Truss Consent Manager

Truss Consent Manager is a full consent management plugin for WordPress and WooCommerce. It goes beyond a simple cookie banner to actively detect, categorise, and block tracking scripts until your visitors give consent.

Core Features

• Three banner layouts — Cookie Bar (full-width), Card (corner), Floating Box (centred)
• Simple and granular consent modes — Accept All / Decline, or per-category toggles (Analytics, Marketing, Functional)
• Script Scanner — automatically detects tracking scripts on your site by scanning real frontend output. Identifies 14 known trackers including Google Analytics, Google Tag Manager, Meta Pixel, TikTok Pixel, Microsoft Clarity, Hotjar, Matomo, and more.
• Script Blocking Engine — prevents detected scripts from loading before consent is given. Rewrites script tags to type="text/plain" and re-activates them after consent.
• Google Consent Mode v2 — injects the required gtag consent default call before any Google scripts load, then updates consent signals automatically when visitors accept or decline.
• Smart toggle visibility — granular toggles only appear for categories where trackers were actually detected on your site.
• Fully customisable — banner colours, button labels, privacy policy link, cookie expiry, card position.
• Developer API — wpcm_register_script( $handle, $category ) for manual script registration.

Google Consent Mode v2 — Signal Mapping

When Google Consent Mode is enabled (default), the plugin injects a denied default state before any Google scripts load and updates the following signals based on visitor consent:

• Analytics consent → analytics_storage
• Marketing consent → ad_storage, ad_user_data, ad_personalization
• Functional consent → functionality_storage, personalization_storage

This works automatically with Google Analytics 4, Google Ads, and Google Tag Manager.

Privacy-first design

Consent is stored in a first-party browser cookie (wpcm_consent). No consent data is sent to any external server by this plugin. The Script Blocking Engine runs entirely server-side and client-side — no cloud dependency.

External Services

This plugin integrates with the following external services when Google Consent Mode v2 is enabled:

Google Consent Mode / Google Tag Manager / Google Analytics
When Google Consent Mode is enabled (Settings → Advanced → Google Consent Mode v2), this plugin injects JavaScript that communicates with Google’s dataLayer and gtag() API. This sends consent signals to Google when a visitor interacts with the consent banner.

• What is sent: consent grant/deny signals (no personal data, no IP address, no identifiers)
• When it is sent: when a visitor accepts, declines, or saves preferences; and on every page load for return visitors (to re-apply stored consent)
• Google Privacy Policy: https://policies.google.com/privacy
• Google Terms of Service: https://policies.google.com/terms

If you disable Google Consent Mode in the plugin settings, no data is sent to Google by this plugin (though your own Google Analytics / GTM setup may still send data independently).