Initial release.<\/p>"},"ratings":[],"assets_icons":{"icon-128x128.png":{"filename":"icon-128x128.png","revision":3545057,"resolution":"128x128","location":"assets","locale":"","width":128,"height":128},"icon-256x256.png":{"filename":"icon-256x256.png","revision":3545057,"resolution":"256x256","location":"assets","locale":"","width":256,"height":256}},"assets_banners":{"banner-1544x500.png":{"filename":"banner-1544x500.png","revision":3545057,"resolution":"1544x500","location":"assets","locale":"","width":1544,"height":500},"banner-772x250.png":{"filename":"banner-772x250.png","revision":3545057,"resolution":"772x250","location":"assets","locale":"","width":772,"height":250}},"assets_blueprints":{},"all_blocks":[],"tagged_versions":["1.0.0"],"block_files":[],"assets_screenshots":{"screenshot-1.png":{"filename":"screenshot-1.png","revision":3545057,"resolution":"1","location":"assets","locale":"","width":1672,"height":941},"screenshot-2.png":{"filename":"screenshot-2.png","revision":3545057,"resolution":"2","location":"assets","locale":"","width":1672,"height":941},"screenshot-3.png":{"filename":"screenshot-3.png","revision":3545057,"resolution":"3","location":"assets","locale":"","width":1672,"height":941},"screenshot-4.png":{"filename":"screenshot-4.png","revision":3545057,"resolution":"4","location":"assets","locale":"","width":1672,"height":941},"screenshot-5.png":{"filename":"screenshot-5.png","revision":3545057,"resolution":"5","location":"assets","locale":"","width":1672,"height":941},"screenshot-6.png":{"filename":"screenshot-6.png","revision":3545057,"resolution":"6","location":"assets","locale":"","width":1672,"height":941}},"screenshots":{"1":"Dashboard with compliance score, total consent count, recent activity, and one-click site scan.","2":"Consent Logs with date range filters, consent type, visitor details, and page URL tracking.","3":"Cookie Inventory with category tabs, detected cookies, providers, and bulk actions.","4":"Scan History & Orchestration \u2014 review past scans and configure a recurring scan schedule.","5":"Google Consent Mode v2 settings to connect consent signals to Analytics, Ads, and Tag Manager.","6":"Banner Design editor with content controls and real-time live preview."}},"plugin_section":[],"plugin_tags":[166295,20272,16626,131785,396],"plugin_category":[54],"plugin_contributors":[208697,126991,213867,212347],"plugin_business_model":[],"class_list":["post-309008","plugin","type-plugin","status-publish","hentry","plugin_tags-ccpa","plugin_tags-cookie-banner","plugin_tags-cookie-consent","plugin_tags-gdpr","plugin_tags-privacy","plugin_category-security-and-spam-protection","plugin_contributors-aslamhasib","plugin_contributors-devitemsllc","plugin_contributors-madhusudandev","plugin_contributors-zenaulislam","plugin_committers-devitemsllc"],"banners":{"banner":"https:\/\/ps.w.org\/cookieray\/assets\/banner-772x250.png?rev=3545057","banner_2x":"https:\/\/ps.w.org\/cookieray\/assets\/banner-1544x500.png?rev=3545057","banner_rtl":false,"banner_2x_rtl":false},"icons":{"svg":false,"icon":"https:\/\/ps.w.org\/cookieray\/assets\/icon-128x128.png?rev=3545057","icon_2x":"https:\/\/ps.w.org\/cookieray\/assets\/icon-256x256.png?rev=3545057","generated":false},"screenshots":[{"src":"https:\/\/ps.w.org\/cookieray\/assets\/screenshot-1.png?rev=3545057","caption":"Dashboard with compliance score, total consent count, recent activity, and one-click site scan."},{"src":"https:\/\/ps.w.org\/cookieray\/assets\/screenshot-2.png?rev=3545057","caption":"Consent Logs with date range filters, consent type, visitor details, and page URL tracking."},{"src":"https:\/\/ps.w.org\/cookieray\/assets\/screenshot-3.png?rev=3545057","caption":"Cookie Inventory with category tabs, detected cookies, providers, and bulk actions."},{"src":"https:\/\/ps.w.org\/cookieray\/assets\/screenshot-4.png?rev=3545057","caption":"Scan History & Orchestration \u2014 review past scans and configure a recurring scan schedule."},{"src":"https:\/\/ps.w.org\/cookieray\/assets\/screenshot-5.png?rev=3545057","caption":"Google Consent Mode v2 settings to connect consent signals to Analytics, Ads, and Tag Manager."},{"src":"https:\/\/ps.w.org\/cookieray\/assets\/screenshot-6.png?rev=3545057","caption":"Banner Design editor with content controls and real-time live preview."}],"raw_content":"\n
CookieRay is a cookie consent and privacy tooling plugin for WordPress. It stores data on your hosting account and runs in your environment. There is no external SaaS dashboard for site operation.<\/p>\n\n
CookieRay helps website owners manage cookie consent settings for GDPR, CCPA, ePrivacy, and other privacy-related requirements. Legal compliance depends on your website setup, third-party tools, region, and how the plugin is configured.<\/p>\n\n
