Title: CMPly
Author: cmplyapp
Published: <strong>16 juli 2026</strong>
Last modified: 16 juli 2026

---

Sök tillägg

![](https://ps.w.org/cmply/assets/banner-772x250.png?rev=3609886)

![](https://ps.w.org/cmply/assets/icon-256x256.png?rev=3609886)

# CMPly

 Av [cmplyapp](https://profiles.wordpress.org/cmplyapp/)

[Ladda ner](https://downloads.wordpress.org/plugin/cmply.1.0.20.zip)

 * [Detaljer](https://sv.wordpress.org/plugins/cmply/#description)
 * [Recensioner](https://sv.wordpress.org/plugins/cmply/#reviews)
 *  [Installation](https://sv.wordpress.org/plugins/cmply/#installation)
 * [Utveckling](https://sv.wordpress.org/plugins/cmply/#developers)

 [Support](https://wordpress.org/support/plugin/cmply/)

## Beskrivning

CMPly connects a WordPress site to CMPly.app.

The plugin prints the CMPly SDK in the public `<head>` at a very early priority 
and intentionally does not add `defer` or `async`, matching CMPly’s recommended 
integration for blocking third-party scripts before they execute.

Features:

 * Connect button with a short-lived signed callback state and a single-use server-
   to-server authorization code.
 * Live account plan and monthly pageview usage synchronized on connect and verification.
 * Site ID configuration in Settings > CMPly.
 * Auto-inject or manual embed mode for the CMPly SDK.
 * HTTPS SDK loading from the official CMPly.app service.
 * Optional SDK version query for cache busting.
 * Optional language override with automatic browser-language detection by default.
 * URL path exclusions with wildcard support.
 * Editable Google Consent Mode v2 settings with global and regional consent defaults.

This plugin requires an active CMPly.app site configuration. CMPly provides the 
consent banner, consent storage, cookie/provider metadata, and related consent-management
functionality.

### External services

This plugin connects to CMPly.app, a third-party consent-management service, when
CMPly is enabled and a Site ID is configured.

When an administrator chooses Connect or Verify, WordPress sends the site URL, connection
identifiers, plugin version, and a short-lived connection code to CMPly. CMPly returns
the Site ID and API key server-to-server. When an administrator opens, refreshes,
or saves the Google Consent Mode screen, WordPress sends the site URL, Site ID, 
connection ID, API key, and GCM settings to CMPly. GCM responses are cached in WordPress
for five minutes. The API key is stored as a non-autoloaded WordPress option, is
never printed in public HTML, and is deleted on disconnect or uninstall.

The administrator-side connection and GCM requests use CMPly endpoints under `https://
cmply.app/api/integrations/wordpress/`, including `/sites/{siteId}/gcm`. These requests
are used only to authenticate the WordPress connection and read or save the connected
site’s settings.

The plugin loads the CMPly JavaScript SDK from:

 * `https://cmply.app/sdk/init.js`

The SDK may request these CMPly API endpoints in the visitor’s browser:

 * `/api/sites/{siteId}` to load banner settings.
 * `/api/sites/{siteId}/cookies-list` to load cookie details.
 * `/api/sites/{siteId}/providers` to load detected provider rules.
 * `/api/sites/{siteId}/view` to record a banner/site view.
 * `/api/consent` to record a consent choice.

Data sent to CMPly may include the configured Site ID, consent categories selected
by the visitor, consent metadata generated by the SDK, and standard request metadata
such as IP address, user agent, referrer, and timestamp. CMPly uses this data to
provide cookie consent functionality, consent records, analytics, and script-blocking
configuration.

Service links:

 * CMPly: https://cmply.app
 * Terms of Service: https://cmply.app/terms
 * Privacy Policy: https://cmply.app/privacy

## Installation

 1. Upload the plugin folder to `/wp-content/plugins/cmply`.
 2. Activate ”CMPly” in WordPress.
 3. Go to Settings > CMPly.
 4. Click ”Connect to CMPly” or paste the Site ID from the CMPly dashboard.
 5. Save settings and clear any page cache.

## Vanliga frågor

### Why is the script not loaded with defer?

CMPly must execute during HTML parsing so it can intercept and block third-party
scripts before they run. Adding `defer` or `async` would make blocking less reliable.

### What if I already added the CMPly script manually?

Turn off Auto-inject SDK in Settings > CMPly and keep the manual script near the
top of the document head. Keep only one CMPly SDK script on the page.

### How does the Connect button work?

The button opens the CMPly web app with your WordPress site URL, return URL, and
a signed WordPress callback-state token that expires after 30 minutes. CMPly separately
returns a ten-minute, single-use authorization code. WordPress exchanges that code
with CMPly over HTTPS and stores the resulting credentials server-side.

### Can I disable CMPly on specific pages?

Yes. Add one path per line in Exclude Paths, for example:

    ```
    /checkout/*
    ```

### Does this plugin set cookies by itself?

The WordPress plugin stores only its admin settings in the WordPress database. The
public consent cookie is created by the CMPly SDK in the visitor’s browser.

## Recensioner

Detta tillägg har inga recensioner.

## Bidragsgivare och utvecklare

”CMPly” är programvara med öppen källkod. Följande personer har bidragit till detta
tillägg.

