[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f-GaiFPkcP_FWg4_1WHr-IotJOszox_q_0fyBfXzK-XQ":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":24,"download_link":25,"security_score":26,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29,"vulnerabilities":30,"developer":45,"crawl_stats":36,"alternatives":48,"analysis":141,"fingerprints":359},"reactflow-session-replay-heatmap","Reactflow Visitor Recording and Heatmaps","1.0.11","reactflow","https:\u002F\u002Fprofiles.wordpress.org\u002Freactflow\u002F","\u003Cp>Reactflow playback your customer’s activity recordings like a video that you can watch, Compile Heatmaps, Funnel Analytics, Bugs, Console Logs and provide feedbacks which helps you to understand customer’s pain points, solve them. For free.\u003C\u002Fp>\n\u003Cp>Heatmap and Recording from each user can be used to enhance user journey, user interface and user experience. It can be used to debug errors that user might encouter in their journey as well as 404 errors. Call to action buttons can be improved to deliver best experience.\u003C\u002Fp>\n\u003Cp>Why visitors leave or abandon their carts? Reactflow allows you to know exactly what your users are doing on your website and what needs to be changed. Session replay is a powerful tool that record your visitor activity & interaction on your website.\u003C\u002Fp>\n\u003Cp>Unlike traditional web stats and statistics plugins where you see your visitors path, pages, entry and exit pages, and other web analytics, Reactflow goes deeper by providing you with the actual session activity and interaction that customer do on your website.\u003C\u002Fp>\n\u003Cp>Free Click Heatmap, scroll and mouse hover heatmap provide you with an aggregate view of your website visitors. You can see which important button is not getting the attention it needs, in a glance.\u003C\u002Fp>\n\u003Cp>bug and error analysis will look for any Javascript, network or 404 errors that your visitors might face during their interaction the website. You will receive a notification whenever a new bug occurs for your visitors.\u003C\u002Fp>\n\u003Cp>Free funnel analytics allows you to set steps required for a visitor to perform the desired action on the website such as from the Product page to Thank you page and watch reason of dropouts as they happen.\u003C\u002Fp>\n\u003Cp>Feedback widgets allow your website users to take a screenshot of issues they see on your website and report them to you, or conduct a poll or survey. You can use widgets to collect leads data as well.\u003C\u002Fp>\n\u003Cp>Mouse activities such as mouse click, mouse movement, mouse scroll, even touch taps from your desktop, tablet and mobile visitors will be included in recording and be used to analyze your customers activity and generate heatmap based on this data.\u003C\u002Fp>\n\u003Cp>Reactflow is a cloud-hosted service that record your visitor’s session activity and plays them to you like a movie in Reactflow servers, so you do not have to worry about storage space of recording or server performance.\u003C\u002Fp>\n\u003Ch4>Reactflow notable features:\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Session Replay: Playback what your users do on your website like a video. Used to identify what is causing your users to leave your website.\u003C\u002Fli>\n\u003Cli>Heatmap: Dynamic heat map of which elements in pages are getting the most attention. Used to identify which important element is getting low clicks.\u003C\u002Fli>\n\u003Cli>Bug notification: Notify you whenever a plugin or button is broken, making your website does not work as expected. Console log of your users will be included in recording and you can playback what they did that caused that bug or issue.\u003C\u002Fli>\n\u003Cli>users list and pages they visited: Full detailed history of pages each of your visitors viewed, with a play button next to them allowing you to playback what they did.\u003C\u002Fli>\n\u003Cli>Funnel Analytics: Breakdown of important steps on your website where you can see why users drop in each step. and you can watch recording of those who successfully reach your funnel goal page.\u003C\u002Fli>\n\u003Cli>Page Speed Meter: Each session recording calculate time it took for your page to load for your users.\u003C\u002Fli>\n\u003Cli>Feedback Widget: Allows your users to take a screenshot of issues they see on your website and give you feedback about it.\u003C\u002Fli>\n\u003Cli>Survey widget: Allow you to conduct a questionnaire from your users.\u003C\u002Fli>\n\u003Cli>Poll widget: Allows you to conduct some quick polls from your users.