Does remarketable have any unpatched vulnerabilities?

No. All known vulnerabilities in remarketable have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is remarketable compatible with WordPress 5.2.24?

According to WordPress.org data, remarketable 5.2 has been tested up to WordPress 5.2.24. Check the plugin's changelog for the latest compatibility information.

Is remarketable compatible with PHP 5.2.4+?

remarketable requires PHP 5.2.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is remarketable updated?

remarketable was last updated on Aug 20, 2019. Frequent updates are generally a positive security signal.

What is remarketable's security score?

remarketable has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

remarketable Security & Risk Analysis

wordpress.org/plugins/wp-facebook-pixel

Facebook Pixel added to every Page including Standard and WooCommerce Events with custom data. Easy setup, no coding! WooCommerce 3 ready!

700 active installs v5.2 PHP 5.2.4+ WP 4.0+ Updated Aug 20, 2019

facebookfacebook-pixelfacebook-remarketing-pixelpixeltracking

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is remarketable Safe to Use in 2026?

Generally Safe

Score 85/100

remarketable has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 6yr ago

Risk Assessment

The wp-facebook-pixel plugin version 5.2 exhibits a generally strong security posture based on the provided static analysis. The plugin effectively utilizes prepared statements for all SQL queries, demonstrating good practice against SQL injection vulnerabilities. Furthermore, the absence of file operations and external HTTP requests reduces the attack surface in these critical areas. The presence of nonce and capability checks on its entry points is also a positive indicator of security awareness.

However, a significant concern arises from the output escaping. With 38% of outputs properly escaped, a substantial portion (62%) remains unescaped. This leaves the plugin vulnerable to Cross-Site Scripting (XSS) attacks, where malicious scripts could be injected through user-controlled inputs that are then displayed without proper sanitization. While the taint analysis found no unsanitized paths and there is no known vulnerability history, the high percentage of unescaped output represents a clear and present risk that requires immediate attention.

In conclusion, the plugin demonstrates good practices in areas like SQL handling and authentication checks for its entry points. The lack of known vulnerabilities is encouraging. Nevertheless, the widespread issue with output escaping is a critical weakness that significantly elevates the risk profile. Addressing the unescaped output is paramount to improving the plugin's overall security.

Key Concerns

High percentage of unescaped output

Vulnerabilities

None known

remarketable Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

remarketable Code Analysis

Dangerous Functions

Raw SQL Queries

2 prepared

Unescaped Output

35 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

100% prepared2 total queries

Output Escaping

38% escaped92 total outputs

Data Flows

All sanitized

Data Flow Analysis

1 flows

<support> (inc\support.php:0)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

