[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fpfQfF_Iw-Yp-Dn6vRhtQva62_ka8dDhSeH1zoFYE-P4":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":23,"download_link":24,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27,"vulnerabilities":28,"developer":29,"crawl_stats":26,"alternatives":36,"analysis":142,"fingerprints":282},"gtmpluswp","GTM+ WordPress","1.0.1","Mark-k","https:\u002F\u002Fprofiles.wordpress.org\u002Fmark-k\u002F","\u003Cp>Do not worry about the implementation of the Google Tag Manager Code anymore! Simply login via your Google Account and install GTM on your WordPres Website under a minute.\u003C\u002Fp>\n\u003Ch3>Latest News & Updates\u003C\u002Fh3>\n\u003Cp>Head over to https:\u002F\u002Fgtmpluswp.com\u002F and sign up for our newsletter in order to receive news about new features and updates\u003C\u002Fp>\n\u003Cp>develop a digital marketing plan to help you grow your business & happy client base.\u003C\u002Fp>\n","This plugin easily places the Google Tag Manager container code onto your WordPress website, so you do not have to worry about a manual installation.",40,2122,0,"2019-08-01T05:42:00.000Z","5.3.21","4.3.0","5.4",[19,20,21,22],"google-tag-manager","gtm","tag-container","tag-management","","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fgtmpluswp.1.0.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":30,"display_name":7,"profile_url":8,"plugin_count":31,"total_installs":32,"avg_security_score":33,"avg_patch_time_days":34,"trust_score":25,"computed_at":35},"mark-k",7,1590,87,30,"2026-04-04T13:22:54.580Z",[37,62,85,106,125],{"slug":38,"name":39,"version":40,"author":41,"author_profile":42,"description":43,"short_description":44,"active_installs":45,"downloaded":46,"rating":47,"num_ratings":48,"last_updated":49,"tested_up_to":50,"requires_at_least":51,"requires_php":52,"tags":53,"homepage":57,"download_link":58,"security_score":59,"vuln_count":60,"unpatched_count":13,"last_vuln_date":61,"fetched_at":27},"duracelltomi-google-tag-manager","GTM4WP – A Google Tag Manager (GTM) plugin for WordPress","1.22.3","Thomas Geiger","https:\u002F\u002Fprofiles.wordpress.org\u002Fduracelltomi\u002F","\u003Cp>Google Tag Manager (GTM) is Google’s free tool for everyone to manage and deploy analytics and marketing tags as well as other code snippets\u003Cbr \u002F>\nusing an intuitive web UI. To learn more about this tool, visit the \u003Ca href=\"https:\u002F\u002Fmarketingplatform.google.com\u002Fabout\u002Ftag-manager\u002F\" rel=\"nofollow ugc\">official website\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>This plugin places the GTM container code snippets onto your WordPress website so that you do not need to add it manually.\u003Cbr \u002F>\nMultiple containers are also supported!\u003C\u002Fp>\n\u003Cp>The plugin complements your GTM setup by pushing page meta data and user information into the so called data layer.\u003Cbr \u002F>\nGoogle’s official help pages includes \u003Ca href=\"https:\u002F\u002Fdevelopers.google.com\u002Ftag-platform\u002Ftag-manager\u002Fdatalayer#datalayer\" rel=\"nofollow ugc\">more details about the data layer\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>PHP 7.4 is required to use this plugin.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Ch4>GTM container code placement\u003C\u002Fh4>\n\u003Cp>The original GTM container code is divided into two parts:\u003C\u002Fp>\n\u003Cp>The first part is a javascript code snippet that is added to the \u003Ccode>\u003Chead>\u003C\u002Fcode> section of every page of the website.\u003Cbr \u002F>\nThis part is critical to enable all features of GTM, and this plugin helps to place this part\u003Cbr \u002F>\ncorrectly on your site.