[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fkszluwHGdI3hjhOjeDGkLtd_bRA7q6DW0fqo1bpjZSc":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"vulnerabilities":31,"developer":32,"crawl_stats":29,"alternatives":37,"analysis":126,"fingerprints":339},"aurora-heatmap","Aurora Heatmap","1.7.1","r3098","https:\u002F\u002Fprofiles.wordpress.org\u002Fr3098\u002F","\u003Cp>Goddess Aurora is said to give light to the user world.\u003Cbr \u002F>\nThe name “Aurora Heatmap” visualizes user behavior with a beautiful heatmap.\u003Cbr \u002F>\nBringing light to the activation and optimization of your website.\u003C\u002Fp>\n\u003Ch4>The most important thing in site management.\u003C\u002Fh4>\n\u003Cp>That is, \u003Cem>Is the user satisfied?\u003C\u002Fem>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Where do users see and move through the content?\u003C\u002Fli>\n\u003Cli>Whether the user is not confused?\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Aurora Heatmap is the \u003Cstrong>strongest tool\u003C\u002Fstrong> for visualizing it.\u003C\u002Fp>\n\u003Col>\n\u003Cli>Are you guiding users well?\u003C\u002Fli>\n\u003Cli>Conversion rate\u003C\u002Fli>\n\u003Cli>Are you missing out on prospects and readers?\u003C\u002Fli>\n\u003Cli>How is it evaluated by Google?\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>You will be able to see the points of improvement.\u003C\u002Fp>\n\u003Ch4>Plugin features\u003C\u002Fh4>\n\u003Cp>\u003Cstrong>\u003Cem>No Coding\u003C\u002Fem>\u003C\u002Fstrong>\u003Cbr \u002F>\n\u003Cstrong>\u003Cem>No Setting\u003C\u002Fem>\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>You just install and activate the plugin.\u003Cbr \u002F>\nNo troublesome user registration or setup is required.\u003Cbr \u002F>\nIt works as default in most WordPress environments.\u003Cbr \u002F>\nAnd Aurora Heatmap is \u003Cstrong>complete with just plugin\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003Cp>The free version can check the click heat map of PC and mobile, and can be used on any number of sites.\u003Cbr \u002F>\nEven if it is free, there is no limit due to the number of PV and analysis pages.\u003C\u002Fp>\n\u003Ch4>Special notes\u003C\u002Fh4>\n\u003Cp>If it does not work well when used with a cache plugin, turn off JavaScript-related optimization, or exclude jQuery and Aurora Heatmap measurement script (reporter.js) from optimization.\u003Cbr \u002F>\nFor more details, please refer to \u003Ca href=\"https:\u002F\u002Fmarket.seous.info\u002Fen\u002Faurora-heatmap#oc-1\" rel=\"nofollow ugc\">official site description page\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>Aurora Heatmap can be used with the following cache plugins.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>WP Rocket\u003C\u002Fli>\n\u003Cli>W3 Total Cache\u003C\u002Fli>\n\u003Cli>WP Super Cache\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Usage and support\u003C\u002Fh4>\n\u003Cp>More detailed usage and FAQs are provided on the \u003Ca href=\"https:\u002F\u002Fmarket.seous.info\u002Fen\u002Faurora-heatmap\" rel=\"nofollow ugc\">Aurora Heatmap official site\u003C\u002Fa>.\u003Cbr \u002F>\nIf you can’t find the answer to your question in those documents, use the WordPress.org \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Faurora-heatmap\u002F\" rel=\"ugc\">support forum\u003C\u002Fa>.\u003Cbr \u002F>\nThe premium version has priority email support.\u003C\u002Fp>\n\u003Ch4>About privacy\u003C\u002Fh4>\n\u003Cp>This plugin \u003Cstrong>does not\u003C\u002Fstrong> perform the following operations.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>User tracking\u003C\u002Fli>\n\u003Cli>Send recorded data to external server\u003C\u002Fli>\n\u003Cli>Use of cookies\u003C\u002Fli>\n\u003Cli>Record of personally identifiable data including IP address\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Aurora Heatmap Free version 90 seconds demo\u003C\u002Fh4>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002F3W17Gg_vbHg?