[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fRA8aaPJM5-K2rTQypxfY93HmQPPRoNYVNzcqgPBJrTE":3,"$f_al4yIL1aeGnbrUk6b-Y-F_R_1tP8UnNP5OPpepd1BY":252,"$fCHYW-nVRq9Kpg0B3x4w1eWcoGwHD38WYVZGZCvVy-jU":257},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":16,"tags":17,"homepage":20,"download_link":21,"security_score":22,"vuln_count":13,"unpatched_count":13,"last_vuln_date":23,"fetched_at":24,"discovery_status":25,"vulnerabilities":26,"developer":27,"crawl_stats":23,"alternatives":32,"analysis":134,"fingerprints":234},"heatmap","Heatmap Plugin","1.3","DimitryKislichenko","https:\u002F\u002Fprofiles.wordpress.org\u002Fdimitrykislichenko\u002F","\u003Cp>This plugin will help you to analyze where people click on your site. As the result you will discover where better to place banners, how to organize navigation, where to put advertisements like AdSense and more. The heatmap of clicks can show you what works – which links people did find and click on.\u003C\u002Fp>\n\u003Cp>After you activated plugin, go to main page of your blog. If you are authenticated as administrator, at the top you will see small arrow.\u003C\u002Fp>\n","This plugin will help you to analyze where people click on your site. As the result you will discover where better to place banners, how to organize n &hellip;",30,11100,0,"2009-03-11T12:05:00.000Z","2.7.1","",[18,19,4],"clickmap","clicks-analyzer","http:\u002F\u002Fwpheatmap.oufel.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fheatmap.zip",85,null,"2026-04-16T10:56:18.058Z","no_bundle",[],{"slug":28,"display_name":7,"profile_url":8,"plugin_count":29,"total_installs":11,"avg_security_score":22,"avg_patch_time_days":11,"trust_score":30,"computed_at":31},"dimitrykislichenko",1,84,"2026-05-19T16:22:27.064Z",[33,54,70,91,114],{"slug":34,"name":35,"version":36,"author":37,"author_profile":38,"description":39,"short_description":40,"active_installs":41,"downloaded":42,"rating":43,"num_ratings":44,"last_updated":45,"tested_up_to":46,"requires_at_least":47,"requires_php":16,"tags":48,"homepage":52,"download_link":53,"security_score":22,"vuln_count":13,"unpatched_count":13,"last_vuln_date":23,"fetched_at":24},"wp-super-heatmap","WP Super Heatmap","0.1.0","Ryan","https:\u002F\u002Fprofiles.wordpress.org\u002Frfrankel\u002F","\u003Cp>This plugin was created to give WordPress users a simple way of creating heatmaps for their website without any cost and without using third-party services.  All of the click-track data is stored locally and the heatmap is also calculated on your own server.  I tried to make the interface as simple as possible and anyone should be able to use this plugin without much trouble.\u003C\u002Fp>\n\u003Cp>Please note that this is currently an Alpha release of this plugin and please report any bugs to \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fryan-frankel\u002Fwp_super_heatmap\u002Fissues?sort=created&direction=desc&state=open\" rel=\"nofollow ugc\">our GitHub repository.\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>You can also visit this plugins \u003Ca href=\"http:\u002F\u002Fwp-super-heatmap.swampedpublishing.com\u002F\" rel=\"nofollow ugc\">homepage to leave feedback\u003C\u002Fa> and to also get more detailed information about the plugin.  If you have ideas to improve the plugin please leave your comments on that page.