\u003C\u002Fp>\n\u003Cp>The second part is an iframe snippet that acts as a failsafe\u002Ffallback should users’ JavaScript be disabled.\u003Cbr \u002F>\nGoogle recommends – for best performance – to place this code snippet directly after the opening \u003Ccode>\u003Cbody>\u003C\u002Fcode> tag on each page.\u003C\u002Fp>\n\u003Cp>Albeit not ideal, it will work when placed lower in the code. This plugin provides a code placement option for the second code snippet.\u003C\u002Fp>\n\u003Cp>If your WordPress theme is compatible with the additions of WordPress 5.2 then this plugin will place this second code to the right place.\u003Cbr \u002F>\nUsers of the Genisis theme, GeneratePress theme, Elementor, Oxygen Builder and Beaver Builder Theme will also have this placed correctly.\u003Cbr \u002F>\nTo utilize this, set the compatibility mode in plugin options to off.\u003C\u002Fp>\n\u003Cp>All other users can place this second code snippet using a custom PHP code (“Manually coded” option) or select the so called “Footer” option to\u003Cbr \u002F>\nadd the code lower in the code (it is not the recommended way but will work)\u003C\u002Fp>\n\u003Ch4>Basic data included\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>post\u002Fpage titles\u003C\u002Fli>\n\u003Cli>post\u002Fpage dates\u003C\u002Fli>\n\u003Cli>post\u002Fpage category names\u003C\u002Fli>\n\u003Cli>post\u002Fpage tag names\u003C\u002Fli>\n\u003Cli>post\u002Fpage author ID and name\u003C\u002Fli>\n\u003Cli>post\u002Fpage ID\u003C\u002Fli>\n\u003Cli>post types\u003C\u002Fli>\n\u003Cli>post format\u003C\u002Fli>\n\u003Cli>post count on the current page + in the current category\u002Ftag\u002Ftaxonomy\u003C\u002Fli>\n\u003Cli>custom terms associated with any post type\u003C\u002Fli>\n\u003Cli>logged in status\u003C\u002Fli>\n\u003Cli>logged in user role\u003C\u002Fli>\n\u003Cli>logged in user ID (to track cross device behaviour in Google Analytics)\u003C\u002Fli>\n\u003Cli>logged in user email address (both unhashed and SHA256 hased values to be used with tracking)\u003C\u002Fli>\n\u003Cli>logger in user creation date\u003C\u002Fli>\n\u003Cli>site search data\u003C\u002Fli>\n\u003Cli>site name and id (for WordPress multisite instances)\u003C\u002Fli>\n\u003Cli>IP address of the visitor (please use the explicit consent of the visitor to utilize this)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Browser \u002F OS \u002F Device data\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>browser data (name, version, engine)\u003C\u002Fli>\n\u003Cli>OS data (name, version)\u003C\u002Fli>\n\u003Cli>device data (type, manufacturer, model)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Data is provided using the WhichBrowser library: http:\u002F\u002Fwhichbrowser.net\u002F\u003C\u002Fp>\n\u003Ch4>Weather data\u003C\u002Fh4>\n\u003Cp>(beta)\u003C\u002Fp>\n\u003Cp>Push data about users’ current weather conditions into the dataLayer. This can be used to generate weather-related\u003Cbr \u002F>\naudience\u002Fremarketing lists on ad platforms and allows for user segmentation in your web analytics solutions:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>weather category (clouds, rain, snow, etc.)\u003C\u002Fli>\n\u003Cli>weather description: more detailed data\u003C\u002Fli>\n\u003Cli>temperature in Celsius or Fahrenheit\u003C\u002Fli>\n\u003Cli>air pressure\u003C\u002Fli>\n\u003Cli>wind speed and degrees\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Weather data is queried from Open Weather Map. Depending on your websites traffic, additional fees may apply:\u003Cbr \u002F>\nhttp:\u002F\u002Fopenweathermap.org\u002Fprice\u003C\u002Fp>\n\u003Cp>An (free) API key from OpenWeatherMap is required for this feature to work.