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\n","Beautiful like an aurora! A simple WordPress heatmap that can be completed with just a plugin.",20000,357256,94,7,"2025-04-14T09:25:00.000Z","6.8.0","4.9","7.0",[20,21,22,23,24],"analytics","analyze","click","heatmap","japanese","https:\u002F\u002Fmarket.seous.info\u002Faurora-heatmap","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Faurora-heatmap.1.7.1.zip",100,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":33,"total_installs":34,"avg_security_score":27,"avg_patch_time_days":35,"trust_score":13,"computed_at":36},2,20100,30,"2026-04-04T15:12:41.296Z",[38,58,74,92,107],{"slug":39,"name":40,"version":41,"author":42,"author_profile":43,"description":44,"short_description":45,"active_installs":46,"downloaded":47,"rating":27,"num_ratings":48,"last_updated":49,"tested_up_to":50,"requires_at_least":51,"requires_php":52,"tags":53,"homepage":54,"download_link":55,"security_score":56,"vuln_count":48,"unpatched_count":28,"last_vuln_date":57,"fetched_at":30},"userheat","UserHeat Plugin","1.1.11","hayata","https:\u002F\u002Fprofiles.wordpress.org\u002Fhayata\u002F","\u003Cp>UserHeat is free heatmap analytics plugin to visualize user behavior\u003Cbr \u002F>\nboth PC and smartphone.\u003Cbr \u002F>\nIt takes just one step and 30 seconds to start analysis.\u003C\u002Fp>\n\u003Cp>The key features of the plugin are:\u003C\u002Fp>\n\u003Cp>・3 Heatmap(gaze,click,mouse track) reveals see exactly where your\u003Cbr \u002F>\nvisitors click on the page, see how much attention a specific area\u003Cbr \u002F>\ngets by thermography\u003C\u002Fp>\n\u003Cp>・Optimize forms usability to improve submission rates.\u003C\u002Fp>\n\u003Cp>・It is available not only for PC but also smartphones and tablet devices.\u003C\u002Fp>\n\u003Cp>Visit \u003Ca href=\"http:\u002F\u002Fen.userheat.com\" rel=\"nofollow ugc\">userheat\u003C\u002Fa> to learn more.\u003C\u002Fp>\n","Free heatmaps plugin for web analytics, on both PC and smartphone.",6000,35492,1,"2024-04-01T07:58:00.000Z","5.6.17","4.2","5.4",[20,21,22,23,24],"http:\u002F\u002Fuserheat.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fuserheat.1.1.11.zip",85,"2023-11-07 00:00:00",{"slug":59,"name":60,"version":61,"author":62,"author_profile":63,"description":64,"short_description":65,"active_installs":66,"downloaded":67,"rating":28,"num_ratings":28,"last_updated":68,"tested_up_to":69,"requires_at_least":70,"requires_php":70,"tags":71,"homepage":72,"download_link":73,"security_score":56,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"user-insight","User Insight WordPress Plugin","1.0.5","userlocal","https:\u002F\u002Fprofiles.wordpress.org\u002Fuserlocal\u002F","\u003Cp>説明\u003C\u002Fp>\n\u003Cp>このプラグインはWordPressのデータをアクセス解析ツールUser Insightで計測するためのプラグインです。\u003Cbr \u002F>\nデータを解析するため、このプラグインは nakanohito.jp のドメインと通信します。\u003Cbr \u002F>\n1分程度の簡単な設定でWordPressページにUser Insightのタグを設置できます。\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fui.userlocal.jp\" rel=\"nofollow ugc\">User Insightについてより詳しく見る\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Arbitrary section 1\u003C\u002Fh3>\n","ヒートマップ対応アクセス解析ツールUser InsightのWordPressプラグインです。簡単な設定ですぐにUser Insightでデータを計測できるようになります。",200,3987,"2021-11-02T09:43:00.000Z","5.8.13","",[20,21,22,23,24],"https:\u002F\u002Fui.userlocal.jp","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fuser-insight.1.0.5.zip",{"slug":75,"name":76,"version":77,"author":78,"author_profile":79,"description":80,"short_description":81,"active_installs":82,"downloaded":83,"rating":28,"num_ratings":28,"last_updated":84,"tested_up_to":69,"requires_at_least":85,"requires_php":86,"tags":87,"homepage":90,"download_link":91,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"mieruca-heatmap-tag-manager","ミエルカヒートマップ タグマネージャー","1.0.0","Faber Company Inc.","https:\u002F\u002Fprofiles.wordpress.org\u002Ffabercompany\u002F","\u003Cp>無料で使えるヒートマップツール、『ミエルカヒートマップ』のタグ設置が簡単にできるプラグインです。