\u003C\u002Fli>\n\u003Cli>Lead widget: Allows you to catch lead information such as name, phone or email from your users.\u003C\u002Fli>\n\u003Cli>New world analytics. Try Reactflow to prove more features than HotJar, VWO, Lucky Orange, ClickTale, SmartLook, Mouseflow, Inspectlet, Hoverowl, SessionCam, Mousestats, Wisdom, Fullstory. Reactflow recorder record with higher accuracy and more analytics data.\u003C\u002Fli>\n\u003Cli>Upgrade from traditional web analytics. Try Reactflow to feel an upgrade from Clicky, StatCounter, HiStats, Piwik, Woopra, MixPanel, GoSquared, ChartBeat, Wassup, Slimstat or even Google Analytics.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Freactflow.com\u002F?utm=wordpress\" rel=\"nofollow ugc\">Know more about Reactflow\u003C\u002Fa>\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Freactflow.com\u002Fterms.php?utm=wordpress\" rel=\"nofollow ugc\">Terms and Condition\u003C\u002Fa>\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Freactflow.com\u002Fprivacy.php?utm=wordpress\" rel=\"nofollow ugc\">Privacy Policy\u003C\u002Fa>\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Freactflow.com\u002Fregister.php?utm=wordpress\" rel=\"nofollow ugc\">Register\u003C\u002Fa>\u003C\u002Fp>\n","Convert your prospects into customers. Reactflow highlights visual and logical reason why your visitors are not turning into customers, Optimize conve &hellip;",300,7037,0,"2025-05-09T14:31:00.000Z","6.8.5","2.7","5.0",[19,20,21,22,23],"analytics","conversion","funnel","heatmaps","recording","https:\u002F\u002Freactflow.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Freactflow-session-replay-heatmap.1.0.11.zip",79,1,"2024-12-20 18:46:32","2026-03-15T15:16:48.613Z",[31],{"id":32,"url_slug":33,"title":34,"description":35,"plugin_slug":4,"theme_slug":36,"affected_versions":37,"patched_in_version":36,"severity":38,"cvss_score":39,"cvss_vector":40,"vuln_type":41,"published_date":28,"updated_date":42,"references":43,"days_to_patch":36},"CVE-2024-11975","reactflow-visitor-recording-and-heatmaps-reflected-cross-site-scripting","Reactflow Visitor Recording and Heatmaps \u003C= 1.0.10 - Reflected Cross-Site Scripting","The Reactflow Visitor Recording and Heatmaps plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the '_wpnonce' parameter in all versions up to, and including, 1.0.10 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.",null,"\u003C=1.0.10","medium",6.1,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:R\u002FS:C\u002FC:L\u002FI:L\u002FA:N","Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')","2025-05-12 14:02:42",[44],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Feb360c56-e144-4dc5-8bfb-715a014cb8e6?source=api-prod",{"slug":7,"display_name":7,"profile_url":8,"plugin_count":27,"total_installs":11,"avg_security_score":26,"avg_patch_time_days":46,"trust_score":26,"computed_at":47},30,"2026-04-04T11:44:39.610Z",[49,72,92,110,126],{"slug":50,"name":51,"version":52,"author":53,"author_profile":54,"description":55,"short_description":56,"active_installs":57,"downloaded":58,"rating":59,"num_ratings":60,"last_updated":61,"tested_up_to":62,"requires_at_least":63,"requires_php":64,"tags":65,"homepage":69,"download_link":70,"security_score":71,"vuln_count":13,"unpatched_count":13,"last_vuln_date":36,"fetched_at":29},"lucky-orange","Lucky Orange","2.1.1","luckyorange","https:\u002F\u002Fprofiles.wordpress.org\u002Fcrickeys\u002F","\u003Cp>Less time crunching numbers, more time growing your business.\u003C\u002Fp>\n\u003Ch3>Understand your visitors. Improve your website. Increase your sales.\u003C\u002Fh3>\n\u003Cp>If your WordPress site is getting traffic but not conversions, Lucky Orange shows you why. With one-click install and a free plan to get started, you can uncover where visitors struggle, what’s stopping them from buying, and how to turn browsers into customers.\u003Cbr \u002F>\nFrom session recordings to heatmaps, live chat to Page Insights, Lucky Orange helps you optimize every part of your customer journey with clear, visual data.\u003C\u002Fp>\n\u003Ch3>Dynamic Heatmaps\u003C\u002Fh3>\n\u003Cp>Discover where people click, scroll, and hover—including dynamic content like popups, dropdowns, and forms. Works seamlessly with SPAs and AJAX-loaded pages.\u003C\u002Fp>\n\u003Ch3>Session Recordings\u003C\u002Fh3>\n\u003Cp>Replay real visitor sessions to see how people navigate your site, where they abandon, and what’s preventing conversions.