\u003C\u002Fp>\n","This plugin tracks user clicks and creates a heatmap for your website. All data is stored locally and no third-party service is used. Completely free!",10,7161,60,2,"2011-11-15T21:21:00.000Z","3.2.1","3.0",[49,50,18,51,4],"analytics","click-map","heat-map","http:\u002F\u002FURI_Of_Page_Describing_Plugin_and_Updates","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-super-heatmap.0.1.0.zip",{"slug":55,"name":56,"version":57,"author":58,"author_profile":59,"description":60,"short_description":61,"active_installs":13,"downloaded":62,"rating":13,"num_ratings":13,"last_updated":63,"tested_up_to":64,"requires_at_least":65,"requires_php":66,"tags":67,"homepage":16,"download_link":68,"security_score":22,"vuln_count":13,"unpatched_count":13,"last_vuln_date":23,"fetched_at":69},"wp-light-heatmap","WP Light Heatmap","1.0.0","wplightheatmap","https:\u002F\u002Fprofiles.wordpress.org\u002Fwplightheatmap\u002F","\u003Cp>This plugin allows you to create a heatmap based on mouse clicks and cursor movements. By default, positions of the cursor in the work area (e.g. main page of the blog, any post, categories, tags, etc.) will be saved per some interval in seconds (5 seconds by default) for every user that will visit your homepage.\u003C\u002Fp>\n\u003Cp>Also, you can add click tracking and the position of every mouse click will be saved too. All the saved coordinates will be saved in the database and can be rendered by admins at any time with the “Display Heatmap” button on the main page.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Major features of the plugin\u003C\u002Fstrong>\u003Cbr \u002F>\n– Automatically saves the position of the cursor per some time interval for every user\u003Cbr \u002F>\n– Immediately saves click positions on any page\u003Cbr \u002F>\n– Allows to set own position-save interval\u003Cbr \u002F>\n– Saves everything in your own WP database. No 3rd party services involved!\u003C\u002Fp>\n","This plugin allows you to create a heatmap based on mouse clicks and cursor movements.",3107,"2020-03-03T03:23:00.000Z","5.3.21","3.0.1","5.6",[49,50,18,51,4],"https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-light-heatmap.1.0.zip","2026-04-06T09:54:40.288Z",{"slug":71,"name":72,"version":73,"author":72,"author_profile":74,"description":75,"short_description":76,"active_installs":77,"downloaded":78,"rating":79,"num_ratings":80,"last_updated":81,"tested_up_to":82,"requires_at_least":83,"requires_php":16,"tags":84,"homepage":16,"download_link":89,"security_score":22,"vuln_count":29,"unpatched_count":13,"last_vuln_date":90,"fetched_at":24},"hotjar","Hotjar","1.0.16","https:\u002F\u002Fprofiles.wordpress.org\u002Fhotjar\u002F","\u003Cp>Hotjar helps you to connect the dots between what your users do and why—so you can confidently create and optimize user experiences that convert. See what your users see, ask how they feel, and connect 1:1, all from one powerful and intuitive platform.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Hotjar Observe:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Visualize user behavior\u003C\u002Fstrong> – Heatmaps visually represent where users click, move, and scroll on your site. With this context, you’ll be inspired with simple ways to improve your site.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Put yourself in their shoes\u003C\u002Fstrong> – Watch recordings of real user behavior on your site. See visitors’ clicks, mouse movements, u-turns, and rage clicks. Learn what frustrates users and resolve issues early.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Measure conversions and learn why users drop off\u003C\u002Fstrong> – Visualize your conversion flows with Funnels, and understand where your users are getting stuck by zooming into relevant recordings.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Explore and understand your metrics\u003C\u002Fstrong> – Trends connects the dots between numbers and user behavior insights so you can visualize your most important metrics and find the recordings and heatmaps of the underlying user behavior with a single click.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Hotjar Ask:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Hear from your users\u003C\u002Fstrong> –  Surveys bring voice-of-customer to your decision-making. Gathering evidence for a landing page or feature? Use a targeted Survey to validate your ideas and better understand your users.