[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fALuMDMlhQERR5UpKmt7aIsJRAS3yIZfufPZAcTdTYww":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":24,"download_link":25,"security_score":26,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29,"vulnerabilities":30,"developer":45,"crawl_stats":36,"alternatives":52,"analysis":145,"fingerprints":336},"interview","Interview","1.01","proxymis","https:\u002F\u002Fprofiles.wordpress.org\u002Fproxymis\u002F","\u003Cp>Interview is an easy way to create webcam interviews. You create a new interview, add questions and push that interviews to users through email invitation.\u003Cbr \u002F>\nUsers will answer that interview through webcam \u002F video and\u002For with text. Once interview is finished, you receive an email notification and can integrate that interview with 1 button click into a new post.\u003Cbr \u002F>\nInterview is a quick way to create original content for your website.\u003Cbr \u002F>\nThis plugin is suitable for job interviews or to quickly create and generate fresh content for your website.\u003C\u002Fp>\n\u003Ch3>Questions\u003C\u002Fh3>\n\u003Cp>Feel free to contact us at contact@proxymis.com for further help\u003C\u002Fp>\n","Interview plugin allows to create a webcam recorded interview width questions\u002Fanswers, send it to applicants and quickly publish these interviews into &hellip;",30,1393,100,2,"2024-05-22T09:09:00.000Z","6.5.8","4.5","",[20,21,22,23],"interviews","post-guest","record","screen-recorder","https:\u002F\u002Fwww.interviewform.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Finterview.zip",70,1,"2025-05-16 00:00:00","2026-03-15T15:16:48.613Z",[31],{"id":32,"url_slug":33,"title":34,"description":35,"plugin_slug":4,"theme_slug":36,"affected_versions":37,"patched_in_version":36,"severity":38,"cvss_score":39,"cvss_vector":40,"vuln_type":41,"published_date":28,"updated_date":42,"references":43,"days_to_patch":36},"CVE-2025-48137","interview-authenticated-contributor-sql-injection","Interview \u003C= 1.01 - Authenticated (Contributor+) SQL Injection","The Interview plugin for WordPress is vulnerable to SQL Injection in versions up to, and including, 1.01 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query.  This makes it possible for authenticated attackers, with contributor-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.",null,"\u003C=1.01","medium",6.5,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:N\u002FS:U\u002FC:H\u002FI:N\u002FA:N","Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')","2025-05-21 21:12:51",[44],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fada2e0f5-1214-4356-944c-655c5561e97e?source=api-prod",{"slug":7,"display_name":7,"profile_url":8,"plugin_count":46,"total_installs":47,"avg_security_score":48,"avg_patch_time_days":49,"trust_score":50,"computed_at":51},5,150,89,359,71,"2026-04-04T06:57:04.022Z",[53,76,95,113,126],{"slug":54,"name":55,"version":56,"author":57,"author_profile":58,"description":59,"short_description":60,"active_installs":61,"downloaded":62,"rating":13,"num_ratings":63,"last_updated":64,"tested_up_to":65,"requires_at_least":66,"requires_php":67,"tags":68,"homepage":73,"download_link":74,"security_score":13,"vuln_count":75,"unpatched_count":75,"last_vuln_date":36,"fetched_at":29},"analyticator","Analyticator","3.0.0","Marcello Ruoppolo","https:\u002F\u002Fprofiles.wordpress.org\u002Fmarcelloruoppolome\u002F","\u003Cp>Analyticator simplifies the integration of analysis tools into your WordPress site. Forget about manually editing theme files; simply enter your IDs and the plugin handles the secure and optimized injection of tracking scripts.\u003C\u002Fp>\n\u003Cp>Features included:\u003Cbr \u002F>\n* Native support for Google Analytics 4 (GA4).\u003Cbr \u002F>\n* Full integration with Google Tag Manager (GTM).\u003Cbr \u002F>\n* Behavior monitoring with Hotjar.\u003Cbr \u002F>\n* Script injection following performance best practices (wp_enqueue_scripts).