\u003C\u002Fp>\n\u003Cp>ipstack.com is used to determine the site visitor’s location. A (free) API key from IPStack.com is required for this feature to work:\u003Cbr \u002F>\nhttps:\u002F\u002Fipstack.com\u002Fproduct\u003C\u002Fp>\n\u003Ch4>Media player events\u003C\u002Fh4>\n\u003Cp>(experimental)\u003C\u002Fp>\n\u003Cp>Track users’ interaction with any embedded media:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>YouTube\u003C\u002Fli>\n\u003Cli>Vimeo\u003C\u002Fli>\n\u003Cli>Soundcloud\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>DataLayer events can be chosen to fire upon media player load, media is being played, paused\u002Fstopped and optionally when\u003Cbr \u002F>\nthe user reaches 10, 20, 30, …, 90, 100% of the media duration.\u003C\u002Fp>\n\u003Cp>Tracking is supported for embedded media using the built-in oEmbed feature of WordPress as well as most other media plugins\u003Cbr \u002F>\nand copy\u002Fpasted codes. Players injected into the website after page load are not currently supported.\u003C\u002Fp>\n\u003Ch4>Scroll tracking\u003C\u002Fh4>\n\u003Cp>Fire tags based on how the visitor scrolls from the top to the bottom of a page.\u003Cbr \u002F>\nAn example would be to separate “readers” (who spend a specified amount of time on a page) from “scrollers”\u003Cbr \u002F>\n(who only scroll through within seconds). You can use these events to fire Analytics tags and\u002For remarketing\u002Fconversion tags\u003Cbr \u002F>\n(for micro conversions).\u003C\u002Fp>\n\u003Cp>Scroll tracking is based on the solution originally created by\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Nick Mihailovski\u003C\u002Fli>\n\u003Cli>Thomas Baekdal\u003C\u002Fli>\n\u003Cli>Avinash Kaushik\u003C\u002Fli>\n\u003Cli>Joost de Valk\u003C\u002Fli>\n\u003Cli>Eivind Savio\u003C\u002Fli>\n\u003Cli>Justin Cutroni\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Original script:\u003Cbr \u002F>\nhttp:\u002F\u002Fcutroni.com\u002Fblog\u002F2012\u002F02\u002F21\u002Fadvanced-content-tracking-with-google-analytics-part-1\u002F\u003C\u002Fp>\n\u003Ch4>Blacklist & Whitelist Tag Manager tags, triggers and variables\u003C\u002Fh4>\n\u003Cp>To increase website security, you have the option to white- and blacklist tags\u002Ftriggers\u002Fvariables.\u003Cbr \u002F>\nYou can prevent specific tags from firing or the use of certain variable types regardless of your GTM setup.\u003C\u002Fp>\n\u003Cp>If the Google account associated with your GTM account is being hacked, an attacker could easily\u003Cbr \u002F>\nexecute malware on your website without accessing its code on your hosting server. By blacklisting custom HTML tags\u003Cbr \u002F>\nand\u002For custom JavaScript variables you can secure the Tag Manager container.\u003C\u002Fp>\n\u003Ch4>Integration\u003C\u002Fh4>\n\u003Cp>Google Tag Manager for WordPress integrates with several popular plugins. More integration to come!\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Contact Form 7: fire an event when a Contact Form 7 form was submitted with any result (mail sent, mail failed, spam detected, invalid input)\u003C\u002Fli>\n\u003Cli>WooCommerce:\n\u003Cul>\n\u003Cli>Implementation of \u003Ca href=\"https:\u002F\u002Fdevelopers.google.com\u002Ftag-manager\u002Fecommerce-ga4\" rel=\"nofollow ugc\">GA4 E-commerce\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Does not support promotions since WooCommerce does not have such a feature (yet)\u003C\u002Fli>\n\u003Cli>Does not support refunds\u003C\u002Fli>\n\u003Cli>Compatibility with High Performance Order Storage (HPOS)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>AMP: load your AMP container on the AMP version of your pages\u003C\u002Fli>\n\u003Cli>Cookiebot: use automatic cookie blocking mode if needed\u003C\u002Fli>\n\u003Cli>Google Consent Mode v2: fire the “default” command with specific consent flags to integrat with non-certified Consent Management Platforms (CMPs) and plugins.