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Get feedback with context\u003C\u002Fstrong> – A real-time suggestion box on your site, Feedback lets users express frustration or delight about individual parts of your site, right down to the page, form, or image they’re looking at.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Hotjar Engage:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Connect with users\u003C\u002Fstrong> – Automate the recruitment, scheduling, and hosting of moderated user interviews, and focus on what matters the most—connecting with users.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Hotjar Platform:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Stay on top of your user metrics\u003C\u002Fstrong> – Use your Dashboard to get a high-level view of user data and spot issues before they become serious, identify trends, and find deeper insights.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Integrate Hotjar with the tools you love\u003C\u002Fstrong> – Connect Hotjar with thousands of popular apps, so you can automate your work and have more time for what matters most—no code required.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>This plugin provides a simple installation of Hotjar on your WordPress site. \u003Ca href=\"https:\u002F\u002Finsights.hotjar.com\u002Fregister?utm_source=wordpress&utm_medium=plugin\" rel=\"nofollow ugc\">Sign-up for your free trial today\u003C\u002Fa>!\u003C\u002Fp>\n","The fast & visual way to understand your users.",70000,1087230,58,18,"2023-10-25T07:52:00.000Z","6.0.11","4.6",[85,71,86,87,88],"heatmaps","insights","recordings","visual","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fhotjar.1.0.16.zip","2023-10-05 00:00:00",{"slug":92,"name":93,"version":94,"author":95,"author_profile":96,"description":97,"short_description":98,"active_installs":99,"downloaded":100,"rating":101,"num_ratings":102,"last_updated":103,"tested_up_to":104,"requires_at_least":105,"requires_php":106,"tags":107,"homepage":111,"download_link":112,"security_score":113,"vuln_count":13,"unpatched_count":13,"last_vuln_date":23,"fetched_at":24},"aurora-heatmap","Aurora Heatmap","1.7.1","r3098","https:\u002F\u002Fprofiles.wordpress.org\u002Fr3098\u002F","\u003Cp>Goddess Aurora is said to give light to the user world.\u003Cbr \u002F>\nThe name “Aurora Heatmap” visualizes user behavior with a beautiful heatmap.\u003Cbr \u002F>\nBringing light to the activation and optimization of your website.\u003C\u002Fp>\n\u003Ch4>The most important thing in site management.\u003C\u002Fh4>\n\u003Cp>That is, \u003Cem>Is the user satisfied?\u003C\u002Fem>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Where do users see and move through the content?\u003C\u002Fli>\n\u003Cli>Whether the user is not confused?\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Aurora Heatmap is the \u003Cstrong>strongest tool\u003C\u002Fstrong> for visualizing it.\u003C\u002Fp>\n\u003Col>\n\u003Cli>Are you guiding users well?\u003C\u002Fli>\n\u003Cli>Conversion rate\u003C\u002Fli>\n\u003Cli>Are you missing out on prospects and readers?\u003C\u002Fli>\n\u003Cli>How is it evaluated by Google?\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>You will be able to see the points of improvement.\u003C\u002Fp>\n\u003Ch4>Plugin features\u003C\u002Fh4>\n\u003Cp>\u003Cstrong>\u003Cem>No Coding\u003C\u002Fem>\u003C\u002Fstrong>\u003Cbr \u002F>\n\u003Cstrong>\u003Cem>No Setting\u003C\u002Fem>\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>You just install and activate the plugin.\u003Cbr \u002F>\nNo troublesome user registration or setup is required.\u003Cbr \u002F>\nIt works as default in most WordPress environments.\u003Cbr \u002F>\nAnd Aurora Heatmap is \u003Cstrong>complete with just plugin\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003Cp>The free version can check the click heat map of PC and mobile, and can be used on any number of sites.