WP-Safety

UTM Code Generator for Google Analytics Tracking URL Security & Risk Analysis

wordpress.org/plugins/utm-generator

In order to make the visitors tracking easy, Google analytics created the UTM tracker, for this reason

10 active installs v1.0 PHP + WP 4.3+ Updated Apr 26, 2017
google-analytics-url-buildergoogle-url-builderurl-trackerutm-builderutm-url-builder
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is UTM Code Generator for Google Analytics Tracking URL Safe to Use in 2026?

Generally Safe

Score 85/100

UTM Code Generator for Google Analytics Tracking URL has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 8yr ago
Risk Assessment

The "utm-generator" v1.0 plugin exhibits a mixed security posture. On the positive side, it demonstrates good practices by utilizing prepared statements for all SQL queries, performing a decent percentage of output escaping (84%), and implementing nonce and capability checks. There is also no recorded vulnerability history, which suggests a lack of publicly disclosed or exploited weaknesses.

However, there are significant security concerns that detract from its overall safety. The plugin has two entry points, with one AJAX handler lacking any authentication checks. This is a critical oversight, as it exposes a direct pathway for unauthorized users to interact with the plugin's functionality. Furthermore, the taint analysis revealed two flows with unsanitized paths, indicating potential risks of injection vulnerabilities, even though these were not classified as critical or high severity.

In conclusion, while the absence of known CVEs and the use of prepared statements are strengths, the unauthenticated AJAX handler and the unsanitized path flows present a notable risk. This plugin requires attention to secure its exposed entry points and address potential data sanitization issues.

Key Concerns

  • Unprotected AJAX handler
  • Taint flows with unsanitized paths
  • Moderate percentage of unescaped output
Vulnerabilities
None known

UTM Code Generator for Google Analytics Tracking URL Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 17, 2026

UTM Code Generator for Google Analytics Tracking URL Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
12
65 escaped
Nonce Checks
3
Capability Checks
5
File Operations
0
External Requests
1
Bundled Libraries
0

Output Escaping

84% escaped77 total outputs
Data Flows
2 unsanitized

Data Flow Analysis

4 flows2 with unsanitized paths
dashboard (includes\class.technoUTM.main.php:334)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
1 unprotected

UTM Code Generator for Google Analytics Tracking URL Attack Surface

Entry Points2
Unprotected1

AJAX Handlers 2

authwp_ajax_techno_utm_builderincludes\class.technoUTM.utms.php:63
authwp_ajax_technoUTM_verifyPurchaseAjaxincludes\class.technoUTM.utms.php:64
WordPress Hooks 8
actionadmin_enqueue_scriptsincludes\class.technoUTM.main.php:59
actionadmin_menuincludes\class.technoUTM.main.php:63
actionadmin_bar_menuincludes\class.technoUTM.main.php:69
actionadmin_bar_menuincludes\class.technoUTM.main.php:70
actionadd_meta_boxesincludes\class.technoUTM.main.php:74
actionwp_headincludes\class.technoUTM.main.php:80
actionwp_footerincludes\class.technoUTM.main.php:82
actionsave_postincludes\class.technoUTM.utms.php:66
Maintenance & Trust

UTM Code Generator for Google Analytics Tracking URL Maintenance & Trust

Maintenance Signals

WordPress version tested4.7.32
Last updatedApr 26, 2017
PHP min version
Downloads1K

Community Trust

Rating20/100
Number of ratings1
Active installs10
Alternatives

UTM Code Generator for Google Analytics Tracking URL Alternatives

UTM – URL Builder for GA4

UTM – URL Builder for GA4

utm-url-builder-ga4

A
85

Add a UTM & URL builder to your site for GA4.

0 No CVEs
Easy UTM Builder

Easy UTM Builder

easy-utm-builder

A
100

Easy to build trackable URLs with UTM parameters in Bulk (complete site or specific post type) for Google Analytics!

400 No CVEs
Simple URL Tracker – By Projekt15

Simple URL Tracker – By Projekt15

simple-url-tracker

A
85

Simple URL Tracker is an easy to use campaign link generator. Simply enter your parameters and update the page or post to create a trackable link.

10 No CVEs
Tracking URL Builder for Analytics

Tracking URL Builder for Analytics

tracking-url-builder-for-analytics

A
85

A simple form to create url for tracking of custom campaigns on Google Analytics

10 No CVEs
Simple UTM Builder

Simple UTM Builder

utm-builder

A
100

🚀 Simple UTM Builder - the easiest UTM builder for WordPress! Create, track & manage UTM campaign links effortlessly! 🎉

10 No CVEs
Developer Profile

UTM Code Generator for Google Analytics Tracking URL Developer Profile

Technoyer

2 plugins · 20 total installs

84
trust score
Avg Security Score
85/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect UTM Code Generator for Google Analytics Tracking URL

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/utm-generator/css/technoUTM.css/wp-content/plugins/utm-generator/js/technoUTM.js
Script Paths
/wp-content/plugins/utm-generator/js/technoUTM.js
Version Parameters
utm-generator/css/technoUTM.css?ver=utm-generator/js/technoUTM.js?ver=

HTML / DOM Fingerprints

CSS Classes
utm_adminbar_icon
Data Attributes
data-utm-sourcedata-utm-mediumdata-utm-campaigndata-utm-termdata-utm-content
JS Globals
technoUTM
FAQ

Frequently Asked Questions about UTM Code Generator for Google Analytics Tracking URL