\u003C\u002Fp>\n\u003Ch4>ミエルカヒートマップとは？\u003C\u002Fh4>\n\u003Cp>SEO対策サービス『\u003Ca href=\"https:\u002F\u002Fmieru-ca.com\u002F\" rel=\"nofollow ugc\">ミエルカ\u003C\u002Fa>』の姉妹プロダクト。\u003Cbr \u002F>\n以下の3種類のヒートマップから、売上、SEO流入、CVR改善を見える化し、UI\u002FUX改善へのヒントをご提供します。\u003Cbr \u002F>\n    – スクロールヒートマップ: Googleアナリティクスではわからない「ページ内での離脱箇所」を可視化\u003Cbr \u002F>\n    – クリックヒートマップ: ページ内でよくクリックされている場所を可視化、コンバージョンを妨げているクリック場所がないか確認可能\u003Cbr \u002F>\n    – アテンションヒートマップ: 訪問者がどのコンテンツに注目しているかを可視化、CV改善へのヒントに活用可能\u003Cbr \u002F>\n– 複数のアクセス端末 (PC 、スマートフォン、タブレット) 毎に解析可能、レスポンシブ時代の新たな分析にご活用ください。\u003C\u002Fp>\n\u003Cp>より詳しい機能は\u003Ca href=\"https:\u002F\u002Fmieru-ca.com\u002Fheatmap\u002F\" rel=\"nofollow ugc\">ミエルカヒートマップの公式サイト\u003C\u002Fa>でご確認ください。\u003C\u002Fp>\n","無料で使えるヒートマップツール、ミエルカヒートマップのタグ設置が簡単にできるプラグインです。 This is the plugin to introduce the tag of the free heatmap service \"Mieruca Heatmap\" easily.",800,3830,"2025-10-27T13:55:00.000Z","5.0","7.3",[20,21,22,88,89],"read","scroll","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fmieruca-heatmap-tag-manager\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmieruca-heatmap-tag-manager.zip",{"slug":23,"name":93,"version":94,"author":95,"author_profile":96,"description":97,"short_description":98,"active_installs":35,"downloaded":99,"rating":28,"num_ratings":28,"last_updated":100,"tested_up_to":101,"requires_at_least":70,"requires_php":70,"tags":102,"homepage":105,"download_link":106,"security_score":56,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"Heatmap Plugin","1.3","DimitryKislichenko","https:\u002F\u002Fprofiles.wordpress.org\u002Fdimitrykislichenko\u002F","\u003Cp>This plugin will help you to analyze where people click on your site. As the result you will discover where better to place banners, how to organize navigation, where to put advertisements like AdSense and more. The heatmap of clicks can show you what works – which links people did find and click on.\u003C\u002Fp>\n\u003Cp>After you activated plugin, go to main page of your blog. If you are authenticated as administrator, at the top you will see small arrow.\u003C\u002Fp>\n","This plugin will help you to analyze where people click on your site. As the result you will discover where better to place banners, how to organize n &hellip;",11044,"2009-03-11T12:05:00.000Z","2.7.1",[103,104,23],"clickmap","clicks-analyzer","http:\u002F\u002Fwpheatmap.oufel.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fheatmap.zip",{"slug":108,"name":109,"version":110,"author":111,"author_profile":112,"description":113,"short_description":114,"active_installs":115,"downloaded":116,"rating":117,"num_ratings":33,"last_updated":118,"tested_up_to":119,"requires_at_least":120,"requires_php":70,"tags":121,"homepage":124,"download_link":125,"security_score":56,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"wp-super-heatmap","WP Super Heatmap","0.1.0","Ryan","https:\u002F\u002Fprofiles.wordpress.org\u002Frfrankel\u002F","\u003Cp>This plugin was created to give WordPress users a simple way of creating heatmaps for their website without any cost and without using third-party services.  All of the click-track data is stored locally and the heatmap is also calculated on your own server.  I tried to make the interface as simple as possible and anyone should be able to use this plugin without much trouble.\u003C\u002Fp>\n\u003Cp>Please note that this is currently an Alpha release of this plugin and please report any bugs to \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fryan-frankel\u002Fwp_super_heatmap\u002Fissues?sort=created&direction=desc&state=open\" rel=\"nofollow ugc\">our GitHub repository.