\u003C\u002Fp>\n\u003Ch3>Conversion Funnels\u003C\u002Fh3>\n\u003Cp>Visualize each step of your funnel to find out which pages drive success—and where people are dropping off.\u003C\u002Fp>\n\u003Ch3>Visitor Profiles\u003C\u002Fh3>\n\u003Cp>See each visitor’s journey in a single view, including traffic source, cart value, and all sessions tied to that individual.\u003C\u002Fp>\n\u003Ch3>Live Chat\u003C\u002Fh3>\n\u003Cp>Engage visitors in real time based on behavior triggers. Answer questions and recover abandoned conversions before they’re lost.\u003C\u002Fp>\n\u003Ch3>Live View\u003C\u002Fh3>\n\u003Cp>See what your visitors are doing right now on your site—every movement, scroll, and click in real time.\u003C\u002Fp>\n\u003Ch3>Page Insights\u003C\u002Fh3>\n\u003Cp>Instantly surface key performance stats: top-clicked elements, frustration signals, engagement trends, and activity snapshots—all tied to specific pages.\u003C\u002Fp>\n\u003Ch3>Surveys\u003C\u002Fh3>\n\u003Cp>Ask the right questions at the right time—like what visitors are looking for, what’s missing, or why they didn’t convert.\u003C\u002Fp>\n\u003Ch3>Announcements\u003C\u002Fh3>\n\u003Cp>Target visitors with personalized messages, discount offers, or key updates based on device, behavior, or source.\u003C\u002Fp>\n\u003Ch3>Discovery\u003C\u002Fh3>\n\u003Cp>Uncover Optimization Opportunities based on specific parts of the customer journey. Know where to focus, and what changes can move the needle.\u003C\u002Fp>\n","Less time crunching numbers, more time growing your business.",2000,70312,86,24,"2025-04-14T15:38:00.000Z","6.8.0","2.0.3","",[19,66,22,67,68],"conversion-rate-optimization","session-recordings","surveys","https:\u002F\u002Fwww.luckyorange.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Flucky-orange.2.2.11.zip",100,{"slug":73,"name":74,"version":75,"author":76,"author_profile":77,"description":78,"short_description":79,"active_installs":80,"downloaded":81,"rating":71,"num_ratings":27,"last_updated":82,"tested_up_to":83,"requires_at_least":84,"requires_php":85,"tags":86,"homepage":90,"download_link":91,"security_score":71,"vuln_count":13,"unpatched_count":13,"last_vuln_date":36,"fetched_at":29},"shinystat-analytics","ShinyStat Analytics","1.0.16","shinystat","https:\u002F\u002Fprofiles.wordpress.org\u002Fshinystat\u002F","\u003Cp>Activate the ShinyStat Analytics plugin and access to \u003Cstrong>Web Analytics\u003C\u002Fstrong> and \u003Cstrong>On-site Marketing Automation\u003C\u002Fstrong> tools provided by ShinyStat.\u003C\u002Fp>\n\u003Cp>This plugin makes it easy to connect your website to ShinyStat services, so you can start building your data-driven strategies to improve your business.\u003C\u002Fp>\n\u003Cp>Analytics services measure accesses to your website in real time, allowing you to check the progress of traffic in order to improve its performance.\u003C\u002Fp>\n\u003Cp>ShinyStat Widget that shows the \u003Cstrong>counter icon\u003C\u002Fstrong> can be inserted into your website pages, so both you and your visitors can see immediately how traffic is evolving.\u003C\u002Fp>\n\u003Cp>The ShinyStat dashboards provide a clear and immediate interpretation of all the main metrics related to traffic and performance of the site, allowing to perform punctual analysis on a census basis through dynamic and customizable graphic representations.\u003C\u002Fp>\n\u003Cp>The \u003Cstrong>Keyword Not Provided\u003C\u002Fstrong> report allows you to obtain a probabilistic projection of the keywords used to reach the site by users on search engines, thus constituting an essential tool for SEO and SEM managers.\u003C\u002Fp>\n\u003Cp>If the WooCommerce plugin is installed on your website, you can also view statistics about the monetary \u003Cstrong>Conversions\u003C\u002Fstrong> completed by your visitors.\u003Cbr \u002F>\nTo collect data about conversions, the minimum version of WooCommerce is 3.3.0.\u003C\u002Fp>\n\u003Cp>Offering a complete statistical picture of the main characteristics of the Audience on each portion of the site, it is therefore the ideal tool for defining strategies, the selection of contents and their optimal allocation on the web pages of your store.\u003C\u002Fp>\n\u003Cp>Finally, thanks to Machine Learning and Artificial Intelligence algorithms, ShinyStat also provides On-site Marketing Automation ShinyEngage tool.\u003Cbr \u002F>\nWith this tool you can send specific messages to targeted users at the most appropriate time in order to increase purchases, for example when user exit intent is detected without completing a purchase.