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Server side containers\u003C\u002Fh4>\n\u003Cp>If you are using a \u003Ca href=\"https:\u002F\u002Fdevelopers.google.com\u002Ftag-manager\u002Fserverside\u002Fsend-data#update_the_gtmjs_source_domain\" rel=\"nofollow ugc\">server side container\u003C\u002Fa>\u003Cbr \u002F>\nyou can enter your custom domain name and custom path to load gtm.js from your there.\u003C\u002Fp>\n\u003Ch4>Exclude specific user roles from being tracked\u003C\u002Fh4>\n\u003Cp>You can set which user roles needs to be excluded from tracking when a user with that role visits the frontend. This will completely disable the container code for that user.\u003C\u002Fp>\n","Advanced tag management for WordPress with Google Tag Manager",700000,13906369,90,154,"2025-12-15T14:45:00.000Z","6.9.4","3.4.0","7.4",[54,55,19,20,56],"google-ads","google-analytics","tag-manager","https:\u002F\u002Fgtm4wp.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fduracelltomi-google-tag-manager.1.22.3.zip",98,3,"2022-05-31 00:00:00",{"slug":63,"name":64,"version":65,"author":66,"author_profile":67,"description":68,"short_description":69,"active_installs":70,"downloaded":71,"rating":72,"num_ratings":73,"last_updated":74,"tested_up_to":50,"requires_at_least":75,"requires_php":52,"tags":76,"homepage":80,"download_link":81,"security_score":82,"vuln_count":83,"unpatched_count":13,"last_vuln_date":84,"fetched_at":27},"gtm-kit","GTM Kit – Google Tag Manager & GA4 integration","2.8.2","TLA Media","https:\u002F\u002Fprofiles.wordpress.org\u002Ftlamedia\u002F","\u003Cp>GTM Kit puts the Google Tag Manager container code on your website so that you don’t need to touch any code. It also pushes data from WooCommerce, Easy Digital Downloads (EDD) and Contact Form 7 to the data layer for use with for Google Analytics 4, Facebook and other GTM tags.\u003C\u002Fp>\n\u003Cp>The goal of GTM Kit is to provide a flexible tool for generating the data layer for Google Tag Manager. It is easy to use and doesn’t require any coding, but it allows developers to customize the plugin as needed.\u003C\u002Fp>\n\u003Ch3>eCommerce events tracked with Google Analytics 4\u003C\u002Fh3>\n\u003Cp>The following GA4 events are automatically included in the dataLayer:\u003C\u002Fp>\n\u003Ch3>WooCommerce\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>view_item_list\u003C\u002Fli>\n\u003Cli>select_item\u003C\u002Fli>\n\u003Cli>view_item\u003C\u002Fli>\n\u003Cli>add_to_wishlist \u003Cstrong>[Premium]\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>add_to_cart\u003C\u002Fli>\n\u003Cli>view_cart\u003C\u002Fli>\n\u003Cli>remove_from_cart\u003C\u002Fli>\n\u003Cli>begin_checkout\u003C\u002Fli>\n\u003Cli>add_shipping_info\u003C\u002Fli>\n\u003Cli>add_payment_info\u003C\u002Fli>\n\u003Cli>purchase\u003C\u002Fli>\n\u003Cli>refund \u003Cstrong>[Premium]\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>order_paid \u003Cstrong>[Premium]\u003C\u002Fstrong>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Unlock all features with \u003Ca href=\"https:\u002F\u002Fwoocommerce.com\u002Fproducts\u002Fgtm-kit-woo-add-on\u002F\" rel=\"nofollow ugc\">GTM Kit Woo Add-On\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>Easy Digital Downloads\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>view_item\u003C\u002Fli>\n\u003Cli>add_to_cart\u003C\u002Fli>\n\u003Cli>begin_checkout\u003C\u002Fli>\n\u003Cli>purchase\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Flexible container implementation\u003C\u002Fh3>\n\u003Cp>Depending on how you use Google Tag Manager you can delay the loading of the container script until the browser is idle. This may be relevant to you be if are focusing on pagespeed.