WP-Safety

Enhanced Ecommerce Google Analytics for WooCommerce Security & Risk Analysis

wordpress.org/plugins/woo-ecommerce-tracking-for-google-and-facebook

Track sales analytics, conversions and understand consumer behavior using google analytics (with ecommerce tracking).

2K active installs v3.8.2 PHP 7.2+ WP 5.0+ Updated Jan 5, 2026
analyticse-commercee-commerce-trackinggoogle-analyticsstatistics
100
A · Safe
CVEs total1
Unpatched0
Last CVEAug 16, 2023
Plugin page Download
Safety Verdict

Is Enhanced Ecommerce Google Analytics for WooCommerce Safe to Use in 2026?

Generally Safe

Score 100/100

Enhanced Ecommerce Google Analytics for WooCommerce has a strong security track record. Known vulnerabilities have been patched promptly.

1 known CVELast CVE: Aug 16, 2023Updated 2mo ago
Risk Assessment

The "woo-ecommerce-tracking-for-google-and-facebook" plugin v3.8.2 presents a mixed security posture. While it demonstrates good practices in SQL query handling and a high percentage of output escaping, significant concerns arise from its unprotected entry points. The analysis reveals 3 AJAX handlers that lack any form of authentication check, creating a substantial attack surface that could be exploited by unauthenticated users. Taint analysis did not uncover any critical or high-severity vulnerabilities, and there are no currently unpatched CVEs. However, the plugin has a history of known vulnerabilities, including a medium-severity Cross-Site Request Forgery (CSRF) in August 2023, indicating a past tendency for certain types of security flaws that warrant continued vigilance. The presence of a bundled Freemius library, though version 1.0, is noted but not flagged as an immediate risk without further context on its specific implementation and potential vulnerabilities.

Despite the absence of critical code-level issues and unpatched CVEs, the unprotected AJAX handlers are a primary concern, offering a direct path for potential abuse. The plugin's vulnerability history suggests that attackers may find certain types of weaknesses exploitable. While strengths like robust SQL handling are present, the unprotected entry points and historical vulnerability patterns suggest that this plugin requires careful monitoring and regular updates to mitigate risks effectively. A more detailed review of the AJAX handlers' functionality would be beneficial to fully understand the potential impact of their lack of authentication.

Key Concerns

  • Unprotected AJAX handlers
  • No capability checks on entry points
  • Bundled library (Freemius v1.0) may be outdated
  • History of vulnerabilities (medium severity CSRF)
Vulnerabilities
1

Enhanced Ecommerce Google Analytics for WooCommerce Security Vulnerabilities

CVEs by Year

1 CVE in 2023
2023
Patched Has unpatched

Severity Breakdown

Medium
1

1 total CVE

CVE-2023-40561medium · 5.4Cross-Site Request Forgery (CSRF)

WooCommerce Enhanced Ecommerce Analytics Integration with Conversion Tracking <= 3.7.1 - Cross-Site Request Forgery

Aug 16, 2023 Patched in 3.7.2 (160d)
Code Analysis
Analyzed Mar 16, 2026

Enhanced Ecommerce Google Analytics for WooCommerce Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
59
277 escaped
Nonce Checks
6
Capability Checks
0
File Operations
0
External Requests
5
Bundled Libraries
1

Bundled Libraries

Freemius1.0

Output Escaping

82% escaped336 total outputs
Attack Surface
3 unprotected

Enhanced Ecommerce Google Analytics for WooCommerce Attack Surface

Entry Points3
Unprotected3

AJAX Handlers 3

authwp_ajax_aet_update_manually_idincludes\class-advance-ecommerce-tracking.php:160
authwp_ajax_aet_wc_multiple_delete_row__premium_onlyincludes\class-advance-ecommerce-tracking.php:161
authwp_ajax_aet_plugin_setup_wizard_submitincludes\class-advance-ecommerce-tracking.php:162
WordPress Hooks 38
actionafter_uninstalladvance-ecommerce-tracking.php:77
actionplugins_loadedadvance-ecommerce-tracking.php:158
actionadmin_noticesadvance-ecommerce-tracking.php:170
actionadmin_initadvance-ecommerce-tracking.php:171
actionadmin_noticesadvance-ecommerce-tracking.php:180
actionadmin_initadvance-ecommerce-tracking.php:181
actionadmin_initadvance-ecommerce-tracking.php:246
actionadmin_noticesadvance-ecommerce-tracking.php:247
actionupgrader_process_completeadvance-ecommerce-tracking.php:332
filterhide_account_tabsadvance-ecommerce-tracking.php:348
actionafter_account_detailsadvance-ecommerce-tracking.php:360
actionhide_billing_and_payments_infoadvance-ecommerce-tracking.php:372
actionhide_freemius_powered_byadvance-ecommerce-tracking.php:384
actionconnect/beforeadvance-ecommerce-tracking.php:405
actionconnect/afteradvance-ecommerce-tracking.php:422
actionbefore_woocommerce_initadvance-ecommerce-tracking.php:429
filterplugin_row_metaincludes\class-advance-ecommerce-tracking.php:79
actionplugins_loadedincludes\class-advance-ecommerce-tracking.php:142
actionadmin_enqueue_scriptsincludes\class-advance-ecommerce-tracking.php:154
actionadmin_enqueue_scriptsincludes\class-advance-ecommerce-tracking.php:155
actionadmin_initincludes\class-advance-ecommerce-tracking.php:156
actionadmin_headincludes\class-advance-ecommerce-tracking.php:157
actionadmin_menuincludes\class-advance-ecommerce-tracking.php:158
actionadmin_headincludes\class-advance-ecommerce-tracking.php:159
actionadmin_initincludes\class-advance-ecommerce-tracking.php:163
filteradmin_footer_textincludes\class-advance-ecommerce-tracking.php:166
actionwp_enqueue_scriptsincludes\class-advance-ecommerce-tracking.php:216
actionwp_headincludes\class-advance-ecommerce-tracking.php:239
filteraet_tracking_require_filterincludes\class-advance-ecommerce-tracking.php:241
actionwoocommerce_after_checkout_formincludes\class-advance-ecommerce-tracking.php:248
actionwoocommerce_checkout_order_processedincludes\class-advance-ecommerce-tracking.php:249
actionwoocommerce_order_status_processingincludes\class-advance-ecommerce-tracking.php:256
actionwoocommerce_order_status_completedincludes\class-advance-ecommerce-tracking.php:262
actionwoocommerce_thankyouincludes\class-advance-ecommerce-tracking.php:268
filterwoocommerce_get_return_urlincludes\class-advance-ecommerce-tracking.php:274
filterhttp_request_timeoutincludes\class-advance-ecommerce-tracking.php:275
actionwoocommerce_thankyouincludes\class-advance-ecommerce-tracking.php:280
actionwp_headincludes\class-advance-ecommerce-tracking.php:292
Maintenance & Trust

