WP Goal Tracker – Goal Tracking for Plausible Analytics Security & Risk Analysis
wordpress.org/plugins/goal-trackerWP Goal Tracker - Goal Tracking for Plausible Analytics
Is WP Goal Tracker – Goal Tracking for Plausible Analytics Safe to Use in 2026?
Generally Safe
Score 85/100WP Goal Tracker – Goal Tracking for Plausible Analytics has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.
Based on the static analysis, the "goal-tracker" plugin v1.0.1 exhibits a strong security posture with no identified entry points that are unprotected. The absence of dangerous functions, raw SQL queries, file operations, and external HTTP requests is highly commendable. The plugin also demonstrates good practices by utilizing capability checks and ensuring that all SQL queries are prepared.
However, a notable concern is the relatively low percentage of properly escaped outputs (57%). This indicates a potential for cross-site scripting (XSS) vulnerabilities if user-supplied data is not handled carefully before being displayed. The lack of any identified taint flows is positive, suggesting that the existing code pathways do not appear to be immediately vulnerable to injection attacks.
The vulnerability history being completely clean (0 CVEs) suggests a history of secure development or diligent patching. Overall, the plugin has several strengths, particularly in its limited attack surface and use of prepared statements. The primary area for improvement lies in ensuring all output is consistently and properly escaped.
Key Concerns
- Unescaped output
WP Goal Tracker – Goal Tracking for Plausible Analytics Security Vulnerabilities
WP Goal Tracker – Goal Tracking for Plausible Analytics Code Analysis
Output Escaping
WP Goal Tracker – Goal Tracking for Plausible Analytics Attack Surface
WordPress Hooks 8
Maintenance & Trust
WP Goal Tracker – Goal Tracking for Plausible Analytics Maintenance & Trust
Maintenance Signals
Community Trust
WP Goal Tracker – Goal Tracking for Plausible Analytics Alternatives
Traking Goals
traking-goals
Description: This plugin allows you to create a goals for Google analytics, and Facebook of predetermined lead type events for telephone links, direc …
WP Google Analytics Events – No-Code Custom Event Tracking for Google Analytics
wp-google-analytics-events
Track Google Analytics Events on your website - Enables you to send an event when a user Scrolls or Click an element on your website.
Goal Tracker – Custom Event Tracking for GA4
goal-tracker-ga
Goal Tracker - Custom Events Tracking for Google Analytics 4
WP Scroll Depth
wp-scroll-depth
Add user scrolling events to your Google Analytics simply by installing this plugin.
Fathom Analytics Conversions
fathom-analytics-conversions
Easily add conversions in WordPress plugins to Fathom Analytics
WP Goal Tracker – Goal Tracking for Plausible Analytics Developer Profile
3 plugins · 8K total installs
How We Detect WP Goal Tracker – Goal Tracking for Plausible Analytics
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
/wp-content/plugins/goal-tracker/admin/css/wp-goal-tracker-admin.css/wp-content/plugins/goal-tracker/admin/js/wp-goal-tracker-admin.js/wp-content/plugins/goal-tracker/public/css/wp-goal-tracker-public.css/wp-content/plugins/goal-tracker/public/js/wp-goal-tracker-public.js/wp-content/plugins/goal-tracker/admin/js/wp-goal-tracker-admin.js/wp-content/plugins/goal-tracker/public/js/wp-goal-tracker-public.jswp-goal-tracker/admin/css/wp-goal-tracker-admin.css?ver=wp-goal-tracker/admin/js/wp-goal-tracker-admin.js?ver=wp-goal-tracker/public/css/wp-goal-tracker-public.css?ver=wp-goal-tracker/public/js/wp-goal-tracker-public.js?ver=HTML / DOM Fingerprints
id="wp-goal-tracker"/wp-json/wp-goal-tracker-setting-api/v1/