\u003C\u002Fp>\n\u003Cp>You may enter a custom domain name if you are using a custom server side GTM (sGTM) container for tracking. It’s also possible to specify a custom loader. GTM Kit has full support for Stape server GTM hosting.\u003C\u002Fp>\n\u003Ch3>Post data\u003C\u002Fh3>\n\u003Cp>You may specify which post data elements you wish to include in the dataLayer for use in Google Tag Manager.\u003Cbr \u002F>\n– Post type: include the type of the current post or archive page.\u003Cbr \u002F>\n– Page type: include a defined page type. I.e. post, page, product, category, cart, checkout etc.\u003Cbr \u002F>\n– Categories: include the categories of the current post or archive page.\u003Cbr \u002F>\n– Tags: include the tags of the current post or archive page.\u003Cbr \u002F>\n– Post title: include the post title of the current post.\u003Cbr \u002F>\n– Post ID: include the Post ID of the current post.\u003Cbr \u002F>\n– Post date: include the post date.\u003Cbr \u002F>\n– Post author name: include the post author name.\u003Cbr \u002F>\n– Post author ID: include the post author ID.\u003C\u002Fp>\n","Google Tag Manager and GA4 integration. Including WooCommerce data for Google Analytics 4 and support for server side GTM.",30000,529394,96,19,"2026-02-17T08:28:00.000Z","6.7",[77,78,19,20,79],"analytics","ga4","woocommerce","https:\u002F\u002Fgtmkit.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fgtm-kit.2.8.2.zip",99,1,"2025-03-31 00:00:00",{"slug":86,"name":87,"version":88,"author":89,"author_profile":90,"description":91,"short_description":92,"active_installs":93,"downloaded":94,"rating":95,"num_ratings":96,"last_updated":97,"tested_up_to":98,"requires_at_least":99,"requires_php":23,"tags":100,"homepage":102,"download_link":103,"security_score":82,"vuln_count":104,"unpatched_count":13,"last_vuln_date":105,"fetched_at":27},"gtm-server-side","Stape Conversion Tracking","2.1.43","Stape","https:\u002F\u002Fprofiles.wordpress.org\u002Fgtmserver\u002F","\u003Cp>If you are looking for the easiest way to implement server-side tracking on your WordPress website, the GTM Server Side plugin by stape.io is the best solution. It helps to easily modify the gtm script with the tagging server URL, adds a custom loader, and sends data layer events and webhooks.\u003C\u002Fp>\n\u003Cp>GTM Server Side plugin by stape.io features:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Add web Google Tag Manager script on every website page.\u003C\u002Fli>\n\u003Cli>Work with any other WP plugin that inserts gtm script on the website.\u003C\u002Fli>\n\u003Cli>Adds custom loader, which makes Google Tag Manager and Google Analytics tracking invisible to ad blockers and other tracking prevention mechanisms.\u003C\u002Fli>\n\u003Cli>Sends events to GTM server side without any JS library and optimizes page speed.\u003C\u002Fli>\n\u003Cli>Adds e-commerce Data Layer events.\u003C\u002Fli>\n\u003Cli>Adds user data to Data Layer events.\u003C\u002Fli>\n\u003Cli>Sends webhooks.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Benefits of GTM Server Side plugin by stape.io:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Increase cookies lifetime when using a custom domain for server Google Tag Manager container.\u003C\u002Fli>\n\u003Cli>Increases the accuracy of tracking when the custom loader is enabled.\u003C\u002Fli>\n\u003Cli>Simplifies the process of adding GTM script on the website and delivering e-commerce and user data.