\u003C\u002Fp>\n\u003Cp>ShinyStat Analytics plugin is compatible with WordPress \u003Cstrong>AMP\u003C\u002Fstrong> plugin, allowing to collect traffic data from AMP pages without any additional configuration.\u003C\u002Fp>\n","Plugin to activate the ShinyStat Analytics services on your website.",1000,13656,"2025-12-05T09:10:00.000Z","6.9.4","3.1.0","5.6",[19,87,22,88,89],"conversions","marketing","seo","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fshinystat-analytics\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fshinystat-analytics.1.0.16.zip",{"slug":93,"name":94,"version":95,"author":96,"author_profile":97,"description":98,"short_description":99,"active_installs":71,"downloaded":100,"rating":13,"num_ratings":13,"last_updated":101,"tested_up_to":83,"requires_at_least":102,"requires_php":103,"tags":104,"homepage":108,"download_link":109,"security_score":71,"vuln_count":13,"unpatched_count":13,"last_vuln_date":36,"fetched_at":29},"ai-flash-tune","AI Flash Tune","1.0.0","rbill","https:\u002F\u002Fprofiles.wordpress.org\u002Frbill\u002F","\u003Cp>Stop guessing why your customers are leaving and start getting actionable insights. AI Flash Tune is an AI-powered tool for WooCommerce that automatically maps your sales funnel, identifies the exact points where users are dropping off, and helps you understand the “why” behind their actions.\u003C\u002Fp>\n\u003Cp>The free version provides powerful detection and tracking tools to show you \u003Cem>what\u003C\u002Fem> is happening in your store.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Key Features (Free Version):\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Basic Funnel Flow Visualization:\u003C\u002Fstrong> Automatically maps your standard WooCommerce funnel from Landing Page \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> Product Interest \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> Cart \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> Checkout to visualize the user journey.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Top Drop-Off Detection:\u003C\u002Fstrong> Pinpoints the precise stage in your funnel where most users abandon their journey, showing you where to focus your efforts.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Behavioral Pattern Analyzer:\u003C\u002Fstrong> Detects critical user frustration signals like \u003Cstrong>rage clicks\u003C\u002Fstrong>, \u003Cstrong>quick bounces\u003C\u002Fstrong>, and \u003Cstrong>scroll stops\u003C\u002Fstrong> to help explain \u003Cem>why\u003C\u002Fem> users might be leaving.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Abandoned Cart Tracker:\u003C\u002Fstrong> See a list of abandoned carts, including the products left behind and the total potential revenue lost.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Low-Performing Product Finder:\u003C\u002Fstrong> Flags products that get a lot of traffic but have little to no sales, helping you identify optimization opportunities.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Checkout Field Overload Detector:\u003C\u002Fstrong> Analyzes your checkout form and warns you if you have too many fields, which is a common cause of high friction and abandonment.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Page Speed Alerts:\u003C\u002Fstrong> Monitors the performance of key funnel pages and alerts you if they are loading slower than the recommended threshold.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Visual Noise Checker (Lite):\u003C\u002Fstrong> Scans your product pages for an excessive number of competing buttons or images that could distract users from the main “Add to Cart” action.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>External Services\u003C\u002Fh3>\n\u003Cp>This plugin relies on the \u003Cstrong>OpenAI API\u003C\u002Fstrong> to generate intelligent insights, analyze your funnel data, and provide optimization suggestions.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Service:\u003C\u002Fstrong> OpenAI API (GPT models)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Used For:\u003C\u002Fstrong> Analyzing store performance metrics to generate reports, suggestions, and answer user questions about the data.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Data Sent:\u003C\u002Fstrong> When you request an analysis, the plugin sends anonymized, aggregated funnel statistics (e.g., total visits, conversion rates) and any text prompts you enter. No personally identifiable information (PII) regarding your customers is sent to OpenAI.