\u003C\u002Fp>\n","Simple GA4, GTM, and Hotjar integration. Securely inject tracking scripts into your WordPress site without editing any code.",80,7437,4,"2026-02-20T20:06:00.000Z","6.9.4","4.6","5.6",[69,70,71,23,72],"google-analytics","google-tag-manager","hotjar","visit-statistics","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fanalyticator\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fanalyticator.3.0.1.zip",0,{"slug":77,"name":78,"version":79,"author":78,"author_profile":80,"description":81,"short_description":78,"active_installs":82,"downloaded":83,"rating":13,"num_ratings":27,"last_updated":84,"tested_up_to":85,"requires_at_least":86,"requires_php":67,"tags":87,"homepage":92,"download_link":93,"security_score":94,"vuln_count":75,"unpatched_count":75,"last_vuln_date":36,"fetched_at":29},"calipio-screen-recorder","Calipio Screen Recorder","1.0.0","https:\u002F\u002Fprofiles.wordpress.org\u002Fcalipioscreenrecorder\u002F","\u003Cp>\u003Cstrong>Calipio Screen Recorder\u003C\u002Fstrong>\u003Cbr \u002F>\nInclude an instant Screen Recording Option on your webpage. Without registration, just in the user’s browser, on all platforms\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Calipio Online Screen Recorder features:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Enable users to record their screen\u003C\u002Fli>\n\u003Cli>Let them add their webcam\u003C\u002Fli>\n\u003Cli>Let them add their mic\u003C\u002Fli>\n\u003Cli>Works in all browsers\u003C\u002Fli>\n\u003Cli>Works on all platforms\u003C\u002Fli>\n\u003Cli>Stores all recordings in your Calipio cloud library\u003C\u002Fli>\n\u003Cli>End to end encrypted recordings\u003C\u002Fli>\n\u003Cli>Great for all kinds of user feedback\u003C\u002Fli>\n\u003Cli>Perfect for support actions where you enable your users to show what they want to tell you\u003C\u002Fli>\n\u003Cli>Can be used as a sales tool\u003C\u002Fli>\n\u003Cli>Avoids lengthy written feedback – saves a ton of time on all ends \u003C\u002Fli>\n\u003Cli>Highly useful for product reviews as well\u003C\u002Fli>\n\u003Cli>Enables people with disabilities to communicate with you without any effort\u003C\u002Fli>\n\u003Cli>Extremely quick and easy integration and set up in your WordPress page\u003C\u002Fli>\n\u003Cli>Free account option available, storage up to 20 minutes of recordings\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>The Calipio Online Screen Recorder is a powerful and easy WordPress plugin that boosts your webpage to a completely new level.\u003C\u002Fp>\n\u003Cp>It adds a tremendous touch of professionalism and versatility to a huge variety of websites.\u003C\u002Fp>\n\u003Cp>By adding this new form of communication you enter a new world of customer engagement and involvement.\u003C\u002Fp>\n\u003Cp>Communicate with your customers quicker, more efficient and circumvent complicated misunderstandings due to a maximized concentration on what is really important:\u003Cbr \u002F>\nRather than awkwardly explaining in writing, let your customers show, tell and explain what their feedback is about.\u003C\u002Fp>\n\u003Cp>If we make a short step back and have an in depth look into what communication with customers or colleagues is all about we quickly come to the conclusion that it is mostly about what your customers have experienced, noticed or perceived with your products, with your services or with whatever you represent.\u003C\u002Fp>\n\u003Cp>So it is about a certain gained knowledge or feeling. Truly an emotional experience in whatever way for sure. Feedback is something in your mind and you can easily tell and show it to somebody.\u003C\u002Fp>\n\u003Cp>So why try to squeeze such feedback in a text field where one end will struggle to bring these emotions, feelings and experiences into words and then decipher it again on your side of the communication.\u003C\u002Fp>\n\u003Cp>Why not leave all these great ideas or answers in the form which they already are in your mind: In sentences, in actions, in showing or demonstrating something.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>How to use the plugin\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>The next thing you have to do is create a recorder token in your Calipio account which you will need for each Online Screen Recorder implementation in your WordPress page.\u003C\u002Fp>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002Fn-6syS0Gxx8?