Bidragande personer

 *   [ cmplyapp ](https://profiles.wordpress.org/cmplyapp/)

[Översätt ”CMPly” till ditt språk.](https://translate.wordpress.org/projects/wp-plugins/cmply)

### Intresserad av programutveckling?

[Läs programkoden](https://plugins.trac.wordpress.org/browser/cmply/), kika på [SVN-filförvaret](https://plugins.svn.wordpress.org/cmply/)
eller prenumerera på [utvecklarloggen](https://plugins.trac.wordpress.org/log/cmply/)
via [RSS](https://plugins.trac.wordpress.org/log/cmply/?limit=100&mode=stop_on_copy&format=rss).

## Ändringslogg

#### 1.0.20

 * Added authenticated editing of Google Consent Mode v2 and regional consent defaults
   from WordPress.
 * Added validation, five-minute response caching, manual refresh, and actionable
   connection errors for GCM settings.

#### 1.0.19

 * Synchronized the GitHub release source with the reviewed WordPress.org package.
 * Added automated, version-validated deployment to WordPress.org.

#### 1.0.18

 * Clarified the connection flow by distinguishing the signed WordPress callback
   state from the single-use CMPly authorization code.
 * Reworded upgrade messaging to avoid implying guaranteed protection from legal
   risk.

#### 1.0.17

 * Hide Reconnect while the connection is healthy and show it only after a verification
   failure.

#### 1.0.16

 * Automatically refresh plan and pageview usage when CMPly settings open and the
   saved snapshot is older than 15 minutes.
 * Keep Verify connection as an immediate manual refresh and diagnostic action.

#### 1.0.15

 * Show fractional pageview usage below ten percent instead of rounding it to zero.

#### 1.0.14

 * Preserve freshly synchronized pageview usage, limits, and connection ID through
   WordPress option sanitization.
 * Hide dashboard upgrade promotions for paid plans.

#### 1.0.13

 * Allow Verify to repair a missing connection ID using the saved API key, Site 
   ID, and domain.
 * Store the connection ID separately from editable plugin settings.

#### 1.0.12

 * Hide the header upgrade button for paid plans.
 * Synchronize pageviews from the same billing-period statistics used by the CMPly
   dashboard.

#### 1.0.11

 * Hide the dashboard connection prompt after a CMPly account has been connected.
 * Use the saved connection ID as the persistent UI connection state.

#### 1.0.10

 * Show the safe CMPly API error and HTTP status when credential exchange fails.

#### 1.0.9

 * Pass callback state as a dedicated CMPly parameter so nested URL encoding cannot
   remove it.

#### 1.0.8

 * Added precise callback-state diagnostics for missing, malformed, expired, wrong-
   user, and invalid-signature failures.

#### 1.0.7

 * Use a stateless, administrator-bound HMAC callback state that survives navigation,
   caching, and multiple tabs.

#### 1.0.6

 * Store the one-time connection state in administrator metadata so it works independently
   of transient cache backends.

#### 1.0.5

 * Replaced the external callback nonce with a one-time administrator-bound state
   token.

#### 1.0.4

 * Fixed nonce encoding in the nested WordPress connection callback URL.
 * Replaced the WordPress expired-link screen with an actionable plugin error message.

#### 1.0.3

 * Added visible connection success and error messages.
 * Distinguished manual Site ID configuration from an authenticated CMPly account
   connection.

#### 1.0.2

 * Fixed duplicate upgrade button icon during cached asset transitions.

#### 1.0.1

 * Fixed admin icon rendering and enabled interactive FAQ answers.
 * Added live plan and pageview usage synchronization from CMPly.

#### 1.0.0

 * Initial release.
 * Added one-time connection exchange and server-side connection verification.
 * Added live plan and pageview usage synchronization from CMPly.

## Meta

 *  Version **1.0.20**
 *  Senast uppdaterat **24 timmar sedan**
 *  Aktiva installationer **Färre än 10**
 *  WordPress-version ** 5.8 eller senare **
 *  Testat upp till **7.0.1**
 *  PHP-version ** 7.4 eller senare **
 *  Språk
 * [English (US)](https://wordpress.org/plugins/cmply/)
 * Etiketter
 * [CMP](https://sv.wordpress.org/plugins/tags/cmp/)[consent](https://sv.wordpress.org/plugins/tags/consent/)
   [cookie banner](https://sv.wordpress.org/plugins/tags/cookie-banner/)[cookies](https://sv.wordpress.org/plugins/tags/cookies/)
   [GDPR](https://sv.wordpress.org/plugins/tags/gdpr/)
 *  [Avancerad vy](https://sv.wordpress.org/plugins/cmply/advanced/)

## Betyg

Än så länge har inga recensioner skickats in.

[Your review](https://wordpress.org/support/plugin/cmply/reviews/#new-post)

[Se alla recensioner](https://wordpress.org/support/plugin/cmply/reviews/)

## Bidragande personer

 *   [ cmplyapp ](https://profiles.wordpress.org/cmplyapp/)

## Support

Har du något att säga? Behöver du hjälp?

 [Visa supportforum](https://wordpress.org/support/plugin/cmply/)