WP-Safety

LIQUID TREEMAP Security & Risk Analysis

wordpress.org/plugins/liquid-treemap

Visualize the performance of the content in with TreeMap.

50 active installs v1.0.3 PHP + WP 4.1+ Updated Dec 18, 2024
analyticsd3rankingreporttreemap
92
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is LIQUID TREEMAP Safe to Use in 2026?

Generally Safe

Score 92/100

LIQUID TREEMAP has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1yr ago
Risk Assessment

The "liquid-treemap" plugin v1.0.3 exhibits a generally good security posture with no known vulnerabilities or critical taint flows. The absence of SQL queries, file operations, and external HTTP requests in the analyzed code are positive signs. However, a significant concern is the low rate of proper output escaping, with only 38% of outputs being escaped. This could lead to cross-site scripting (XSS) vulnerabilities if user-supplied data is not sufficiently sanitized before being displayed. Additionally, the analysis reveals one unsanitized path in the taint analysis, which, while not classified as critical or high, warrants investigation. The lack of nonce and capability checks on potential entry points (though the attack surface is currently zero) is a missed opportunity for robust security, especially if future versions introduce new functionalities.

Key Concerns

  • Low output escaping rate
  • Unsanitized path in taint analysis
  • No nonce checks
  • No capability checks
Vulnerabilities
None known

LIQUID TREEMAP Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Version History

LIQUID TREEMAP Release Timeline

v1.0.3Current
v1.0.2
v1.0
Code Analysis
Analyzed Mar 16, 2026

LIQUID TREEMAP Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
5
3 escaped
Nonce Checks
0
Capability Checks
0
File Operations
0
External Requests
1
Bundled Libraries
0

Output Escaping

38% escaped8 total outputs
Data Flows · Security
1 unsanitized

Data Flow Analysis

1 flows1 with unsanitized paths
<liquid-treemap-menu> (liquid-treemap-menu.php:0)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

LIQUID TREEMAP Attack Surface

Entry Points0
Unprotected0
WordPress Hooks 3
actionadmin_noticesliquid-treemap.php:47
actionadmin_enqueue_scriptsliquid-treemap.php:55
actionadmin_menuliquid-treemap.php:66
Maintenance & Trust

LIQUID TREEMAP Maintenance & Trust

Maintenance Signals

WordPress version tested6.7.5
Last updatedDec 18, 2024
PHP min version
Downloads3K

Community Trust

Rating0/100
Number of ratings0
Active installs50
Alternatives

LIQUID TREEMAP Alternatives

SlimStat Analytics

SlimStat Analytics

wp-slimstat

A
88

The leading web analytics plugin for WordPress

80K 24 CVEs
Ninjalytics: Sales Reports & Order Export for WooCommerce and EDD

Ninjalytics: Sales Reports & Order Export for WooCommerce and EDD

product-sales-report-for-woocommerce

A
100

Create sales reports and order exports for WooCommerce with product analytics, order fulfillment data, filtering, charts, and 15+ templates.

6K No CVEs
WP Client Reports

WP Client Reports

wp-client-reports

A
91

The best maintenance reporting tool for WordPress professionals. Display update statistics directly in the WordPress admin or send reports via email.

6K 2 CVEs
Analytics by BestWebSoft – Google Analytics Dashboard and Statistic Plugin for WordPress

Analytics by BestWebSoft – Google Analytics Dashboard and Statistic Plugin for WordPress

bws-google-analytics

A
100

Add Google Analytics code to WordPress website and track basic stats.

1K 1 CVE
Sales Report for WooCommerce

Sales Report for WooCommerce

sales-report-for-woocommerce

A
100

Sales Report for WooCommerce generates daily, weekly and monthly sales report

1K No CVEs
Developer Profile

LIQUID TREEMAP Developer Profile

lqd

9 plugins · 16K total installs

76
trust score
Avg Security Score
95/100
Avg Patch Time
617 days
View full developer profile
Detection Fingerprints

How We Detect LIQUID TREEMAP

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/liquid-treemap/style.css
Version Parameters
liquid-treemap/style.css?ver=

HTML / DOM Fingerprints

FAQ

Frequently Asked Questions about LIQUID TREEMAP