WP-Safety

Opt-Out for Google Analytics (DSGVO / GDPR) Security & Risk Analysis

wordpress.org/plugins/opt-out-for-google-analytics

Allows the user to opt-out of Google Analytics tracking. DSGVO / GDPR.

4K active installs v2.4 PHP 7.0+ WP 3.5+ Updated Jun 6, 2025
analyticsdsgvogdprgoogle-analyticsopt-out
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Opt-Out for Google Analytics (DSGVO / GDPR) Safe to Use in 2026?

Generally Safe

Score 100/100

Opt-Out for Google Analytics (DSGVO / GDPR) has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 10mo ago
Risk Assessment

The plugin 'opt-out-for-google-analytics' v2.4 demonstrates a generally strong security posture. The static analysis reveals a minimal attack surface with no unprotected entry points across AJAX handlers, REST API routes, or shortcodes. Furthermore, the absence of critical or high-severity taint flows and a clean vulnerability history with zero recorded CVEs are positive indicators. The code also shows a good practice of utilizing prepared statements for a majority of its SQL queries and implementing nonce and capability checks, contributing to its resilience against common attack vectors.

However, there are areas for improvement. While the majority of SQL queries use prepared statements, a significant portion (42%) do not, presenting a potential risk for SQL injection vulnerabilities if these queries handle user-supplied data without proper sanitization. Additionally, the report indicates that 22% of output is not properly escaped, which could lead to Cross-Site Scripting (XSS) vulnerabilities, especially if user-generated content is being displayed. The presence of file operations and external HTTP requests, while not inherently problematic, warrants careful review to ensure they are implemented securely and do not introduce vulnerabilities.

In conclusion, the plugin is relatively secure due to its limited attack surface and lack of historical vulnerabilities. The presence of good security practices like prepared statements and checks is commendable. Nevertheless, the unaddressed SQL queries and unescaped output represent the primary security concerns that could be exploited. Addressing these specific areas would significantly enhance the plugin's overall security.

Key Concerns

  • SQL queries not using prepared statements
  • Output not properly escaped
Vulnerabilities
None known

Opt-Out for Google Analytics (DSGVO / GDPR) Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

Opt-Out for Google Analytics (DSGVO / GDPR) Code Analysis

Dangerous Functions
0
Raw SQL Queries
10
14 prepared
Unescaped Output
34
122 escaped
Nonce Checks
4
Capability Checks
6
File Operations
2
External Requests
2
Bundled Libraries
1

Bundled Libraries

TinyMCE

SQL Query Safety

58% prepared24 total queries

Output Escaping

78% escaped156 total outputs
Attack Surface

Opt-Out for Google Analytics (DSGVO / GDPR) Attack Surface

Entry Points2
Unprotected0

Shortcodes 2

[ga_optout] 2.4\inc\public.class.php:24
[ga_optout] inc\public.class.php:24
WordPress Hooks 38
filtercron_schedules2.4\ga-opt-out.php:23
actionwpmu_new_blog2.4\ga-opt-out.php:63
actioninit2.4\ga-opt-out.php:81
actionactivated_plugin2.4\ga-opt-out.php:82
actionadmin_menu2.4\inc\admin.class.php:19
actionadmin_notices2.4\inc\admin.class.php:24
actionadmin_enqueue_scripts2.4\inc\admin.class.php:29
actionsave_post_page2.4\inc\admin.class.php:34
actiongaoo_cronjob2.4\inc\admin.class.php:39
actionwp_dashboard_setup2.4\inc\admin.class.php:44
actionupgrader_process_complete2.4\inc\admin.class.php:49
actionadmin_notices2.4\inc\admin.class.php:54
filterplugin_action_links2.4\inc\admin.class.php:60
actionplugin_row_meta2.4\inc\admin.class.php:65
filtermce_external_plugins2.4\inc\admin.class.php:105
filtermce_buttons2.4\inc\admin.class.php:109
actionwp_head2.4\inc\public.class.php:14
actionwp_enqueue_scripts2.4\inc\public.class.php:19
filterwidget_text2.4\inc\public.class.php:30
filtercron_schedulesga-opt-out.php:23
actionwpmu_new_blogga-opt-out.php:63
actioninitga-opt-out.php:81
actionactivated_pluginga-opt-out.php:82
actionadmin_menuinc\admin.class.php:19
actionadmin_noticesinc\admin.class.php:24
actionadmin_enqueue_scriptsinc\admin.class.php:29
actionsave_post_pageinc\admin.class.php:34
actiongaoo_cronjobinc\admin.class.php:39
actionwp_dashboard_setupinc\admin.class.php:44
actionupgrader_process_completeinc\admin.class.php:49
actionadmin_noticesinc\admin.class.php:54
filterplugin_action_linksinc\admin.class.php:60
actionplugin_row_metainc\admin.class.php:65
filtermce_external_pluginsinc\admin.class.php:105
filtermce_buttonsinc\admin.class.php:109
actionwp_headinc\public.class.php:14
actionwp_enqueue_scriptsinc\public.class.php:19
filterwidget_textinc\public.class.php:30
Maintenance & Trust