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Privacy Policy:\u003C\u002Fstrong> \u003Ca href=\"https:\u002F\u002Fopenai.com\u002Fpolicies\u002Fprivacy-policy\" rel=\"nofollow ugc\">OpenAI Privacy Policy\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Terms of Service:\u003C\u002Fstrong> \u003Ca href=\"https:\u002F\u002Fopenai.com\u002Fpolicies\u002Fterms-of-use\" rel=\"nofollow ugc\">OpenAI Terms of Use\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Copyright\u003C\u002Fh3>\n\u003Cp>AI Flash Tune uses the following third-party resources:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\n\u003Cp>Flatpickr (js\u002Fflatpickr.min.js, css\u002Fflatpickr.min.css)\u003Cbr \u002F>\nSource: https:\u002F\u002Fflatpickr.js.org\u002F\u003Cbr \u002F>\nLicense: MIT\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Font Awesome Free (css\u002Fall.min.css, webfonts\u002F*)\u003Cbr \u002F>\nSource: https:\u002F\u002Ffontawesome.com\u002F\u003Cbr \u002F>\nLicense: CC BY 4.0 License (Icons), MIT License (Code), SIL OFL 1.1 (Fonts)\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n","A WordPress plugin to turn WooCommerce drop-offs into conversions with AI-powered funnel analysis and optimization.",407,"2026-02-14T06:46:00.000Z","5.8","7.4",[105,19,106,21,107],"ai","conversion-optimization","woocommerce","https:\u002F\u002Fwww.aiflashtune.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fai-flash-tune.1.0.0.zip",{"slug":111,"name":112,"version":113,"author":111,"author_profile":114,"description":115,"short_description":116,"active_installs":71,"downloaded":117,"rating":71,"num_ratings":118,"last_updated":119,"tested_up_to":120,"requires_at_least":16,"requires_php":64,"tags":121,"homepage":64,"download_link":124,"security_score":125,"vuln_count":13,"unpatched_count":13,"last_vuln_date":36,"fetched_at":29},"howuku","Heatmap & Analytics – Howuku Web Optimization","1.0.5","https:\u002F\u002Fprofiles.wordpress.org\u002Fhowuku\u002F","\u003Cp>\u003Cstrong>Free heatmap and analytics tool for your WordPress sites.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Howuku is an all-in-one behavior analytics platform created to help you understand your audience better. Designed especially for marketers and product managers, Howuku offers state-of-the-art analytics tools to understand and visualize user behavior with heatmap and how it impacts your product.\u003C\u002Fp>\n\u003Cp>With Howuku, you can track dynamic heatmap, conversion funnels and get instant feedback from your customers to help your product grow.\u003C\u002Fp>\n\u003Cp>Additionally, the heatmap and recording can help you eliminate guesswork and show you what your visitors do exactly and why they drop-off from your website.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fhowuku.com\u002F?utm_source=wordpress&utm_medium=plugin&utm_campaign=wp_plugin_page\" rel=\"nofollow ugc\">Get started for free\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>What is Heatmap?\u003C\u002Fh3>\n\u003Cp>A website heatmap is a visual representation that shows you what elements on your website are getting the most interaction (hot) and those that are getting the least (cold).\u003C\u002Fp>\n\u003Cp>You get a comprehensive understanding of what is holding visitors’ attention, what needs to be improved, and what needs to be removed.\u003C\u002Fp>\n\u003Cp>Basically, a heatmap help you see an aggregated view of your user behaviors’ hotspot.\u003C\u002Fp>\n\u003Ch3>How can heatmap helps you improve website conversions?\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Make sure all your important Call-to-actions is above the average-fold of your scroll map\u003C\u002Fli>\n\u003Cli>Identify if your visitors are confused by non-clickable elements and turn those into links\u003C\u002Fli>\n\u003Cli>Find out what your visitors are looking for and reposition your element to improve engagement rate\u003C\u002Fli>\n\u003Cli>Make sure visitors seeing critical website elements like eBooks, guides, and solution briefs?