Enhanced Ecommerce Google Analytics for WooCommerce Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedJan 5, 2026
PHP min version7.2
Downloads87K

Community Trust

Rating100/100
Number of ratings6
Active installs2K
Alternatives

Enhanced Ecommerce Google Analytics for WooCommerce Alternatives

GA Google Analytics – Connect Google Analytics to WordPress

GA Google Analytics – Connect Google Analytics to WordPress

ga-google-analytics

A
100

Adds Google Analytics tracking code to your WordPress site. Supports many tracking features.

400K No CVEs
Independent Analytics – Google Analytics Alternative for WordPress

Independent Analytics – Google Analytics Alternative for WordPress

independent-analytics

A
100

A simple WordPress analytics plugin that is privacy-friendly, fast, and an alternative to Google Analytics.

100K No CVEs
Koko Analytics – Privacy Friendly Statistics for WordPress

Koko Analytics – Privacy Friendly Statistics for WordPress

koko-analytics

A
96

Koko Analytics is a privacy-friendly statistics plugin for WordPress that is an easy to use alternative to Google Analytics.

60K 2 CVEs
Better Google Analytics

Better Google Analytics

better-analytics

A
85

Track everything with Google Analytics (clicked links, emails opened, YouTube videos being watched, etc.). Includes real time Analytics dashboard.

2K No CVEs
Universal Google Analytics (GA3 and GA4)

Universal Google Analytics (GA3 and GA4)

universal-google-analytics

A
100

Automatically set up the required Google Analytics tracking ID/snippet to the footer of your WordPress installation, as required by Google Analytics.

500 No CVEs
Developer Profile

Enhanced Ecommerce Google Analytics for WooCommerce Developer Profile

dotsquares

37 plugins · 95K total installs

77
trust score
Avg Security Score
97/100
Avg Patch Time
470 days
View full developer profile
Detection Fingerprints

How We Detect Enhanced Ecommerce Google Analytics for WooCommerce

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/woo-ecommerce-tracking-for-google-and-facebook/assets/css/admin/style.css/wp-content/plugins/woo-ecommerce-tracking-for-google-and-facebook/assets/css/frontend/style.css/wp-content/plugins/woo-ecommerce-tracking-for-google-and-facebook/assets/js/frontend/script.js/wp-content/plugins/woo-ecommerce-tracking-for-google-and-facebook/assets/js/admin/script.js/wp-content/plugins/woo-ecommerce-tracking-for-google-and-facebook/assets/js/frontend/admin-script.js
Script Paths
/wp-content/plugins/woo-ecommerce-tracking-for-google-and-facebook/assets/js/frontend/script.js/wp-content/plugins/woo-ecommerce-tracking-for-google-and-facebook/assets/js/admin/script.js/wp-content/plugins/woo-ecommerce-tracking-for-google-and-facebook/assets/js/frontend/admin-script.js
Version Parameters
/wp-content/plugins/woo-ecommerce-tracking-for-google-and-facebook/assets/css/admin/style.css?ver=/wp-content/plugins/woo-ecommerce-tracking-for-google-and-facebook/assets/css/frontend/style.css?ver=/wp-content/plugins/woo-ecommerce-tracking-for-google-and-facebook/assets/js/frontend/script.js?ver=/wp-content/plugins/woo-ecommerce-tracking-for-google-and-facebook/assets/js/admin/script.js?ver=/wp-content/plugins/woo-ecommerce-tracking-for-google-and-facebook/assets/js/frontend/admin-script.js?ver=

HTML / DOM Fingerprints

CSS Classes
aet-admin-wrapaet-setting-wrapaet-main-contentaet-sectionaet-field-rowaet-labelaet-input-wrapperaet-button+2 more
Data Attributes
data-aet-iddata-aet-namedata-aet-pricedata-aet-categorydata-aet-quantitydata-aet-action+1 more
JS Globals
window.aet_frontend_datawindow.aet_admin_data
FAQ

Frequently Asked Questions about Enhanced Ecommerce Google Analytics for WooCommerce