remarketable Attack Surface

Entry Points2

Unprotected0

AJAX Handlers 2

authwp_ajax_cmb2_oembed_handlerinc\CMB2\includes\CMB2_Ajax.php:40

noprivwp_ajax_cmb2_oembed_handlerinc\CMB2\includes\CMB2_Ajax.php:41

WordPress Hooks 39

actioncmb2_render_text_event_valueframework\MetaBox.php:110

filtercmb2_sanitize_text_event_valueframework\MetaBox.php:122

actioncmb2_admin_initframework\MetaBox.php:126

actioncmb2_save_options-page_fieldsinc\CMB2\includes\CMB2_Ajax.php:43

filterget_post_metadatainc\CMB2\includes\CMB2_Ajax.php:134

filterupdate_post_metadatainc\CMB2\includes\CMB2_Ajax.php:137

filtercmb2_show_oninc\CMB2\includes\CMB2_hookup.php:81

actionadd_meta_boxesinc\CMB2\includes\CMB2_hookup.php:91

actionadd_attachmentinc\CMB2\includes\CMB2_hookup.php:92

actionedit_attachmentinc\CMB2\includes\CMB2_hookup.php:93

actionsave_postinc\CMB2\includes\CMB2_hookup.php:94

actionadd_meta_boxes_commentinc\CMB2\includes\CMB2_hookup.php:100

actionedit_commentinc\CMB2\includes\CMB2_hookup.php:101

actionshow_user_profileinc\CMB2\includes\CMB2_hookup.php:109

actionedit_user_profileinc\CMB2\includes\CMB2_hookup.php:110

actionuser_new_forminc\CMB2\includes\CMB2_hookup.php:111

actionpersonal_options_updateinc\CMB2\includes\CMB2_hookup.php:113

actionedit_user_profile_updateinc\CMB2\includes\CMB2_hookup.php:114

actionuser_registerinc\CMB2\includes\CMB2_hookup.php:115

actioncreated_terminc\CMB2\includes\CMB2_hookup.php:148

actionedited_termsinc\CMB2\includes\CMB2_hookup.php:149

actiondelete_terminc\CMB2\includes\CMB2_hookup.php:151

actioninitinc\CMB2\init.php:119

actionadmin_noticesinc\NSAUtilities.php:31

actionadmin_noticesNSA_WP_Plugin.php:56

actioninitNSA_WP_Plugin.php:109

actioncmb2_initNSA_WP_Plugin.php:110

actioncmb2_admin_initNSA_WP_Plugin.php:111

actionadmin_headNSA_WP_Plugin.php:115

actioninitNSA_WP_Plugin.php:234

actionadmin_initNSA_WP_Plugin.php:235

actioncmb2_admin_initNSA_WP_Plugin.php:239

actionadmin_menuNSA_WP_Plugin.php:241

actionadmin_noticeswp-facebook-pixel.php:58

actioninitwp-facebook-pixel.php:155

filterplugin_action_linkswp-facebook-pixel.php:177

actionadmin_enqueue_scriptswp-facebook-pixel.php:178

actionwp_enqueue_scriptswp-facebook-pixel.php:179

actionadmin_headwp-facebook-pixel.php:181

Maintenance & Trust

remarketable Maintenance & Trust

Maintenance Signals

WordPress version tested5.2.24

Last updatedAug 20, 2019

PHP min version5.2.4

Downloads49K

Community Trust

Rating96/100

Number of ratings19

Active installs700

Alternatives

remarketable Alternatives

Pixel Manager for WooCommerce – Conversion Tracking, Google Ads, GA4, TikTok, Dynamic Remarketing

woocommerce-google-adwords-conversion-tracking-tag

Conversion tracking for WooCommerce. Google Ads, GA4, Meta/Facebook Pixel, TikTok & more. Recover 30% more conversions with server-side tracking!

50K 4 CVEs

Conversios: Google Analytics (GA4), Google Ads, Conversion and Analytics Tracking for Multi-Channels

enhanced-e-commerce-for-woocommerce-store

Track GA4 Analytics, Google Ads, Microsoft Ads, & Conversion with server-side tracking (CAPI) & product feed to improve ROAS, reports for WooCommerce.

10K 10 CVEs

Tracking Script Manager

tracking-script-manager

100

Easy tag management. Manage the tracking tags, codes and scripts you use in your WordPress site; easily add, update, reorder, delete, as required.

2K No CVEs

Pixelavo – Server Side Tracking & Pixel + AI Ads Tools

pixelavo

100

Add pixel tracking to your WordPress site with Conversions API, server-side tracking, AI ad copy generation, and AI marketing consultant.

800 No CVEs

Tracking Pixel for Gravity Forms

gf-facebook-pixel-tracking

This plugin provides an easy way to add Facebook event tracking to your Gravity Forms using Facebook’s Tracking Pixel. This flexible plugin works for …

400 No CVEs

Developer Profile

remarketable Developer Profile

jacobmhulse

1 plugin · 700 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect remarketable

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/wp-facebook-pixel/asset/facebook-pixel-admin.css/wp-content/plugins/wp-facebook-pixel/asset/facebook-pixel-admin.js/wp-content/plugins/wp-facebook-pixel/asset/facebook-pixel-frontend.js/wp-content/plugins/wp-facebook-pixel/asset/facebook-pixel-frontend.min.js/wp-content/plugins/wp-facebook-pixel/asset/facebook-pixel-map.js/wp-content/plugins/wp-facebook-pixel/asset/facebook-pixel-map.min.js/wp-content/plugins/wp-facebook-pixel/asset/jquery-ui.min.js/wp-content/plugins/wp-facebook-pixel/asset/jquery.validate.min.js+12 more

Script Paths

/wp-content/plugins/wp-facebook-pixel/asset/facebook-pixel-admin.js/wp-content/plugins/wp-facebook-pixel/asset/facebook-pixel-frontend.js/wp-content/plugins/wp-facebook-pixel/asset/facebook-pixel-frontend.min.js/wp-content/plugins/wp-facebook-pixel/asset/facebook-pixel-map.js/wp-content/plugins/wp-facebook-pixel/asset/facebook-pixel-map.min.js/wp-content/plugins/wp-facebook-pixel/asset/jquery-ui.min.js+10 more

Version Parameters

wp-facebook-pixel/asset/facebook-pixel-admin.css?ver=wp-facebook-pixel/asset/facebook-pixel-admin.js?ver=wp-facebook-pixel/asset/facebook-pixel-frontend.js?ver=wp-facebook-pixel/asset/facebook-pixel-frontend.min.js?ver=wp-facebook-pixel/asset/facebook-pixel-map.js?ver=wp-facebook-pixel/asset/facebook-pixel-map.min.js?ver=wp-facebook-pixel/asset/jquery-ui.min.js?ver=wp-facebook-pixel/asset/jquery.validate.min.js?ver=wp-facebook-pixel/asset/js.cookie.min.js?ver=wp-facebook-pixel/asset/jquery.cookie.js?ver=wp-facebook-pixel/asset/bootstrap.min.css?ver=wp-facebook-pixel/asset/bootstrap.min.js?ver=wp-facebook-pixel/asset/bootstrap-datetimepicker.min.css?ver=wp-facebook-pixel/asset/bootstrap-datetimepicker.min.js?ver=wp-facebook-pixel/asset/moment.min.js?ver=wp-facebook-pixel/asset/facebook-pixel-admin-woo.css?ver=wp-facebook-pixel/asset/facebook-pixel-admin-woo.js?ver=wp-facebook-pixel/asset/jquery-sortable.js?ver=wp-facebook-pixel/asset/jquery.typeahead.min.js?ver=wp-facebook-pixel/asset/jquery-ui-sortable.min.js?ver=

HTML / DOM Fingerprints

CSS Classes

nsa_wpfbp_container

HTML Comments

<!-- NSA_WP_Plugin Start<!-- NSA_WP_Plugin End

Data Attributes

data-nsa_wpfbp_version

JS Globals

window.nsa_wpfbp_settingswindow.nsa_wpfbp_admin_data

FAQ