Opt-Out for Google Analytics (DSGVO / GDPR) Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5
Last updatedJun 6, 2025
PHP min version7.0
Downloads103K

Community Trust

Rating86/100
Number of ratings6
Active installs4K
Alternatives

Opt-Out for Google Analytics (DSGVO / GDPR) Alternatives

Google Analytics Opt-Out

Google Analytics Opt-Out

google-analytics-opt-out

A
85

Provides opt-out functionality for Google Analytics.

5K 1 CVE
Goolytics – Simple Google Analytics

Goolytics – Simple Google Analytics

goolytics-simple-google-analytics

A
100

A simple Google Analytics solution that works without slowing down your WordPress installation.

4K 1 CVE
etracker analytics

etracker analytics

etracker

A
100

Consent-free, despite ad blockers and tracking prevention: Web analytics, tag and consent manager for best data quality, ad returns and conversions.

1K No CVEs
SV Tracking Manager

SV Tracking Manager

sv-tracking-manager

A
92

SV Tracking Manager allows you to implement tracking scripts on your website - GDPR (DSGVO) compatible with Usercentrics support.

1K No CVEs
Surbma | GDPR Proof Cookie Consent & Notice Bar

Surbma | GDPR Proof Cookie Consent & Notice Bar

surbma-gdpr-proof-google-analytics

A
100

This plugin helps your website to comply with GDPR cookie regulations by asking every visitors to accept or decline cookie tracking.

500 1 CVE
Developer Profile

Opt-Out for Google Analytics (DSGVO / GDPR) Developer Profile

Schweizer Solutions GmbH

1 plugin · 4K total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Opt-Out for Google Analytics (DSGVO / GDPR)

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/opt-out-for-google-analytics/js/gaoo-admin.js/wp-content/plugins/opt-out-for-google-analytics/js/gaoo-public.js/wp-content/plugins/opt-out-for-google-analytics/css/gaoo-admin.css/wp-content/plugins/opt-out-for-google-analytics/css/gaoo-public.css
Script Paths
/wp-content/plugins/opt-out-for-google-analytics/js/gaoo-admin.js/wp-content/plugins/opt-out-for-google-analytics/js/gaoo-public.js
Version Parameters
opt-out-for-google-analytics/js/gaoo-admin.js?ver=opt-out-for-google-analytics/js/gaoo-public.js?ver=opt-out-for-google-analytics/css/gaoo-admin.css?ver=opt-out-for-google-analytics/css/gaoo-public.css?ver=

HTML / DOM Fingerprints

CSS Classes
gaoo-admin-wrapgaoo-admin-settings-wrap
HTML Comments
If this file is called directly, abort.GAOO_Admin constructor.GAOO_Public constructor.
Data Attributes
data-gaoo-tracking-iddata-gaoo-opt-out-textdata-gaoo-opt-in-text
JS Globals
gaooAdmin
Shortcode Output
[gaoo-opt-in][gaoo-opt-out]
FAQ

Frequently Asked Questions about Opt-Out for Google Analytics (DSGVO / GDPR)