\u003C\u002Fli>\n\u003C\u002Ful>\n","Google Tag Manager Server Side Integration Made Easy",10000,135973,100,4,"2026-03-05T12:16:00.000Z","6.9.0","5.2.0",[19,101,20,86,56],"google-tag-manager-server-side","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fgtm-server-side\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fgtm-server-side.2.1.43.zip",2,"2024-09-27 00:00:00",{"slug":107,"name":108,"version":109,"author":110,"author_profile":111,"description":112,"short_description":113,"active_installs":93,"downloaded":114,"rating":72,"num_ratings":115,"last_updated":116,"tested_up_to":117,"requires_at_least":118,"requires_php":119,"tags":120,"homepage":122,"download_link":123,"security_score":124,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27},"wk-google-analytics","Google Analytics and Google Tag Manager","1.11.3","WEBKINDER","https:\u002F\u002Fprofiles.wordpress.org\u002Fwebkinder\u002F","\u003Cp>Deploy Google Analytics on your website without having to edit code and without tracking your own visits. You can exclude any logged in user from this and enable tracking solely for them. You can also ignore a device by ticking a box which sets a session cookie.\u003C\u002Fp>\n\u003Cp>You can also enter your Google Tag Manager ID and disable tracking via GTM.\u003C\u002Fp>\n\u003Cp>We would love to hear your \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fwk-google-analytics\u002Freviews\u002F\" rel=\"ugc\">feedback\u003C\u002Fa>. It helps us improve and expand the plugin according to your needs.\u003C\u002Fp>\n\u003Cp>If you have any questions or feature requests, feel free to contact us via support@webkinder.ch.\u003C\u002Fp>\n","Google Analytics or Google Tag Manager for WordPress without tracking your own visits.",434137,20,"2024-07-15T16:01:00.000Z","6.6.5","4.9","7.2",[77,121,55,19,20],"anonymize","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwk-google-analytics\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwk-google-analytics.1.11.3.zip",92,{"slug":126,"name":127,"version":128,"author":129,"author_profile":130,"description":131,"short_description":132,"active_installs":133,"downloaded":134,"rating":95,"num_ratings":60,"last_updated":135,"tested_up_to":136,"requires_at_least":137,"requires_php":23,"tags":138,"homepage":140,"download_link":141,"security_score":95,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27},"wp-global-site-tag","WP Global Site Tag","1.0.7","digitalapps","https:\u002F\u002Fprofiles.wordpress.org\u002Fdigitalapps\u002F","\u003Cp>\u003Ca href=\"https:\u002F\u002Fdigitalapps.com\u002Fwordpress-plugins\u002Fwp-global-site-tag\u002F\" title=\"WP Global Site Tag\" rel=\"nofollow ugc\">Global Site Tag\u003C\u002Fa> (gtag.js) is a new Google Analytics replacement. WP Global Site Tag provides a framework for streamlined web page tagging – giving you better control while making implementation easier. Using gtag.js lets you benefit from the latest tracking features and integrations as they become available. This is the WordPress version.\u003C\u002Fp>\n\u003Cp>To use gtag.js to track your site, install the plugin and activate.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Simple to install and use even your clients can do it\u003C\u002Fli>\n\u003Cli>Configure multiple Google Analytics properties\u003C\u002Fli>\n\u003Cli>Minified version of the code is injected for faster loading times\u003C\u002Fli>\n\u003Cli>Built using WordPress best practices and standards\u003C\u002Fli>\n\u003Cli>Great for marketing agencies and individuals\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Supercharge Your GTM Setup with gtag\u003C\u002Fh3>\n\u003Cp>Wondering if you can make the most of gtag and set up Google Tag Manager (GTM) simultaneously? Heck yeah, you can!