Does Tagging have any unpatched vulnerabilities?

No. All known vulnerabilities in Tagging have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Tagging compatible with WordPress 6.7.5?

According to WordPress.org data, Tagging 2.3.4 has been tested up to WordPress 6.7.5. Check the plugin's changelog for the latest compatibility information.

Is Tagging compatible with PHP 7.1+?

Tagging requires PHP 7.1 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Tagging updated?

Tagging was last updated on Dec 22, 2025. Frequent updates are generally a positive security signal.

What is Tagging's security score?

Tagging has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Tagging Security & Risk Analysis

wordpress.org/plugins/tagging

AdPage Tagging is a simple to use solution for setting up Google Tag Manager Server Side.

500 active installs v2.3.4 PHP 7.1+ WP 4.9+ Updated Dec 22, 2025

cookiesgoogle-tag-managergtmserver-side

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Tagging Safe to Use in 2026?

Generally Safe

Score 100/100

Tagging has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 3mo ago

Risk Assessment

The "tagging" plugin v2.3.4 exhibits a generally strong security posture based on the provided static analysis and vulnerability history. The absence of any recorded CVEs, critical taint flows, or instances of raw SQL queries is highly positive. The plugin also demonstrates good practices in output escaping, with 70% of its outputs properly handled.

However, there are areas that warrant caution. The complete lack of nonce checks, coupled with the presence of file operations and external HTTP requests, could potentially introduce vulnerabilities if these operations are not robustly secured by other means. The sole capability check also suggests that access control might be narrowly defined, and if the functionalities related to file operations or HTTP requests are sensitive, this could be a point of concern. The static analysis also reveals no taint flows analyzed, which while not a direct negative, means that the plugin hasn't been thoroughly tested for potential data manipulation vulnerabilities.

In conclusion, "tagging" v2.3.4 appears to be a well-maintained plugin with a clean historical record. The lack of known vulnerabilities and good output escaping practices are significant strengths. The primary weaknesses lie in the potential for insecure handling of file operations and external requests due to the absence of nonce checks and the limited scope of capability checks. Further manual code review of these specific areas would be recommended to ensure comprehensive security.

Key Concerns

No nonce checks on potential entry points
File operations without explicit security checks
External HTTP requests without explicit security checks
Limited capability checks
No taint flows analyzed

Vulnerabilities

None known

Tagging Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Tagging Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

49 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

70% escaped70 total outputs

Attack Surface

Tagging Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 33

actionadmin_initincludes\class-tagging-admin.php:8

actionadmin_menuincludes\class-tagging-admin.php:9

actionadmin_post_clear_logincludes\class-tagging-admin.php:11

actionadmin_post_download_logincludes\class-tagging-admin.php:12

actionwpcf7_before_send_mailincludes\class-tagging-contact-form7.php:12

actionwoocommerce_add_to_cartincludes\class-tagging-event-addtocart.php:12

filterwoocommerce_loop_add_to_cart_linkincludes\class-tagging-event-addtocart.php:13

actionwp_footerincludes\class-tagging-event-begincheckout.php:12

actionwp_footerincludes\class-tagging-event-purchase.php:14

actionwoocommerce_new_orderincludes\class-tagging-event-purchase.php:15

actionwoocommerce_thankyouincludes\class-tagging-event-purchase.php:16

actionwoocommerce_thankyouincludes\class-tagging-event-purchase.php:18

actionwoocommerce_cart_item_removedincludes\class-tagging-event-removefromcart.php:12

actionwp_footerincludes\class-tagging-event-viewcart.php:12

actionwp_footerincludes\class-tagging-event-viewitem.php:13

actionwp_footerincludes\class-tagging-event-viewitemlist.php:12

filtersafe_style_cssincludes\class-tagging-frontend.php:10

actioninitincludes\class-tagging-frontend.php:16

actionwp_enqueue_scriptsincludes\class-tagging-frontend.php:17

actionwp_headincludes\class-tagging-frontend.php:18

actionwp_footerincludes\class-tagging-frontend.php:19

actionwp_body_openincludes\class-tagging-frontend.php:20

actionafter_body_openincludes\class-tagging-frontend.php:21

actiongenesis_beforeincludes\class-tagging-frontend.php:22

actiongenerate_before_headerincludes\class-tagging-frontend.php:23

actionwp_headincludes\class-tagging-frontend.php:24

actiongform_after_submissionincludes\class-tagging-gravity-forms.php:13

actiongform_after_ajax_submitincludes\class-tagging-gravity-forms.php:16

actionwoocommerce_checkout_create_orderincludes\class-tagging-wc-session.php:12

actionwoocommerce_new_orderincludes\class-tagging-wc-session.php:13

actionwoocommerce_order_status_processingincludes\class-tagging-wc-webhook.php:12

actionwoocommerce_order_refundedincludes\class-tagging-wc-webhook.php:13

actionplugins_loadedtagging.php:85

Maintenance & Trust

Tagging Maintenance & Trust

Maintenance Signals

WordPress version tested6.7.5

Last updatedDec 22, 2025

PHP min version7.1

Downloads63K

Community Trust

Rating0/100

Number of ratings0

Active installs500

Alternatives

Tagging Alternatives

Stape Conversion Tracking

gtm-server-side

Google Tag Manager Server Side Integration Made Easy

10K 2 CVEs

GTM4WP – A Google Tag Manager (GTM) plugin for WordPress

duracelltomi-google-tag-manager

Advanced tag management for WordPress with Google Tag Manager

700K 3 CVEs

GTM Kit – Google Tag Manager & GA4 integration

gtm-kit

Google Tag Manager and GA4 integration. Including WooCommerce data for Google Analytics 4 and support for server side GTM.

30K 1 CVE

Google Analytics and Google Tag Manager

wk-google-analytics

Google Analytics or Google Tag Manager for WordPress without tracking your own visits.

10K No CVEs

WP Global Site Tag

wp-global-site-tag

100

Global Site Tag (gtag.js) is a new Google Analytics replacement – giving you better control while making implementation easier. Using gtag.

8K No CVEs

Developer Profile

Tagging Developer Profile

vicklo

1 plugin · 500 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Tagging

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/tagging/assets/js/admin.js/wp-content/plugins/tagging/assets/css/admin.css

Version Parameters

tagging/assets/js/admin.js?ver=tagging/assets/css/admin.css?ver=

HTML / DOM Fingerprints

Data Attributes

data-product-iddata-product-skudata-product-namedata-product-affiliationdata-product-discountdata-product-brand+12 more

JS Globals

window.addToCartwindow.purchasewindow.beginCheckoutwindow.viewItemListwindow.viewItemwindow.removeItemFromCart+1 more

FAQ