\u003Cbr \u002F>\nEven if it is free, there is no limit due to the number of PV and analysis pages.\u003C\u002Fp>\n\u003Ch4>Special notes\u003C\u002Fh4>\n\u003Cp>If it does not work well when used with a cache plugin, turn off JavaScript-related optimization, or exclude jQuery and Aurora Heatmap measurement script (reporter.js) from optimization.\u003Cbr \u002F>\nFor more details, please refer to \u003Ca href=\"https:\u002F\u002Fmarket.seous.info\u002Fen\u002Faurora-heatmap#oc-1\" rel=\"nofollow ugc\">official site description page\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>Aurora Heatmap can be used with the following cache plugins.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>WP Rocket\u003C\u002Fli>\n\u003Cli>W3 Total Cache\u003C\u002Fli>\n\u003Cli>WP Super Cache\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Usage and support\u003C\u002Fh4>\n\u003Cp>More detailed usage and FAQs are provided on the \u003Ca href=\"https:\u002F\u002Fmarket.seous.info\u002Fen\u002Faurora-heatmap\" rel=\"nofollow ugc\">Aurora Heatmap official site\u003C\u002Fa>.\u003Cbr \u002F>\nIf you can’t find the answer to your question in those documents, use the WordPress.org \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Faurora-heatmap\u002F\" rel=\"ugc\">support forum\u003C\u002Fa>.\u003Cbr \u002F>\nThe premium version has priority email support.\u003C\u002Fp>\n\u003Ch4>About privacy\u003C\u002Fh4>\n\u003Cp>This plugin \u003Cstrong>does not\u003C\u002Fstrong> perform the following operations.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>User tracking\u003C\u002Fli>\n\u003Cli>Send recorded data to external server\u003C\u002Fli>\n\u003Cli>Use of cookies\u003C\u002Fli>\n\u003Cli>Record of personally identifiable data including IP address\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Aurora Heatmap Free version 90 seconds demo\u003C\u002Fh4>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002F3W17Gg_vbHg?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\n","Beautiful like an aurora! A simple WordPress heatmap that can be completed with just a plugin.",20000,358155,94,7,"2025-04-14T09:25:00.000Z","6.8.0","4.9","7.0",[49,108,109,4,110],"analyze","click","japanese","https:\u002F\u002Fmarket.seous.info\u002Faurora-heatmap","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Faurora-heatmap.1.7.1.zip",92,{"slug":115,"name":116,"version":117,"author":118,"author_profile":119,"description":120,"short_description":121,"active_installs":122,"downloaded":123,"rating":124,"num_ratings":125,"last_updated":126,"tested_up_to":127,"requires_at_least":128,"requires_php":16,"tags":129,"homepage":132,"download_link":133,"security_score":22,"vuln_count":13,"unpatched_count":13,"last_vuln_date":23,"fetched_at":24},"mouseflow-for-wordpress","Mouseflow for WordPress","5.1.3","mouseflow","https:\u002F\u002Fprofiles.wordpress.org\u002Fmouseflow\u002F","\u003Cp>With Mouseflow for WordPress you can access everything Mouseflow has to offer – directly from your WordPress dashboard! Learn more about your visitors by analyzing heatmaps and recordings of user sessions, including mouse movements, clicks, scroll events and more. The plugin makes it quick and easy to install Mouseflow on your WordPress-site.\u003C\u002Fp>\n","Mouseflow gives you free and easy-to-use conversion and user experience analytics for your website. Analyze conversion funnels, heatmaps and even sess &hellip;",7000,89360,76,6,"2023-09-26T07:43:00.000Z","6.3.8","4.5.0",[49,85,118,130,131],"user-behaviour","ux","https:\u002F\u002Fmouseflow.