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Col>\n\u003Cli>Go to \u003Ca href=\"https:\u002F\u002Fcalipio.com\u002Fapp\u002Flibrary\" rel=\"nofollow ugc\">calipio.com\u003C\u002Fa> and log in to your account\u003C\u002Fli>\n\u003Cli>Choose the library and folder where you want the recordings from this implementation to be stored\u003C\u002Fli>\n\u003Cli>Click the 3 dot menu next to you library\u002Ffolder name\u003C\u002Fli>\n\u003Cli>Select “Recorder Tokens”\u003C\u002Fli>\n\u003Cli>Then select “Create new”\u003C\u002Fli>\n\u003Cli>Assign a name for that token to identify it properly\u003C\u002Fli>\n\u003Cli>Click on the token’s 3 dot menu and select “copy to clipboard”\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>Activation on page:\u003C\u002Fp>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FBAGOqpIdiUc?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Col>\n\u003Cli>In your WordPress admin panel select “Calipio” from the left menu\u003C\u002Fli>\n\u003Cli>Click on “Add recorder button”\u003C\u002Fli>\n\u003Cli>Assign a name for that recorder implementation\u003C\u002Fli>\n\u003Cli>Insert the token from your clipboard in the corresponding field\u003C\u002Fli>\n\u003Cli>Choose what you want as default for that recorder implementation\u003C\u002Fli>\n\u003Cli>Click “Publish” on the right hand side \u003C\u002Fli>\n\u003Cli>Mark and copy the code section\u003C\u002Fli>\n\u003Cli>Select “Pages” in the WordPress menu on the left\u003C\u002Fli>\n\u003Cli>Select Edit for the desired page\u003C\u002Fli>\n\u003Cli>Copy the code from above in a text section on that page\u003C\u002Fli>\n\u003Cli>Click publish and then preview\u003C\u002Fli>\n\u003Cli>Congratulations, you have just added an Online Screen Recorder function to your WordPress page\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>\u003Cstrong>Shortcode\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cpre>\u003Ccode>[calipio-record id=\"xxx\"]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>\u003Cstrong>Support\u003C\u002Fstrong>\u003Cbr \u002F>\nPlease contact our support team \u003Ca href=\"https:\u002F\u002Fcalipio.com\u002Fcustomer-support\u002F\" rel=\"nofollow ugc\">calipio.com\u002Fcustomer-support\u002F\u003C\u002Fa>\u003C\u002Fp>\n",10,3860,"2022-03-28T05:38:00.000Z","5.9.13","5.0",[88,89,23,90,91],"recorder","reviews","testimonials","video","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fcalipio-screen-recorder\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcalipio-screen-recorder.1.0.0.zip",85,{"slug":96,"name":97,"version":98,"author":99,"author_profile":100,"description":101,"short_description":102,"active_installs":82,"downloaded":103,"rating":75,"num_ratings":75,"last_updated":104,"tested_up_to":105,"requires_at_least":106,"requires_php":18,"tags":107,"homepage":111,"download_link":112,"security_score":13,"vuln_count":75,"unpatched_count":75,"last_vuln_date":36,"fetched_at":29},"pipe-audio-video-and-screen-recorder","Pipe Audio Video and Screen Recorder","1.0.7","addpipe","https:\u002F\u002Fprofiles.wordpress.org\u002Faddpipe\u002F","\u003Cp>The Pipe Audio Video and Screen Recorder plugin simplifies the integration between the \u003Ca href=\"https:\u002F\u002Faddpipe.com\" rel=\"nofollow ugc\">Pipe Platform\u003C\u002Fa> and WordPress. To use it, you need an account or subscription with https:\u002F\u002Faddpipe.com.\u003C\u002Fp>\n\u003Ch3>Use cases:\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>Capture user-generated video, audio, or screen + camera content\u003C\u002Fstrong> including recorded feedback, messages, and testimonials straight from your WordPress posts or pages.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Safely accept recorded resumes for e-recruiting\u003C\u002Fstrong> from any post\u002Fpage on your website – the easiest way for online recruiters to collect recorded resumes.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Transform your blog into a VLOG\u003C\u002Fstrong> using our web-based recorder. Create and review your recordings and post only those takes where you nailed it.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Save time and money\u003C\u002Fstrong>. Since there’s no need for custom development, you can get started right away, and everything happens automatically behind the scenes.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Review and download recordings\u003C\u002Fstrong> straight from your WordPress backend.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Embed recordings\u003C\u002Fstrong> on any page or blog post.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Add crowdsourced recordings to your website\u003C\u002Fstrong> and skyrocket your user engagement.