CookieRay provides a visitor-facing consent experience, configurable script blocking, cookie discovery from your site, detailed consent records, and a setup dashboard to help you manage cookie consent records and support privacy-related workflows.<\/p>\n\n
A customizable consent surface with card and bar layouts, live preview in the admin, and nine placement positions. Visitors can Accept All, Decline All, or open a Preferences modal to choose which categories to allow (Necessary, Analytical, Functional, and Marketing). Banner text, colors, buttons, and fonts are editable without writing code.<\/p>\n\n
Choose Log Only recording or Strict blocking in Settings. In Strict mode, CookieRay delays known tracking scripts until the visitor agrees to categories that match those trackers. Common patterns for services such as Google Analytics, Meta Pixel, Hotjar, HubSpot, TikTok Pixel, and many others are included out of the box.<\/p>\n\n
When enabled, CookieRay outputs consent state in the visitor's browser for Google tags (such as GA4, Google Ads, or Google Tag Manager) that you have already placed on your site<\/strong>. Google Consent Mode v2 lets Google tags adjust their behavior based on visitor consent choices while supporting privacy-conscious measurement modes when consent is withheld.<\/p>\n\n CookieRay itself does not open separate server-side uploads of visitor payloads to Google; instead it surfaces JavaScript so tags you load can read consent signaling. Behavior of those downstream tags depends on how you configured Google products.<\/p>\n\n Further reading: Google's Consent Mode documentation (linked under External Services).<\/p>\n\n Run a cookie scan from the WordPress admin to detect cookies surfaced on responses from your own site.<\/p>\n\n When an administrator starts a scan, CookieRay queues work on your server and uses the WordPress HTTP API to request public URLs belonging to your site domain<\/strong> (for example the homepage, published content URLs, WooCommerce storefront pages where applicable, and related routes depending on plugins). Cookie names surfaced in responses can be merged with your inventory for categorization alongside the plugin's bundled tracking-cookie reference data.<\/p>\n\n CookieRay also runs deeper script-discovery passes that analyze HTML fetched from a bounded set of URLs (the embeddable deep scan inspects up to 50 URLs on the same domain, chosen from the XML sitemap when available or from the home page plus recent posts and pages). Scan coverage still depends on plugins, caches, authenticated-only flows, and what responses your site serves to CookieRay's unauthenticated crawler.<\/p>\n\n There is no recurring unattended scan timetable built into CookieRay<\/strong>. You start scans from CookieRay screens (background processing completes those runs without another manual click).<\/p>\n\n View, edit, and categorize cookies discovered on your site. Assign cookies to Necessary, Analytical, Functional, or Marketing categories. Bulk-categorize or delete entries. Custom cookies can be added manually, with regex pattern support where appropriate.<\/p>\n\n Consent events can be logged with identifiers, statuses, granted categories, page URL, banner version, and timestamp fields available for review. Entries are searchable and filterable in the admin. You can export records as CSV, and export individual receipts as PDF for your record-keeping process.<\/p>\n\n See a summarized score guided by configurable checks (blocking mode, categorized cookies, policy link usage, consent expiry and scan recency reminders, whether Google Consent Mode output is enabled, and related items). Use it as onboarding guidance alongside your legal or compliance review.<\/p>\n\n Review past scans: timing, URLs covered, counts, and summaries of results to track changes over time.<\/p>\n\n Configure consent behavior (Log Only vs Strict blocking), consent expiry, consent log retention, Google Consent Mode v2 toggle, optional data portability export flows, and related options. Banner and behavior settings are stored through WordPress options alongside plugin metadata.<\/p>\n\n CookieRay does not send usage data, telemetry, or visitor payloads to CookieRay-operated servers. Consent logs and inventories stay in your site's database unless you export them elsewhere.<\/p>\n\n Third-party trackers you integrate yourself (such as Google Analytics, Google Ads, Google Tag Manager, Meta Pixel, marketing pixels, embedded chat widgets, and similar vendors) may still collect information according to their own tags, configurations, vendor accounts, regions, and published policies, even when CookieRay delays or respects categories for scripts it recognizes.