\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>You can also visit this plugins \u003Ca href=\"http:\u002F\u002Fwp-super-heatmap.swampedpublishing.com\u002F\" rel=\"nofollow ugc\">homepage to leave feedback\u003C\u002Fa> and to also get more detailed information about the plugin.  If you have ideas to improve the plugin please leave your comments on that page.\u003C\u002Fp>\n","This plugin tracks user clicks and creates a heatmap for your website. All data is stored locally and no third-party service is used. Completely free!",10,7117,60,"2011-11-15T21:21:00.000Z","3.2.1","3.0",[20,122,103,123,23],"click-map","heat-map","http:\u002F\u002FURI_Of_Page_Describing_Plugin_and_Updates","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-super-heatmap.0.1.0.zip",{"attackSurface":127,"codeSignals":175,"taintFlows":281,"riskAssessment":327,"analyzedAt":338},{"hooks":128,"ajaxHandlers":159,"restRoutes":168,"shortcodes":169,"cronEvents":170,"entryPointCount":33,"unprotectedCount":33},[129,135,137,141,144,147,150,153,156],{"type":130,"name":131,"callback":132,"file":133,"line":134},"action","init","closure","aurora-heatmap.php",88,{"type":130,"name":131,"callback":132,"file":133,"line":136},136,{"type":130,"name":138,"callback":138,"file":139,"line":140},"admin_init","class-aurora-heatmap-basic.php",101,{"type":130,"name":142,"callback":142,"file":139,"line":143},"admin_menu",102,{"type":130,"name":145,"callback":145,"file":139,"line":146},"wp_enqueue_scripts",103,{"type":130,"name":148,"callback":148,"file":139,"line":149},"aurora_heatmap_cron_daily",104,{"type":130,"name":151,"callback":151,"file":139,"line":152},"wp_is_mobile",108,{"type":130,"name":154,"callback":132,"file":139,"line":155},"wp",119,{"type":130,"name":157,"callback":132,"priority":28,"file":139,"line":158},"shutdown",125,[160,165],{"action":161,"nopriv":162,"callback":163,"hasNonce":162,"hasCapCheck":162,"file":139,"line":164},"aurora_heatmap",false,"ajax_aurora_heatmap",106,{"action":161,"nopriv":166,"callback":163,"hasNonce":162,"hasCapCheck":162,"file":139,"line":167},true,107,[],[],[171,173],{"hook":148,"callback":148,"file":139,"line":172},405,{"hook":148,"callback":148,"file":139,"line":174},408,{"dangerousFunctions":176,"sqlUsage":177,"outputEscaping":224,"fileOperations":28,"externalRequests":28,"nonceChecks":48,"capabilityChecks":279,"bundledLibraries":280},[],{"prepared":178,"raw":179,"locations":180},34,20,[181,184,186,188,190,193,195,197,199,201,203,205,207,209,211,213,216,218,220,222],{"file":133,"line":182,"context":183},114,"$wpdb->query() with variable interpolation",{"file":133,"line":185,"context":183},115,{"file":133,"line":187,"context":183},116,{"file":133,"line":189,"context":183},117,{"file":139,"line":191,"context":192},279,"$wpdb->get_var() with variable interpolation",{"file":139,"line":194,"context":192},280,{"file":139,"line":196,"context":183},283,{"file":139,"line":198,"context":183},284,{"file":139,"line":200,"context":192},292,{"file":139,"line":202,"context":183},294,{"file":139,"line":204,"context":183},295,{"file":139,"line":206,"context":192},300,{"file":139,"line":208,"context":183},301,{"file":139,"line":210,"context":192},303,{"file":139,"line":212,"context":183},304,{"file":139,"line":214,"context":215},1778,"$wpdb->get_results() with variable interpolation",{"file":139,"line":217,"context":183},2103,{"file":139,"line":219,"context":183},2113,{"file":139,"line":221,"context":183},2123,{"file":139,"line":223,"context":183},2125,{"escaped":143,"rawEcho":225,"locations":226},25,[227,230,232,234,236,238,240,242,244,246,248,251,253,255,257,259,261,263,265,267,269,271,273,275,277],{"file":139,"line":228,"context":229},615,"raw