Does Simple Analytics have any unpatched vulnerabilities?

No. All known vulnerabilities in Simple Analytics have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Simple Analytics compatible with WordPress 4.9.29?

According to WordPress.org data, Simple Analytics 1.1.1 has been tested up to WordPress 4.9.29. Check the plugin's changelog for the latest compatibility information.

How often is Simple Analytics updated?

Simple Analytics was last updated on Apr 4, 2018. Frequent updates are generally a positive security signal.

What is Simple Analytics's security score?

Simple Analytics has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Simple Analytics Security & Risk Analysis

wordpress.org/plugins/simple-analytics

A simple plugin to include your Google Analytics tracking.

1K active installs v1.1.1 PHP + WP + Updated Apr 4, 2018

analyticsgoogletheme-blvdthemeblvdtracking

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is Simple Analytics Safe to Use in 2026?

Generally Safe

Score 85/100

Simple Analytics has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 8yr ago

Risk Assessment

The simple-analytics plugin version 1.1.1 exhibits a strong security posture based on the provided static analysis and vulnerability history. The absence of any identified AJAX handlers, REST API routes, shortcodes, or cron events with unprotected entry points is a significant positive. Furthermore, the code signals indicate no dangerous functions, all SQL queries utilize prepared statements, and there are no file operations or external HTTP requests that could introduce vulnerabilities. The limited number of capability checks (2) is also a good sign of controlled access. However, the analysis reveals that 25% of output escaping is not properly handled, which presents a potential risk for cross-site scripting (XSS) vulnerabilities if user-supplied data is reflected directly in the output. The complete lack of vulnerability history and taint analysis findings is highly reassuring, suggesting the plugin has not historically been a target or a source of exploitable flaws. Overall, this plugin appears to be well-developed from a security perspective, with the only noted concern being the minor deficiency in output escaping.

Key Concerns

Unescaped output detected

Vulnerabilities

None known

Simple Analytics Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Simple Analytics Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

6 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

75% escaped8 total outputs

Attack Surface

Simple Analytics Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 8

actionafter_setup_themesimple-analytics.php:75

actionadmin_menusimple-analytics.php:80

actionadmin_initsimple-analytics.php:81

actionthemeblvd_beforesimple-analytics.php:98

actionwp_footersimple-analytics.php:102

actionwp_headsimple-analytics.php:106

actionplugins_loadedsimple-analytics.php:376

actioninitsimple-analytics.php:388

Maintenance & Trust

Simple Analytics Maintenance & Trust

Maintenance Signals

WordPress version tested4.9.29

Last updatedApr 4, 2018

PHP min version

Downloads26K

Community Trust

Rating88/100

Number of ratings7

Active installs1K

Alternatives

Simple Analytics Alternatives

GA Google Analytics – Connect Google Analytics to WordPress

ga-google-analytics

100

Adds Google Analytics tracking code to your WordPress site. Supports many tracking features.

400K No CVEs

Pixel Manager for WooCommerce – Conversion Tracking, Google Ads, GA4, TikTok, Dynamic Remarketing

woocommerce-google-adwords-conversion-tracking-tag

Conversion tracking for WooCommerce. Google Ads, GA4, Meta/Facebook Pixel, TikTok & more. Recover 30% more conversions with server-side tracking!

50K 4 CVEs

Conversios: Google Analytics (GA4), Google Ads, Conversion and Analytics Tracking for Multi-Channels

enhanced-e-commerce-for-woocommerce-store

Track GA4 Analytics, Google Ads, Microsoft Ads, & Conversion with server-side tracking (CAPI) & product feed to improve ROAS, reports for WooCommerce.

10K 10 CVEs

Simple Universal Google Analytics

simple-universal-google-analytics

Enable Universal Google Analytics tracking option on your WordPress site. Add tracking code to every page with WordPress Google Analytics plugin.

4K No CVEs

CallTrackingMetrics

call-tracking-metrics

100

CallTrackingMetrics integrates with your WordPress site to provide powerful call tracking and attribution.

3K No CVEs

Developer Profile

Simple Analytics Developer Profile

Jason

22 plugins · 8K total installs

trust score

Avg Security Score

86/100

Avg Patch Time

3363 days

View full developer profile

Detection Fingerprints

How We Detect Simple Analytics

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Script Paths

//www.google-analytics.com/analytics.js

HTML / DOM Fingerprints

HTML Comments

<!-- Analytics code commented out because you are logged in as an admin.

Data Attributes

name="themeblvd_analytics[google_id]"name="themeblvd_analytics[placement]"name="themeblvd_analytics[anonymize]"

JS Globals

window.ga

FAQ