focaoimh.ie\u002Fcookies-for-comments\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcookies-for-comments.0.5.5.zip",{"slug":121,"name":122,"version":123,"author":124,"author_profile":125,"description":126,"short_description":127,"active_installs":128,"downloaded":129,"rating":72,"num_ratings":130,"last_updated":131,"tested_up_to":132,"requires_at_least":133,"requires_php":134,"tags":135,"homepage":139,"download_link":140,"security_score":141,"vuln_count":13,"unpatched_count":13,"last_vuln_date":25,"fetched_at":26},"wp-comment-policy-checkbox","WP Comment Policy Checkbox","0.4.1","fcojgodoy","https:\u002F\u002Fprofiles.wordpress.org\u002Ffcojgodoy\u002F","\u003Cp>Add a checkbox to the comment forms so that the user can give consent to the web’s privacy policy. And save this consent in the database.\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Add a required privacy policy checkbox to the default WordPress comment forms, with a link to you privacy policy page.\u003C\u002Fli>\n\u003Cli>Allow display a customized text before the checkbox.\u003C\u002Fli>\n\u003Cli>Allow an external link as a page of the privacy policy.\u003C\u002Fli>\n\u003Cli>Allow open privacy policy link in the same tab or in a new one.\u003C\u002Fli>\n\u003Cli>Allow HTML link types attribute in the policy page link, for SEO reasons (nofollow, external…).\u003C\u002Fli>\n\u003Cli>The consent is stored in the database, in \u003Ccode>wp_commentmeta\u003C\u002Fcode> table with the metakey \u003Ccode>wpcpc_private_policy_accepted\u003C\u002Fcode>, and the commentator’s email as value.\u003C\u002Fli>\n\u003Cli>The consent is exported by WordPress’s Export Personal Data function.\u003C\u002Fli>\n\u003Cli>The consent is erased by WordPress’s Erase Personal Data function.\u003C\u002Fli>\n\u003Cli>Compatible with UnderStrap and themes that set is own fields on comment form.\u003C\u002Fli>\n\u003Cli>Compatible with Webmention (thank to @danielp6).\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Use\u003C\u002Fh4>\n\u003Cp>You can configure the plugin in the Discussion Settings on your WordPress administration.\u003C\u002Fp>\n\u003Ch4>Theme compatibility\u003C\u002Fh4>\n\u003Cp>The plugin only works if the theme uses the native WordPress function for comment forms.\u003Cbr \u002F>\nAlso, the plugin creates a concrete HTML structure to print the checkbox. Not in all theme will be displayed correctly. In that case, you could use the ‘Additional CSS’ box in the Customize of your theme.\u003C\u002Fp>\n\u003Ch4>Contributing\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Active development of this plugin is handled on \u003Ca href=\"https:\u002F\u002Fgitlab.com\u002Ffcojgodoy\u002Fwp-comment-policy-checkbox\" rel=\"nofollow ugc\">GitLab\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Translation of the plugin into different languages is on \u003Ca href=\"https:\u002F\u002Ftranslate.wordpress.org\u002Fprojects\u002Fwp-plugins\u002Fwp-comment-policy-checkbox\" rel=\"nofollow ugc\">the translation page\u003C\u002Fa>.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Donation\u003C\u002Fh4>\n\u003Cp>If you enjoy using this plugin and find it useful, please consider making a donation in \u003Ca href=\"https:\u002F\u002Fwww.paypal.com\u002Fcgi-bin\u002Fwebscr?cmd=_s-xclick&hosted_button_id=C7M43R6RDXRBG\" rel=\"nofollow ugc\">PayPal\u003C\u002Fa>.\u003Cbr \u002F>\nThank you!