\u003C\u002Fp>\n\u003Ch3>Features:\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Record from desktop and mobile devices – The Pipe recording clients ensure your website users can record, no matter their device or browser;\u003C\u002Fli>\n\u003Cli>Record video, audio only or the screen + camera;\u003C\u002Fli>\n\u003Cli>Up to 4k HD Video – the Pipe Platform can record and properly manage videos up to 4k in resolution;\u003C\u002Fli>\n\u003Cli>Play everywhere – different devices record to different video file formats, including .mov, .mp4, and .3gp. We ensure the final video is a proper .mp4 file that can be played on any device;\u003C\u002Fli>\n\u003Cli>Manage recordings from both your WordPress backend and the Pipe account dashboard;\u003C\u002Fli>\n\u003Cli>Bandwidth independent – Pipe’s client-side and server-side buffering makes it possible to generate high-quality recordings over slow or unstable connections like 3G, 4G, and public Wi-Fi;\u003C\u002Fli>\n\u003Cli>Snapshots are automatically created for each recording;\u003C\u002Fli>\n\u003Cli>Works with any WordPress template;\u003C\u002Fli>\n\u003Cli>Works with Elementor.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>A note on audio & video file formats:\u003C\u002Fh3>\n\u003Cp>The \u003Ca href=\"https:\u002F\u002Faddpipe.com\" rel=\"nofollow ugc\">Pipe platform\u003C\u002Fa> handles the video recording and playback process for both the web and mobile. It ensures that all the different audio & video formats are converted to .mp4 for ease of delivery and provides secure complimentary storage and delivery.\u003C\u002Fp>\n\u003Ch3>External Services\u003C\u002Fh3>\n\u003Cp>This plugin relies on the Pipe Platform (https:\u002F\u002Faddpipe.com) to provide video, audio, and screen recording functionalities. To use it, you need an account or subscription with https:\u002F\u002Faddpipe.com. The following external files are loaded directly from Pipe’s CDN:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>pipe.min.js\u003C\u002Fstrong> (https:\u002F\u002Fcdn.addpipe.com\u002F2.0\u002Fpipe.min.js) – Required for recording functionality.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>pipe.css\u003C\u002Fstrong> (https:\u002F\u002Fcdn.addpipe.com\u002F2.0\u002Fpipe.css) – Required for styling the recording client.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Data Transmission:\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>When using the plugin, recorded media is sent to the Pipe Platform servers for processing and storage.\u003C\u002Fli>\n\u003Cli>Users can configure their Pipe account to store recorded media on external storage services like Amazon S3, Dropbox, or their own servers.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Privacy & Terms:\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Privacy Policy:\u003C\u002Fstrong> \u003Ca href=\"https:\u002F\u002Faddpipe.com\u002F03.03.2022_Privacy-PolicyEN_final.pdf\" rel=\"nofollow ugc\">Pipe Privacy Policy\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Terms of Service:\u003C\u002Fstrong> \u003Ca href=\"https:\u002F\u002Faddpipe.com\u002Fterms\" rel=\"nofollow ugc\">Pipe Terms of Use\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n","This plugin simplifies the integration between the Pipe Platform and WordPress. It lets your website users and visitors record audio, video, and scree &hellip;",591,"2025-09-22T07:17:00.000Z","6.8.5","4.9",[108,23,91,109,110],"audio-recorder","video-recorder","webcam","https:\u002F\u002Faddpipe.com\u002Fdocs\u002Fplugins\u002Fwordpress-plugin\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpipe-audio-video-and-screen-recorder.1.0.7.zip",{"slug":114,"name":115,"version":116,"author":7,"author_profile":8,"description":117,"short_description":118,"active_installs":82,"downloaded":119,"rating":75,"num_ratings":75,"last_updated":120,"tested_up_to":121,"requires_at_least":17,"requires_php":18,"tags":122,"homepage":124,"download_link":125,"security_score":94,"vuln_count":75,"unpatched_count":75,"last_vuln_date":36,"fetched_at":29},"record-screen","Screen Recorder","1.03","\u003Cp>Screen Recorder is an easy way to find out what users behave on your blog. This can be useful to discover what posts and pages they visit and how they behave on these posts.\u003Cbr \u002F>\nYou can playback all actions user do on your site. Very useful to know what errors they make, discover their habits, record their illegal activity on your site.