Does Tag Pilot FREE – Google Tag Manager Integration for WooCommerce have any unpatched vulnerabilities?

No. All known vulnerabilities in Tag Pilot FREE – Google Tag Manager Integration for WooCommerce have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Tag Pilot FREE – Google Tag Manager Integration for WooCommerce compatible with WordPress 6.9.4?

According to WordPress.org data, Tag Pilot FREE – Google Tag Manager Integration for WooCommerce 1.13.1 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Tag Pilot FREE – Google Tag Manager Integration for WooCommerce Security & Risk Analysis

wordpress.org/plugins/gtm-ecommerce-woo

Complete GTM plugin for WooCommerce (Consent Mode v2 and Server-Side). Ready for GA4 and FB Pixel. Product feed for Google Merchant Center.

2K active installs v1.13.1 PHP 7.0+ WP 5.1.0+ Updated Dec 2, 2025

consent-modefacebook-pixelga4google-tag-managerwoocommerce

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Tag Pilot FREE – Google Tag Manager Integration for WooCommerce Safe to Use in 2026?

Generally Safe

Score 100/100

Tag Pilot FREE – Google Tag Manager Integration for WooCommerce has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 4mo ago

Risk Assessment

The gtm-ecommerce-woo plugin v1.13.1 exhibits a mixed security posture. While it demonstrates good practices like the exclusive use of prepared statements for SQL queries and a low percentage of unescaped outputs, significant concerns arise from its attack surface. All identified entry points, including AJAX handlers and REST API routes, lack proper authentication or permission checks, presenting a substantial risk for unauthorized access and manipulation.

Key Concerns

4 unprotected entry points (AJAX/REST API)
3 AJAX handlers without auth checks
1 REST API route without permission callbacks
2 unsanitized path taint flows
0 nonce checks

Vulnerabilities

None known

Tag Pilot FREE – Google Tag Manager Integration for WooCommerce Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Tag Pilot FREE – Google Tag Manager Integration for WooCommerce Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

57 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

73% escaped78 total outputs

Data Flows

2 unsanitized

Data Flow Analysis

2 flows2 with unsanitized paths

ajaxPostPresets (src\Service\SettingsService.php:111)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

4 unprotected

Tag Pilot FREE – Google Tag Manager Integration for WooCommerce Attack Surface

Entry Points4

Unprotected4

AJAX Handlers 3

authwp_ajax_gtm_ecommerce_woo_dismiss_feedbacksrc\Service\PluginService.php:47

authwp_ajax_gtm_ecommerce_woo_dismiss_feedbacksrc\Service\PluginService.php:59

authwp_ajax_gtm_ecommerce_woo_post_presetsrc\Service\SettingsService.php:108

REST API Routes 1

POST/wp-json/gtm-ecommerce-woo/v1/diagnosticssrc\Service\OrderMonitorService.php:58

WordPress Hooks 30

actionbefore_woocommerce_initgtm-ecommerce-woo.php:28

actionplugins_loadedgtm-ecommerce-woo.php:35

actionwp_footersrc\Service\EventInspectorService.php:38

actionwp_headsrc\Service\GtmSnippetService.php:31

actionwp_body_opensrc\Service\GtmSnippetService.php:35

actionrest_api_initsrc\Service\OrderMonitorService.php:55

actionwp_footersrc\Service\OrderMonitorService.php:70

actionwoocommerce_checkout_order_createdsrc\Service\OrderMonitorService.php:75

actionwoocommerce_store_api_checkout_update_order_metasrc\Service\OrderMonitorService.php:80

actionwoocommerce_thankyousrc\Service\OrderMonitorService.php:85

filterwoocommerce_shop_order_list_table_columnssrc\Service\OrderMonitorService.php:91

actionwoocommerce_shop_order_list_table_custom_columnsrc\Service\OrderMonitorService.php:92

filtermanage_edit-shop_order_columnssrc\Service\OrderMonitorService.php:94

actionmanage_shop_order_posts_custom_columnsrc\Service\OrderMonitorService.php:95

actionadd_meta_boxessrc\Service\OrderMonitorService.php:98

filteris_protected_metasrc\Service\OrderMonitorService.php:99

actionadmin_noticessrc\Service\PluginService.php:42

actionadmin_noticessrc\Service\PluginService.php:45

actionadmin_enqueue_scriptssrc\Service\PluginService.php:46

actionadmin_noticessrc\Service\PluginService.php:57

actionadmin_enqueue_scriptssrc\Service\PluginService.php:58

filterfacebook_for_woocommerce_integration_pixel_enabledsrc\Service\PluginService.php:67

filtercron_schedulessrc\Service\ProductFeedService.php:41

actionadmin_initsrc\Service\SettingsService.php:105

actionadmin_menusrc\Service\SettingsService.php:106

actionadmin_enqueue_scriptssrc\Service\SettingsService.php:107

actionwp_footersrc\Util\WcOutputUtil.php:15

actionwp_enqueue_scriptssrc\Util\WcOutputUtil.php:16

actionwp_enqueue_scriptssrc\Util\WcOutputUtil.php:17

filtersafe_style_csssrc\Util\WcOutputUtil.php:18

Maintenance & Trust

Tag Pilot FREE – Google Tag Manager Integration for WooCommerce Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedDec 2, 2025

PHP min version7.0

Downloads109K

Community Trust

Rating100/100

Number of ratings8

Active installs2K

Alternatives

Tag Pilot FREE – Google Tag Manager Integration for WooCommerce Alternatives

GTM Kit – Google Tag Manager & GA4 integration

gtm-kit

Google Tag Manager and GA4 integration. Including WooCommerce data for Google Analytics 4 and support for server side GTM.

30K 1 CVE

Server Side Tracking via GTM for Google Analytics 4, Meta Conversions API & Google Ads

server-side-tagging-via-google-tag-manager-for-wordpress

100

Fix missing WooCommerce conversions using server-side GTM tracking. Improve GA4, Google Ads & Meta Conversions API accuracy.

20 No CVEs

Lean GA4 Tracker

lean-ga4-tracker

100

Lightweight Google Analytics 4 (GA4) plugin for WordPress with WooCommerce tracking, Consent Mode, and Google Tag Manager support.

0 No CVEs

TrackSharp: Server-Side GA4 Tracking + Attribution Audit for WooCommerce

tracksharp

100

Secure server-side GA4 tracking for WooCommerce + a built-in Audit Dashboard to detect Google Ads & Meta attribution risks.

0 No CVEs

PixelYourSite – Your smart PIXEL (TAG) & API Manager

pixelyoursite

Add Meta Pixel with Conversion API, Google Analytics (GA4) + Consent Mode, Google Tag Manager, and Head & Footer scripts.

500K 11 CVEs

Developer Profile

Tag Pilot FREE – Google Tag Manager Integration for WooCommerce Developer Profile

Tag Concierge

4 plugins · 2K total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Tag Pilot FREE – Google Tag Manager Integration for WooCommerce

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/gtm-ecommerce-woo/assets/admin-feedback.js

Version Parameters

gtm-ecommerce-woo/assets/admin-feedback.js?ver=

HTML / DOM Fingerprints

CSS Classes

gtm-ecommerce-woo-feedback

Data Attributes

data-gtm-ecommerce-woo-feedback

FAQ