\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>KEY FEATURES OF HEATMAP\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Click heatmap to learn where do visitor click the most\u003C\u002Fli>\n\u003Cli>Scroll heatmap to find out how far down do visitors scrolled\u003C\u002Fli>\n\u003Cli>Segment heatmap with segmented user data such as Source, Referrer, Day of Week and etc\u003C\u002Fli>\n\u003Cli>Sharable external heatmap link to your product and marketing team\u003C\u002Fli>\n\u003Cli>Export PDF report of your heatmap\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>OTHER OPTIMIZATION FEATURES\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Heatmap: click map, scroll map, and user segmented hotspot\u003C\u002Fli>\n\u003Cli>Visitor Recording: CCTV for your website\u003C\u002Fli>\n\u003Cli>Realtime Analytics and Conversion Funnel\u003C\u002Fli>\n\u003Cli>Create unlimited no. of websites, recordings and heatmap\u003C\u002Fli>\n\u003Cli>Free feedback widget tool and pop-up survey\u003C\u002Fli>\n\u003Cli>On-site A\u002FB testing no coding needed\u003C\u002Fli>\n\u003Cli>Filtering and segmentation\u003C\u002Fli>\n\u003Cli>Mobile, tablet, and PC recordings\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cem>Learn more about \u003Ca href=\"https:\u002F\u002Fhowuku.com\u002Ffeatures?utm_source=wordpress&utm_medium=plugin&utm_campaign=wp_plugin_page\" rel=\"nofollow ugc\">all optimization features here\u003C\u002Fa>!\u003C\u002Fem>\u003C\u002Fp>\n\u003Ch3>Resources\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>Website:\u003C\u002Fstrong> \u003Ca href=\"https:\u002F\u002Fhowuku.com\u002F?utm_source=wordpress&utm_medium=plugin&utm_campaign=wp_plugin_page\" rel=\"nofollow ugc\">Howuku Homepage\u003C\u002Fa>\u003Cbr \u002F>\n\u003Cstrong>Pricing:\u003C\u002Fstrong> \u003Ca href=\"https:\u002F\u002Fhowuku.com\u002Fpricing?utm_source=wordpress&utm_medium=plugin&utm_campaign=wp_plugin_page\" rel=\"nofollow ugc\">Affordable Plans\u003C\u002Fa>\u003Cbr \u002F>\n\u003Cstrong>Heatmap:\u003C\u002Fstrong> \u003Ca href=\"https:\u002F\u002Fhowuku.com\u002Fwebsite-heatmap?utm_source=wordpress&utm_medium=plugin&utm_campaign=wp_plugin_page\" rel=\"nofollow ugc\">Dynamic Heatmap\u003C\u002Fa>\u003Cbr \u002F>\n\u003Cstrong>Register:\u003C\u002Fstrong> \u003Ca href=\"https:\u002F\u002Fapp.howuku.com\u002Fsign-up\u002Fbasic?utm_source=wordpress\" rel=\"nofollow ugc\">GET STARTED FOR FREE\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Legal\u003C\u002Fh3>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fhelp.howuku.com\u002Farticle\u002F18-terms-of-service\" rel=\"nofollow ugc\">Terms & Condition\u003C\u002Fa>\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fhelp.howuku.com\u002Farticle\u002F17-privacy-policy\" rel=\"nofollow ugc\">Privacy Policy\u003C\u002Fa>\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fhelp.howuku.com\u002Farticle\u002F35-gdpr\" rel=\"nofollow ugc\">GDPR Compliant\u003C\u002Fa>\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fhelp.howuku.com\u002Farticle\u002F41-cookies-policy\" rel=\"nofollow ugc\">Cookies Policy\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>\u003Cem>Sign up for FREE today, no credit card needed!\u003C\u002Fem>\u003C\u002Fp>\n","Free heatmap and analytics tool for your WordPress sites.",3333,2,"2022-06-12T07:44:00.000Z","6.0.11",[19,122,123,22,23],"heat-map","heatmap","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fhowuku.zip",85,{"slug":127,"name":128,"version":95,"author":129,"author_profile":130,"description":131,"short_description":132,"active_installs":71,"downloaded":133,"rating":71,"num_ratings":27,"last_updated":134,"tested_up_to":135,"requires_at_least":136,"requires_php":85,"tags":137,"homepage":64,"download_link":140,"security_score":125,"vuln_count":13,"unpatched_count":13,"last_vuln_date":36,"fetched_at":29},"livesession","LiveSession – Visitor Recording for WordPress","kdrazkiewicz","https:\u002F\u002Fprofiles.wordpress.org\u002Fkdrazkiewicz\u002F","\u003Cp>LiveSession is a session replay tool that will help you learn more about your users. You can watch how they interact with your website. The sessions can be filtered according to different variables, including location, devices, browsers, engagement score,and many more.\u003C\u002Fp>\n\u003Cp>LiveSession is a great solution for UX designers, marketing professionals, customer support teams, and everyone who works with websites.\u003C\u002Fp>\n\u003Cp>This plugin allows you to install LiveSession on your WordPress website.\u003C\u002Fp>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FWCgDTljLTsQ?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Always-on session recordings\u003C\u002Fstrong> – The software records everything the visitor does on the website, including mouse movements, scrolls, and clicks. The sessions can be replayed, rewatched, and analyzed later. You can see exactly what your user sees, just like you’re sitting next to them.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Engagement score\u003C\u002Fstrong> – When you record a lot of sessions, it’s time-consuming to go through all of them one by one. Thanks to the engagement score, you can filter the most interesting recordings automatically.