\u003C\u002Fp>\n","Add a checkbox and custom text to the comment forms so that the user can be informed and give consent to the web's privacy policy.",6000,53106,14,"2024-07-06T10:11:00.000Z","6.5.8","3.0.2","5.4",[136,19,137,56,138],"checkbox","customized-text","privacy-policy","https:\u002F\u002Fgithub.com\u002Ffcojgodoy\u002Fwp-comment-policy-checkbox","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-comment-policy-checkbox.zip",92,{"attackSurface":143,"codeSignals":158,"taintFlows":170,"riskAssessment":200,"analyzedAt":212},{"hooks":144,"ajaxHandlers":154,"restRoutes":155,"shortcodes":156,"cronEvents":157,"entryPointCount":13,"unprotectedCount":13},[145,151],{"type":146,"name":147,"callback":148,"file":149,"line":150},"action","plugins_loaded","anonymous","forget-user-info.php",16,{"type":146,"name":152,"callback":148,"file":149,"line":153},"init",39,[],[],[],[],{"dangerousFunctions":159,"sqlUsage":165,"outputEscaping":167,"fileOperations":13,"externalRequests":13,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":169},[160,163],{"fn":161,"file":149,"line":150,"context":162},"create_function","add_action( 'plugins_loaded', create_function( '', 'wp_redirect( remove_query_arg( \"forget_user_info",{"fn":161,"file":149,"line":153,"context":164},"add_action( 'init', create_function( '', \"if ( !is_user_logged_in() ) add_action( 'comment_form', 'c",{"prepared":13,"raw":13,"locations":166},[],{"escaped":73,"rawEcho":13,"locations":168},[],[],[171,191],{"entryPoint":172,"graph":173,"unsanitizedCount":189,"severity":190},"cws_fui_print_fui_link (forget-user-info.php:23)",{"nodes":174,"edges":186},[175,180],{"id":176,"type":177,"label":178,"file":149,"line":179},"n0","source","$_COOKIE",34,{"id":181,"type":182,"label":183,"file":149,"line":184,"wp_function":185},"n1","sink","echo() [XSS]",36,"echo",[187],{"from":176,"to":181,"sanitized":188},false,1,"medium",{"entryPoint":192,"graph":193,"unsanitizedCount":189,"severity":199},"\u003Cforget-user-info> (forget-user-info.php:0)",{"nodes":194,"edges":197},[195,196],{"id":176,"type":177,"label":178,"file":149,"line":179},{"id":181,"type":182,"label":183,"file":149,"line":184,"wp_function":185},[198],{"from":176,"to":181,"sanitized":188},"low",{"summary":201,"deductions":202},"The \"forget-user-info\" v0.2 plugin presents a mixed security profile. On the positive side, it demonstrates excellent practices regarding data handling, with all SQL queries utilizing prepared statements and all output being properly escaped. The absence of file operations and external HTTP requests further reduces the attack surface. Its vulnerability history is also clean, with no recorded CVEs, suggesting a historically stable codebase.\n\nHowever, the static analysis reveals significant concerns. The presence of the `create_function` function, a deprecated and potentially dangerous construct, is a red flag. Furthermore, the taint analysis indicates that while no critical or high severity vulnerabilities were found, there are two flows with unsanitized paths. This, combined with a complete lack of nonce and capability checks, means that even if no direct vulnerabilities are immediately apparent, the plugin is highly susceptible to various injection attacks or unauthorized access if an attack vector is found that leverages these unsanitized paths. The zero attack surface from direct WordPress entry points (AJAX, REST API, shortcodes, cron) is a strength, but the underlying code signals and taint analysis are cause for caution.",[203,205,207,210],{"reason":204,"points":11},"Dangerous function create_function used",{"reason":206,"points":11},"Flows with unsanitized paths detected",{"reason":208,"points":209},"No nonce checks present",7,{"reason":211,"points":209},"No capability checks present","2026-03-17T00:48:45.349Z",{"wat":214,"direct":219},{"assetPaths":215,"generatorPatterns":216,"scriptPaths":217,"versionParams":218},[],[],[],[],{"cssClasses":220,"htmlComments":221,"htmlAttributes":222,"restEndpoints":223,"jsGlobals":224,"shortcodeOutput":225},[],[],[],[],[],[226,227,228],"\u003Cp>Not \u003Cstrong>","\u003C\u002Fstrong>?  Click \u003Ca href=\"","\">here\u003C\u002Fa> to clear this info.\u003C\u002Fp>"]