<\/p>\n\n A WordPress Cron task deletes consent records older than the retention period configured in Settings, whenever WordPress Cron runs normally on your host.<\/p>\n\n The complete unminified source files are included inside this plugin in the Admin interface source: Build tool: Vite (Node.js 18+). To regenerate compiled assets: npm install && npm run build<\/p>\n\n CookieRay does not send analytics, telemetry, or visitor data to CookieRay-operated servers.<\/p>\n\n When an administrator runs a cookie scan, CookieRay uses the WordPress HTTP API (wp_remote_get) to fetch public URLs belonging to the same WordPress site \u2014 for example the homepage, published post URLs, WooCommerce storefront pages, and sitemap entries.<\/p>\n\n What is sent: Standard HTTP GET requests to your own site's public URLs.\nWhen: Only when an administrator triggers a scan from CookieRay admin screens.\nWho receives the requests: Your own web server. No data is sent to CookieRay or any third party.\nSource file: includes\/class-scanner.php<\/p>\n\n When enabled in Settings, CookieRay outputs JavaScript on visitor pages that signals consent state to Google tags you have independently installed (e.g. GA4, Google Ads, Google Tag Manager). CookieRay does not make server-side HTTP calls to Google.<\/p>\n\n What is sent: Browser-side consent signals read by locally loaded Google tags you control.\nWhen: When Consent Mode is enabled in CookieRay Settings and visitors load pages that include your Google tags.\nWho receives downstream data: Google, per your Google account and tag configuration.<\/p>\n\n Google Privacy Policy: https:\/\/policies.google.com\/privacy\nGoogle Terms of Service: https:\/\/policies.google.com\/terms\nGoogle Consent Mode documentation: https:\/\/support.google.com\/analytics\/answer\/9976101<\/p>\n\n The PHP scanner (includes\/class-scanner.php) and the frontend bundle (build\/frontend.js) contain a built-in lookup table that maps known provider domain strings \u2014 including Cloudflare, Google Analytics, Facebook (connect.facebook.net), Intercom, HubSpot, LinkedIn, Twitter, and others \u2014 to consent categories (Necessary, Analytical, Functional, Marketing).<\/p>\n\n This lookup table is static data stored inside the plugin files. CookieRay does not connect to, send data to, or call any API at Cloudflare, Facebook, Intercom, or any other provider listed in that table. The domain strings are used only for local string-matching against cookie names and script URLs detected on your own site during a scan.<\/p>\n\n This plugin ships the following third-party JavaScript libraries as local files (no CDN calls):<\/p>\n\n jsPDF v4.2.1<\/strong> \u2014 Client-side PDF generation, used to produce consent receipt PDFs when an administrator downloads a receipt from the Consent Logs screen.\nLicense: MIT | Repository: https:\/\/github.com\/parallax\/jsPDF\nFile: React v18<\/strong> \u2014 UI framework for the admin interface, bundled into Mantine v7<\/strong> \u2014 Component library for the admin interface, bundled into Tabler Icons React v3<\/strong> \u2014 Icon set for the admin interface, bundled into The admin UI bundles the Inter and Manrope typefaces from Cookie scanner<\/h4>\n\n
Cookie inventory<\/h4>\n\n
Consent logs<\/h4>\n\n
Dashboard<\/h4>\n\n
Scan history<\/h4>\n\n
Settings<\/h4>\n\n
Privacy and data handling<\/h4>\n\n
Source Code<\/h3>\n\n
src\/<\/code> directory. No external repository is required to read or modify the source.<\/p>\n\nsrc\/admin\/<\/code> compiles to build\/admin.js<\/code> and build\/admin.css<\/code>\nFrontend banner source: src\/frontend\/<\/code> compiles to build\/frontend.js<\/code> and build\/frontend.css<\/code><\/p>\n\nExternal Services<\/h3>\n\n
1. Same-site cookie scanner<\/h4>\n\n
2. Google Consent Mode v2 (optional, admin-enabled)<\/h4>\n\n
Cookie detection dictionary \u2014 local data only, no network calls<\/h4>\n\n
Bundled Libraries<\/h3>\n\n
\n
assets\/js\/jspdf.min.js<\/code><\/p><\/li>\nbuild\/admin.js<\/code>.\nLicense: MIT | Repository: https:\/\/github.com\/facebook\/react<\/p><\/li>\nbuild\/admin.js<\/code>.\nLicense: MIT | Repository: https:\/\/github.com\/mantinedev\/mantine<\/p><\/li>\nbuild\/admin.js<\/code>.\nLicense: MIT | Repository: https:\/\/github.com\/tabler\/tabler-icons<\/p><\/li>\n<\/ul>\n\nFonts<\/h3>\n\n
build\/fonts\/<\/code>. Both are distributed under the SIL Open Font License v1.1 (OFL-1.1), which is GPL-compatible. Full attribution and license text: build\/fonts\/LICENSE.md<\/code>.<\/p>\n\n\n\n
cookieray<\/code> folder to the \/wp-content\/plugins\/<\/code> directory, or install directly from the WordPress plugin directory.<\/li>\n\n