\u003C\u002Fp>\n\u003Ch3>Questions\u003C\u002Fh3>\n\u003Cp>Feel free to contact us at contact@proxymis.com for further help\u003C\u002Fp>\n","Screen Recorder allows to record and play back user activity on your blog.",1812,"2021-06-06T08:16:00.000Z","5.7.15",[123,22,23],"activity","https:\u002F\u002Fwww.spyform.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Frecord-screen.zip",{"slug":71,"name":127,"version":128,"author":127,"author_profile":129,"description":130,"short_description":131,"active_installs":132,"downloaded":133,"rating":134,"num_ratings":135,"last_updated":136,"tested_up_to":137,"requires_at_least":66,"requires_php":18,"tags":138,"homepage":18,"download_link":143,"security_score":94,"vuln_count":27,"unpatched_count":75,"last_vuln_date":144,"fetched_at":29},"Hotjar","1.0.16","https:\u002F\u002Fprofiles.wordpress.org\u002Fhotjar\u002F","\u003Cp>Hotjar helps you to connect the dots between what your users do and why—so you can confidently create and optimize user experiences that convert. See what your users see, ask how they feel, and connect 1:1, all from one powerful and intuitive platform.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Hotjar Observe:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Visualize user behavior\u003C\u002Fstrong> – Heatmaps visually represent where users click, move, and scroll on your site. With this context, you’ll be inspired with simple ways to improve your site.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Put yourself in their shoes\u003C\u002Fstrong> – Watch recordings of real user behavior on your site. See visitors’ clicks, mouse movements, u-turns, and rage clicks. Learn what frustrates users and resolve issues early.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Measure conversions and learn why users drop off\u003C\u002Fstrong> – Visualize your conversion flows with Funnels, and understand where your users are getting stuck by zooming into relevant recordings.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Explore and understand your metrics\u003C\u002Fstrong> – Trends connects the dots between numbers and user behavior insights so you can visualize your most important metrics and find the recordings and heatmaps of the underlying user behavior with a single click.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Hotjar Ask:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Hear from your users\u003C\u002Fstrong> –  Surveys bring voice-of-customer to your decision-making. Gathering evidence for a landing page or feature? Use a targeted Survey to validate your ideas and better understand your users.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Get feedback with context\u003C\u002Fstrong> – A real-time suggestion box on your site, Feedback lets users express frustration or delight about individual parts of your site, right down to the page, form, or image they’re looking at.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Hotjar Engage:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Connect with users\u003C\u002Fstrong> – Automate the recruitment, scheduling, and hosting of moderated user interviews, and focus on what matters the most—connecting with users.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Hotjar Platform:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Stay on top of your user metrics\u003C\u002Fstrong> – Use your Dashboard to get a high-level view of user data and spot issues before they become serious, identify trends, and find deeper insights.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Integrate Hotjar with the tools you love\u003C\u002Fstrong> – Connect Hotjar with thousands of popular apps, so you can automate your work and have more time for what matters most—no code required.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>This plugin provides a simple installation of Hotjar on your WordPress site. \u003Ca href=\"https:\u002F\u002Finsights.hotjar.com\u002Fregister?utm_source=wordpress&utm_medium=plugin\" rel=\"nofollow ugc\">Sign-up for your free trial today\u003C\u002Fa>!