output",{"file":139,"line":231,"context":229},633,{"file":139,"line":233,"context":229},697,{"file":139,"line":235,"context":229},1181,{"file":139,"line":237,"context":229},1182,{"file":139,"line":239,"context":229},1324,{"file":139,"line":241,"context":229},1330,{"file":139,"line":243,"context":229},1380,{"file":139,"line":245,"context":229},1390,{"file":139,"line":247,"context":229},1437,{"file":249,"line":250,"context":229},"class-aurora-heatmap-list.php",120,{"file":249,"line":252,"context":229},152,{"file":254,"line":179,"context":229},"templates\\ahm-email-plain.php",{"file":254,"line":256,"context":229},21,{"file":254,"line":258,"context":229},22,{"file":254,"line":260,"context":229},23,{"file":254,"line":262,"context":229},32,{"file":254,"line":264,"context":229},33,{"file":254,"line":266,"context":229},38,{"file":254,"line":268,"context":229},39,{"file":254,"line":270,"context":229},42,{"file":254,"line":272,"context":229},43,{"file":254,"line":274,"context":229},52,{"file":254,"line":276,"context":229},55,{"file":254,"line":278,"context":229},58,3,[],[282],{"entryPoint":283,"graph":284,"unsanitizedCount":28,"severity":326},"\u003Cclass-aurora-heatmap-basic> (class-aurora-heatmap-basic.php:0)",{"nodes":285,"edges":321},[286,291,297,301,306,309,314,316],{"id":287,"type":288,"label":289,"file":139,"line":290},"n0","source","$_SERVER (x5)",160,{"id":292,"type":293,"label":294,"file":139,"line":295,"wp_function":296},"n1","sink","get_var() [SQLi]",1300,"get_var",{"id":298,"type":288,"label":299,"file":139,"line":300},"n2","$_SERVER",183,{"id":302,"type":293,"label":303,"file":139,"line":304,"wp_function":305},"n3","get_row() [SQLi]",1396,"get_row",{"id":307,"type":288,"label":308,"file":139,"line":300},"n4","$_SERVER (x2)",{"id":310,"type":293,"label":311,"file":139,"line":312,"wp_function":313},"n5","query() [SQLi]",1795,"query",{"id":315,"type":288,"label":308,"file":139,"line":300},"n6",{"id":317,"type":293,"label":318,"file":139,"line":319,"wp_function":320},"n7","get_results() [SQLi]",2001,"get_results",[322,323,324,325],{"from":287,"to":292,"sanitized":166},{"from":298,"to":302,"sanitized":166},{"from":307,"to":310,"sanitized":166},{"from":315,"to":317,"sanitized":166},"low",{"summary":328,"deductions":329},"The aurora-heatmap plugin version 1.7.1 demonstrates a mixed security posture. On the positive side, it has no recorded vulnerabilities or known CVEs, and the code analysis shows no critical or high severity taint flows, indicating a generally clean codebase regarding direct code injection or path traversal. The plugin also avoids external HTTP requests and file operations, limiting potential attack vectors. However, there are significant concerns related to its attack surface, specifically two AJAX handlers that lack authentication checks. While the overall SQL query usage shows a good percentage of prepared statements, and a majority of outputs are properly escaped, the absence of nonce and capability checks on AJAX endpoints is a critical oversight. This leaves these entry points vulnerable to cross-site request forgery (CSRF) and unauthorized access, potentially allowing attackers to trigger unintended actions. The plugin's vulnerability history being empty is a positive sign, but it does not negate the present risks identified in the static analysis.",[330,332,335],{"reason":331,"points":115},"AJAX handlers without authentication checks",{"reason":333,"points":334},"AJAX handlers without nonce checks",8,{"reason":336,"points":337},"Limited capability checks on entry points",4,"2026-03-16T17:30:09.583Z",{"wat":340,"direct":349},{"assetPaths":341,"generatorPatterns":344,"scriptPaths":345,"versionParams":346},[342,343],"\u002Fwp-content\u002Fplugins\u002Faurora-heatmap\u002Fcss\u002Faurora-heatmap.css","\u002Fwp-content\u002Fplugins\u002Faurora-heatmap\u002Fjs\u002Faurora-heatmap.js",[],[343],[347,348],"aurora-heatmap\u002Fcss\u002Faurora-heatmap.css?ver=","aurora-heatmap\u002Fjs\u002Faurora-heatmap.js?ver=",{"cssClasses":350,"htmlComments":351,"htmlAttributes":352,"restEndpoints":353,"jsGlobals":354,"shortcodeOutput":355},[],[],[],[],[],[]]