Does WP Tracking Manager have any unpatched vulnerabilities?

No. All known vulnerabilities in WP Tracking Manager have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is WP Tracking Manager compatible with WordPress 5.9.13?

According to WordPress.org data, WP Tracking Manager 1.5 has been tested up to WordPress 5.9.13. Check the plugin's changelog for the latest compatibility information.

How often is WP Tracking Manager updated?

WP Tracking Manager was last updated on Mar 14, 2022. Frequent updates are generally a positive security signal.

What is WP Tracking Manager's security score?

WP Tracking Manager has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

WP Tracking Manager Security & Risk Analysis

wordpress.org/plugins/wp-tracking-manager

Very Simple plugin to add any type of tracking code on your website and also restrict the direct access of thank page.

100 active installs v1.5 PHP + WP 5.0+ Updated Mar 14, 2022

adwordsadwords-remarketingconversion-codeconversion-pixeltracking-code

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is WP Tracking Manager Safe to Use in 2026?

Generally Safe

Score 85/100

WP Tracking Manager has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 4yr ago

Risk Assessment

The wp-tracking-manager plugin v1.5 exhibits a strong security posture from a static analysis perspective, with no identified attack surface points, dangerous functions, or SQL injection vulnerabilities. The absence of external HTTP requests and file operations further contributes to a secure design. However, the low percentage of properly escaped outputs (5%) is a significant concern, indicating a high risk of Cross-Site Scripting (XSS) vulnerabilities. The lack of nonce checks across all entry points, while the entry points themselves are zero, still presents a theoretical weakness if new entry points were introduced without proper security measures. The plugin's vulnerability history is clean, with zero known CVEs, which is a positive indicator. This, combined with the clean taint analysis, suggests a generally well-developed plugin. Nevertheless, the output escaping issue is a critical oversight that needs immediate attention to mitigate potential XSS attacks.

Key Concerns

Low output escaping percentage
No nonce checks on entry points

Vulnerabilities

None known

WP Tracking Manager Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

WP Tracking Manager Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

1 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

5% escaped20 total outputs

Attack Surface

WP Tracking Manager Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 5

actionadmin_menuwp-tracking-manager.php:42

actionadmin_initwp-tracking-manager.php:43

actionadmin_bar_menuwp-tracking-manager.php:45

actionadd_meta_boxeswp-tracking-manager.php:53

actionsave_postwp-tracking-manager.php:55

Maintenance & Trust

WP Tracking Manager Maintenance & Trust

Maintenance Signals

WordPress version tested5.9.13

Last updatedMar 14, 2022

PHP min version

Downloads4K

Community Trust

Rating0/100

Number of ratings0

Active installs100

Alternatives

WP Tracking Manager Alternatives

Tracking Script Manager

tracking-script-manager

100

Easy tag management. Manage the tracking tags, codes and scripts you use in your WordPress site; easily add, update, reorder, delete, as required.

2K No CVEs

Content Snippet Manager

content-snippet-manager

Content Snippet Manager plugin allows you to create and manage unlimited numbers of HTML and WordPress shortcodes in your WordPress content

200 1 CVE

Conversion And Remarketing Code

conversion-and-remarketing-code

Easily place tracking code in the header or footer of your entire site or individual posts/pages.

100 No CVEs

DeMomentSomTres WP Admin GTM

demomentsomtres-wp-admin-gtm

DeMomentSomTres Google Tag Manager for WP-Admin allows to extend DuracellTomi's Google Tag Manager into WP administration.

100 No CVEs

AI Powered Marketing

kliken-marketing-for-google

100

Kliken's all-in-one marketing helps businesses reach high-intent customers, beat the competition and see sales growth while lowering conversion costs

60K No CVEs

Developer Profile

WP Tracking Manager Developer Profile

WP-EXPERTS.IN

21 plugins · 30K total installs

trust score

Avg Security Score

92/100

Avg Patch Time

347 days

View full developer profile

Detection Fingerprints

How We Detect WP Tracking Manager

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/wp-tracking-manager/css/wtm-admin.css/wp-content/plugins/wp-tracking-manager/js/wtm-admin.js

Script Paths

/wp-content/plugins/wp-tracking-manager/js/wtm-admin.js

Version Parameters

wp-tracking-manager/css/wtm-admin.css?ver=wp-tracking-manager/js/wtm-admin.js?ver=

HTML / DOM Fingerprints

CSS Classes

wtm-toolbar-pagesm_menu_item_class

Data Attributes