\u003C\u002Fp>\n","The fast & visual way to understand your users.",80000,1084428,58,18,"2023-10-25T07:52:00.000Z","6.0.11",[139,71,140,141,142],"heatmaps","insights","recordings","visual","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fhotjar.1.0.16.zip","2023-10-05 00:00:00",{"attackSurface":146,"codeSignals":223,"taintFlows":261,"riskAssessment":322,"analyzedAt":335},{"hooks":147,"ajaxHandlers":166,"restRoutes":212,"shortcodes":213,"cronEvents":221,"entryPointCount":222,"unprotectedCount":27},[148,154,158,162],{"type":149,"name":150,"callback":151,"file":152,"line":153},"action","admin_menu","settings_add_plugin_page","interview.php",28,{"type":149,"name":155,"callback":156,"file":152,"line":157},"init","setup_session",184,{"type":149,"name":159,"callback":160,"file":152,"line":161},"wp_enqueue_scripts","interview_load_js_scripts",185,{"type":149,"name":163,"callback":164,"file":152,"line":165},"pre_get_posts","exclude_interview_requests_home",186,[167,172,175,178,181,184,187,189,192,195,198,201,204,207,210],{"action":168,"nopriv":169,"callback":168,"hasNonce":170,"hasCapCheck":169,"file":152,"line":171},"interview_insert",false,true,191,{"action":173,"nopriv":169,"callback":173,"hasNonce":170,"hasCapCheck":169,"file":152,"line":174},"interview_update",192,{"action":176,"nopriv":169,"callback":176,"hasNonce":170,"hasCapCheck":169,"file":152,"line":177},"interview_delete_record",193,{"action":179,"nopriv":169,"callback":179,"hasNonce":170,"hasCapCheck":169,"file":152,"line":180},"interview_duplicate_record",194,{"action":182,"nopriv":169,"callback":182,"hasNonce":170,"hasCapCheck":169,"file":152,"line":183},"interview_get",195,{"action":185,"nopriv":169,"callback":185,"hasNonce":170,"hasCapCheck":169,"file":152,"line":186},"interview_save_question",197,{"action":185,"nopriv":170,"callback":185,"hasNonce":170,"hasCapCheck":169,"file":152,"line":188},198,{"action":190,"nopriv":169,"callback":190,"hasNonce":169,"hasCapCheck":169,"file":152,"line":191},"interview_change_lang",200,{"action":193,"nopriv":169,"callback":193,"hasNonce":170,"hasCapCheck":169,"file":152,"line":194},"interview_get_with_answers",201,{"action":196,"nopriv":169,"callback":196,"hasNonce":170,"hasCapCheck":169,"file":152,"line":197},"interview_get_records",202,{"action":199,"nopriv":169,"callback":199,"hasNonce":170,"hasCapCheck":169,"file":152,"line":200},"interview_play_record",203,{"action":202,"nopriv":169,"callback":202,"hasNonce":170,"hasCapCheck":169,"file":152,"line":203},"interview_invite",204,{"action":205,"nopriv":169,"callback":205,"hasNonce":170,"hasCapCheck":169,"file":152,"line":206},"interview_create_post",205,{"action":208,"nopriv":169,"callback":208,"hasNonce":170,"hasCapCheck":169,"file":152,"line":209},"send_email_interview_over",206,{"action":208,"nopriv":170,"callback":208,"hasNonce":170,"hasCapCheck":169,"file":152,"line":211},207,[],[214,217],{"tag":4,"callback":215,"file":152,"line":216},"interview_shortcode",188,{"tag":218,"callback":219,"file":152,"line":220},"interviewPublish","interviewPublish_shortcode",189,[],17,{"dangerousFunctions":224,"sqlUsage":225,"outputEscaping":236,"fileOperations":63,"externalRequests":75,"nonceChecks":259,"capabilityChecks":75,"bundledLibraries":260},[],{"prepared":226,"raw":227,"locations":228},23,3,[229,232,234],{"file":152,"line":230,"context":231},440,"$wpdb->get_var() with variable interpolation",{"file":152,"line":233,"context":231},499,{"file":152,"line":235,"context":231},500,{"escaped":237,"rawEcho":238,"locations":239},102,9,[240,243,245,247,249,251,253,255,257],{"file":152,"line":241,"context":242},68,"raw output",{"file":152,"line":244,"context":242},101,{"file":152,"line":246,"context":242},106,{"file":152,"line":248,"context":242},117,{"file":152,"line":250,"context":242},119,{"file":152,"line":252,"context":242},478,{"file":152,"line":254,"context":242},550,{"file":152,"line":256,"context":242},552,{"file":152,"line":258,"context":242},555,12,[],[262,284,296],{"entryPoint":263,"graph":264,"unsanitizedCount":27,"severity":38},"send_email_interview_over (interview.php:368)",{"nodes":265,"edges":281},[266,271,275],{"id":267,"type":268,"label":269,"file":152,"line":270},"n0","source","$_POST",378,{"id":272,"type":273,"label":274,"file":152,"line":270},"n1","transform","→ get_template_interview_get_with_answers()",{"id":276,"type":277,"label":278,"file":152,"line":279,"wp_function":280},"n2","sink","echo() [XSS]",547,"echo",[282,283],{"from":267,"to":272,"sanitized":169},{"from":272,"to":276,"sanitized":169},{"entryPoint":285,"graph":286,"unsanitizedCount":27,"severity":38},"interview_get_with_answers (interview.php:562)",{"nodes":287,"edges":293},[288,291,292],{"id":267,"type":268,"label":289,"file":152,"line":290},"$_POST['interviewid']",564,{"id":272,"type":273,"label":274,"file":152,"line":290},{"id":276,"type":277,"label":278,"file":152,"line":279,"wp_function":280},[294,295],{"from":267,"to":272,"sanitized":169},{"from":272,"to":276,"sanitized":169},{"entryPoint":297,"graph":298,"unsanitizedCount":227,"severity":38},"\u003Cinterview> (interview.php:0)",{"nodes":299,"edges":316},[300,303,305,306,308,310,312,314],{"id":267,"type":268,"label":301,"file":152,"line":302},"$_POST (x2)",423,{"id":272,"type":277,"label":278,"file":152,"line":304,"wp_function":280},546,{"id":276,"type":268,"label":301,"file":152,"line":270},{"id":307,"type":273,"label":274,"file":152,"line":270},"n3",{"id":309,"type":277,"label":278,"file":152,"line":279,"wp_function":280},"n4",{"id":311,"type":268,"label":289,"file":152,"line":290},"n5",{"id":313,"type":273,"label":274,"file":152,"line":290},"n6",{"id":315,"type":277,"label":278,"file":152,"line":279,"wp_function":280},"n7",[317,318,319,320,321],{"from":267,"to":272,"sanitized":170},{"from":276,"to":307,"sanitized":169},{"from":307,"to":309,"sanitized":169},{"from":311,"to":313,"sanitized":169},{"from":313,"to":315,"sanitized":169},{"summary":323,"deductions":324},"The \"interview\" plugin v1.01 presents a mixed security posture. On the positive side, it demonstrates good practices in SQL query handling, with 88% of queries using prepared statements, and a high rate of output escaping (92%).  The plugin also includes a reasonable number of nonce checks (12), which is a fundamental security measure.  However, there are significant areas of concern. The presence of one unprotected AJAX handler is a critical flaw, opening a potential attack vector.  Furthermore, the taint analysis reveals three flows with unsanitized paths, although they are not categorized as critical or high severity. This warrants further investigation into the specific nature of these unsanitized paths. The plugin's vulnerability history is particularly alarming, with one currently unpatched medium severity CVE related to SQL injection. This indicates a recurring issue with how the plugin handles user input and database interactions, and the fact that it remains unpatched is a serious risk.\n\nWhile the plugin shows strengths in areas like SQL prepared statements and output escaping, the combination of an unprotected AJAX handler, unsanitized taint flows, and a recent unpatched SQL injection vulnerability significantly elevates its risk profile. The plugin author needs to address the unprotected AJAX endpoint immediately and investigate the identified taint flows. The historical pattern of SQL injection vulnerabilities suggests a deeper architectural issue that needs a thorough code review and remediation to prevent future exploits.  Users should exercise caution and consider the potential risks associated with using this plugin until these vulnerabilities are addressed.",[325,327,330,333],{"reason":326,"points":82},"1 unprotected AJAX handler",{"reason":328,"points":329},"3 flows with unsanitized paths",6,{"reason":331,"points":332},"1 currently unpatched medium CVE (SQL Injection)",15,{"reason":334,"points":82},"0 capability checks","2026-03-16T22:38:57.883Z",{"wat":337,"direct":349},{"assetPaths":338,"generatorPatterns":343,"scriptPaths":344,"versionParams":345},[339,340,341,342],"\u002Fwp-content\u002Fplugins\u002Finterview\u002Fcss\u002FinterviewAdmin.css","\u002Fwp-content\u002Fplugins\u002Finterview\u002Fjs\u002FinterviewAdmin.js","\u002Fwp-content\u002Fplugins\u002Finterview\u002Fjs\u002Fsummernote\u002Fsummernote-lite.min.css","\u002Fwp-content\u002Fplugins\u002Finterview\u002Fjs\u002Fsummernote\u002Fsummernote-lite.min.js",[],[340,342],[346,347,348],"interviewAdmin.css?cache=","interviewAdmin.js?cache=","interviewAdmin.js?ver=",{"cssClasses":350,"htmlComments":361,"htmlAttributes":362,"restEndpoints":365,"jsGlobals":366,"shortcodeOutput":368},[351,352,353,354,355,356,357,358,359,360],"interviewError","interviewAdminContainer","interviewInviteContainer","inviteInterviewContainer","interviewEditContainer","editInterviewContainer","interviewAddContainer","addNewInterviewContainer","playInterviewContainer","playInterviewContent",[],[363,364],"data-interview-id","data-interview-question-id",[],[367],"params",[]]