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmouseflow-for-wordpress.zip",{"attackSurface":135,"codeSignals":151,"taintFlows":174,"riskAssessment":218,"analyzedAt":233},{"hooks":136,"ajaxHandlers":147,"restRoutes":148,"shortcodes":149,"cronEvents":150,"entryPointCount":13,"unprotectedCount":13},[137,143],{"type":138,"name":139,"callback":140,"priority":29,"file":141,"line":142},"action","wp_head","heatmap_set_wpurl","heatmap.php",80,{"type":138,"name":144,"callback":145,"file":141,"line":146},"init","heatmap_init",81,[],[],[],[],{"dangerousFunctions":152,"sqlUsage":153,"outputEscaping":162,"fileOperations":29,"externalRequests":13,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":173},[],{"prepared":13,"raw":44,"locations":154},[155,158],{"file":141,"line":156,"context":157},51,"$wpdb->get_var() with variable interpolation",{"file":159,"line":160,"context":161},"loger.php",31,"$wpdb->query() with variable interpolation",{"escaped":13,"rawEcho":163,"locations":164},3,[165,168,171],{"file":141,"line":166,"context":167},71,"raw output",{"file":169,"line":170,"context":167},"view.php",90,{"file":169,"line":172,"context":167},98,[],[175,193],{"entryPoint":176,"graph":177,"unsanitizedCount":29,"severity":192},"\u003Cview> (view.php:0)",{"nodes":178,"edges":189},[179,184],{"id":180,"type":181,"label":182,"file":169,"line":183},"n0","source","$_SERVER",88,{"id":185,"type":186,"label":187,"file":169,"line":170,"wp_function":188},"n1","sink","echo() [XSS]","echo",[190],{"from":180,"to":185,"sanitized":191},false,"low",{"entryPoint":194,"graph":195,"unsanitizedCount":44,"severity":217},"\u003Cloger> (loger.php:0)",{"nodes":196,"edges":213},[197,200,203,207,211],{"id":180,"type":181,"label":198,"file":159,"line":199},"$_SERVER['HTTP_REFERER']",33,{"id":185,"type":186,"label":201,"file":159,"line":160,"wp_function":202},"query() [SQLi]","query",{"id":204,"type":181,"label":205,"file":159,"line":206},"n2","$_GET['x']",46,{"id":208,"type":209,"label":210,"file":159,"line":206},"n3","transform","→ heatmap_log_click()",{"id":212,"type":186,"label":201,"file":159,"line":160,"wp_function":202},"n4",[214,215,216],{"from":180,"to":185,"sanitized":191},{"from":204,"to":208,"sanitized":191},{"from":208,"to":212,"sanitized":191},"high",{"summary":219,"deductions":220},"The \"heatmap\" plugin v1.3 exhibits a mixed security posture. While it presents a very small attack surface with zero identified entry points and no recorded vulnerability history, the static analysis reveals significant coding concerns. Specifically, the plugin fails to utilize prepared statements for all its SQL queries and none of its output is properly escaped, indicating a high risk of SQL injection and cross-site scripting (XSS) vulnerabilities. The taint analysis further highlights a critical issue with a high-severity flow that involves unsanitized paths, which could be a pathway for attacks if it interacts with sensitive operations. The absence of nonce and capability checks also means that even the limited entry points could potentially be exploited without proper authorization or integrity validation.",[221,223,226,228,231],{"reason":222,"points":41},"Raw SQL without prepared statements",{"reason":224,"points":225},"No output escaping",8,{"reason":227,"points":41},"High severity taint flow",{"reason":229,"points":230},"No nonce checks",5,{"reason":232,"points":230},"No capability checks","2026-03-16T22:33:22.244Z",{"wat":235,"direct":244},{"assetPaths":236,"generatorPatterns":241,"scriptPaths":242,"versionParams":243},[237,238,239,240],"\u002Fwp-content\u002Fplugins\u002Fheatmap\u002Fview.css","\u002Fwp-content\u002Fplugins\u002Fheatmap\u002Fjs\u002Fjcalendar.js","\u002Fwp-content\u002Fplugins\u002Fheatmap\u002Fjs\u002Fview.js","\u002Fwp-content\u002Fplugins\u002Fheatmap\u002Fjs\u002Floger.js",[],[238,239,240],[],{"cssClasses":245,"htmlComments":246,"htmlAttributes":247,"restEndpoints":248,"jsGlobals":249,"shortcodeOutput":251},[],[],[],[],[250],"WPURL",[],{"error":253,"url":254,"statusCode":255,"statusMessage":256,"message":256},true,"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Fheatmap\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":13,"versions":258},[]]