\u003C\u002Fp>\n\u003Cp>Setting up GTM with gtag is a breeze. Just swap out that initial GA_TRACKING_ID with your GTM container ID, and you’re good to go. You can still keep the universal analytics tag running smoothly within GTM, all while having gtag in the mix.\u003C\u002Fp>\n\u003Ch3>How to use Global Site Tag\u003C\u002Fh3>\n\u003Cp>To use gtag.js to track your site, install the plugin. Replace GA_TRACKING_ID with the tracking ID of the Google Analytics property you want to send data to.\u003C\u002Fp>\n\u003Ch3>Why use Global Site Tag\u003C\u002Fh3>\n\u003Cp>Global Site Tag streamlines tracking across all Google products, including their measurement, conversion tracking, and remarketing products. Global Site Tag is the new replacement for old Google Analytics script.\u003C\u002Fp>\n\u003Ch3>Difference between Universal Analytics & Global Site Tag\u003C\u002Fh3>\n\u003Cp>There are few differences you need to know before thinking of migrating to Global Site Tag.\u003C\u002Fp>\n\u003Cp>Install:\u003Cbr \u002F>\nUniversal Analytics(analytics.js) is only used for installing Google Analytics, and global tag can be used to install multiple tools like, GA and GTM.\u003C\u002Fp>\n\u003Cp>Tracking:\u003Cbr \u002F>\nUniversal Analytics uses trackers(ga(‘create’, ‘G-XXXXX-Y’, ‘auto’);) to send pageviews to Google Analytics while gtag send pageviews to GA property identified by the GA_Tracking_ID(gtag(‘config’,’GA_Tracking_ID’)).\u003C\u002Fp>\n\u003Cp>Use:\u003Cbr \u002F>\nGlobal Site Tag can be used for conversion tracking and remarketing while universal analytics can’t.\u003C\u002Fp>\n","Global Site Tag (gtag.js) is a new Google Analytics replacement – giving you better control while making implementation easier. Using gtag.",8000,71835,"2025-05-02T02:23:00.000Z","6.8.5","3.0.1",[139,55,19,20],"global-site-tag","https:\u002F\u002Fdigitalapps.com\u002Fwp-global-site-tag\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-global-site-tag.zip",{"attackSurface":143,"codeSignals":181,"taintFlows":220,"riskAssessment":267,"analyzedAt":281},{"hooks":144,"ajaxHandlers":171,"restRoutes":172,"shortcodes":179,"cronEvents":180,"entryPointCount":83,"unprotectedCount":83},[145,150,153,156,159,163,165,168],{"type":146,"name":147,"callback":148,"file":149,"line":34},"action","admin_init","closure","gtm4wordpress.php",{"type":146,"name":151,"callback":148,"file":149,"line":152},"rest_api_init",191,{"type":146,"name":154,"callback":148,"file":149,"line":155},"admin_footer",257,{"type":146,"name":157,"callback":148,"file":149,"line":158},"admin_menu",322,{"type":146,"name":160,"callback":148,"priority":161,"file":149,"line":162},"admin_notices",11,345,{"type":146,"name":160,"callback":148,"priority":161,"file":149,"line":164},394,{"type":146,"name":166,"callback":148,"priority":83,"file":149,"line":167},"wp_head",456,{"type":146,"name":169,"callback":148,"file":149,"line":170},"wp_footer",549,[],[173],{"namespace":174,"route":175,"methods":176,"callback":148,"permissionCallback":26,"file":149,"line":178},"gtm4wp","\u002Faccount_data\u002F",[177],"POST",192,[],[],{"dangerousFunctions":182,"sqlUsage":183,"outputEscaping":185,"fileOperations":104,"externalRequests":13,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":216},[],{"prepared":13,"raw":13,"locations":184},[],{"escaped":186,"rawEcho":187,"locations":188},27,13,[189,192,194,196,198,200,202,204,206,208,210,212,214],{"file":149,"line":190,"context":191},169,"raw output",{"file":149,"line":193,"context":191},209,{"file":149,"line":195,"context":191},241,{"file":149,"line":197,"context":191},245,{"file":149,"line":199,"context":191},251,{"file":149,"line":201,"context":191},263,{"file":149,"line":203,"context":191},303,{"file":149,"line":205,"context":191},305,{"file":149,"line":207,"context":191},313,{"file":149,"line":209,"context":191},315,{"file":149,"line":211,"context":191},384,{"file":149,"line":213,"context":191},531,{"file":149,"line":215,"context":191},551,[217],{"name":218,"version":26,"knownCves":219},"Guzzle",[],[221,240,249],{"entryPoint":222,"graph":223,"unsanitizedCount":83,"severity":239},"input_id (gtm4wordpress.php:222)",{"nodes":224,"edges":236},[225,230],{"id":226,"type":227,"label":228,"file":149,"line":229},"n0","source","$_GET",228,{"id":231,"type":232,"label":233,"file":149,"line":234,"wp_function":235},"n1","sink","echo() [XSS]",262,"echo",[237],{"from":226,"to":231,"sanitized":238},false,"medium",{"entryPoint":241,"graph":242,"unsanitizedCount":83,"severity":239},"admin_page (gtm4wordpress.php:370)",{"nodes":243,"edges":247},[244,246],{"id":226,"type":227,"label":228,"file":149,"line":245},382,{"id":231,"type":232,"label":233,"file":149,"line":211,"wp_function":235},[248],{"from":226,"to":231,"sanitized":238},{"entryPoint":250,"graph":251,"unsanitizedCount":60,"severity":266},"\u003Cgtm4wordpress> (gtm4wordpress.php:0)",{"nodes":252,"edges":263},[253,256,258,261],{"id":226,"type":227,"label":254,"file":149,"line":255},"$_POST",197,{"id":231,"type":232,"label":233,"file":149,"line":257,"wp_function":235},248,{"id":259,"type":227,"label":260,"file":149,"line":229},"n2","$_GET (x2)",{"id":262,"type":232,"label":233,"file":149,"line":234,"wp_function":235},"n3",[264,265],{"from":226,"to":231,"sanitized":238},{"from":259,"to":262,"sanitized":238},"low",{"summary":268,"deductions":269},"The gtmpluswp plugin, version 1.0.1, exhibits a mixed security posture. On the positive side, it demonstrates good practices by utilizing prepared statements for all SQL queries and avoiding external HTTP requests. The absence of known vulnerabilities in its history is also a strong indicator of stable development. However, significant concerns arise from its attack surface and code analysis. The plugin exposes one REST API route without any permission callbacks, creating a direct entry point for potential unauthorized actions. Furthermore, the taint analysis reveals three flows with unsanitized paths, although these are not categorized as critical or high severity. This indicates a potential for unintended data handling if these paths are triggered with malicious input, even if the immediate impact is not severe. The lack of nonce checks and capability checks on the identified entry points exacerbates these risks, as there are no built-in mechanisms to verify user intent or authorization before processing requests.",[270,273,276,279],{"reason":271,"points":272},"Unprotected REST API route",8,{"reason":274,"points":275},"Flows with unsanitized paths",6,{"reason":277,"points":278},"No capability checks",5,{"reason":280,"points":96},"Output escaping not fully implemented","2026-03-16T22:13:32.929Z",{"wat":283,"direct":289},{"assetPaths":284,"generatorPatterns":285,"scriptPaths":286,"versionParams":287},[],[],[],[288],"gtm4wordpress\u002Fgtm4wordpress.php?ver=",{"cssClasses":290,"htmlComments":291,"htmlAttributes":292,"restEndpoints":303,"jsGlobals":305,"shortcodeOutput":307},[],[],[293,294,295,296,297,298,299,300,301,302],"name=\"gtm4wordpress[layer_type]\"","name=\"gtm4wordpress[layer_categories]\"","name=\"gtm4wordpress[layer_tags]\"","name=\"gtm4wordpress[layer_author_id]\"","name=\"gtm4wordpress[layer_author_name]\"","name=\"gtm4wordpress[layer_date]\"","name=\"gtm4wordpress[layer_title]\"","name=\"gtm4wordpress[layer_count]\"","name=\"gtm4wordpress[layer_id]\"","name=\"gtm4wordpress[layer_format]\"",[304],"\u002Fwp-json\u002Fgtm4wp\u002Faccount_data\u002F",[306],"window.gtm4wordpress",[]]