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Custom properties\u003C\u002Fstrong> – Would you like to identify the users you’re watching? It’s possible with custom properties. You can import data from other analytics tools and add more context to your sessions.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Inspect mode\u003C\u002Fstrong> – Track how users interact with particular elements of your website. Inspect mode allows you to find sessions that contain what you’re looking for.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Rage clicks and error clicks\u003C\u002Fstrong> – Rage clicks detect JavaScript errors, while error clicks are recorded when the user clicks on something very fast and repeatedly. These two features will help you spot points of frustration.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Clickmaps\u003C\u002Fstrong> – Clickmap allows you to see what elements of your website were clicked and how many times in a retroactive fashion. You can view aggregated click values from multiple sessions for a given section during session playbacks. With engagement heatmaps, you see the most frequently interacted elements of your web page from all sessions. This in turn helps the user refine their websites and CTAs for better conversion rates and lead generation, boosting company growth and success through optimized user experience.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>DevTools\u003C\u002Fstrong> – See all console logs in one view or by a severity level – info, warn and error. Debug your website or web application with ease and shorten the time needed to provide superb customer support.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Funnels (NEW)\u003C\u002Fstrong> – analyze your visitors’ paths and boost conversion rates by eliminating obstacles that prevent your customers from buying. Use LiveSession Funnels to add another dimension to your UX research.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Use cases\u003C\u002Fh3>\n\u003Cp>LiveSession can be used by professionals from different fields:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>UX\u002FProduct\u003C\u002Fstrong>\u003Cbr \u002F>\nUse session recordings as a usability testing method. Research your design decisions, see what works and what can be improved.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Marketing\u003C\u002Fstrong>\u003Cbr \u002F>\nFilter sessions by UTM tags and track the effectiveness of your campaigns. See how visitors interact with the website and find new marketing opportunities.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Customer support\u003C\u002Fstrong>\u003Cbr \u002F>\nLiveSession can be integrated with the most popular help center tools (more details below). What’s more, you can assign support tiers to particular recordings. This will help you deliver the best service possible.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>UX\u002FProduct\u003C\u002Fstrong>\u003Cbr \u002F>\nUse session recordings as a usability testing method. Research your design\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Software development\u003C\u002Fstrong>\u003Cbr \u002F>\nThanks to in-depth qualitative analysis, as well as automatic rage clicks and error clicks detection, you’re able to debug your web application faster.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Wide range of integrations\u003C\u002Fh3>\n\u003Cp>LiveSession can be integrated with:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>other analytics stacks\u003C\u002Fstrong>, such as Google Analytics, Google Tag Manager,and Segment\u003C\u002Fli>\n\u003Cli>\u003Cstrong>help center tools\u003C\u002Fstrong>, including Intercom, LiveChat, HelpScout, Drift, Crisp,and Olark\u003C\u002Fli>\n\u003Cli>\u003Cstrong>E-commerce software\u003C\u002Fstrong>, e.g. Shopify, BigCommerce,and Wix\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>The full list of integrations is available \u003Ca href=\"https:\u002F\u002Flivesession.io\u002Fintegrations?utm_source=wordpress.org&utm_medium=integration&utm_campaign=WordpressIntegration\" rel=\"nofollow ugc\">here\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>Testimonials\u003C\u002Fh3>\n\u003Cblockquote>\n\u003Cp>We tried almost every recording tool out there. LiveSessions was the best in relation to price\u002Fquality. The recordings are perfect and the app is loading fast. The support is super fast & friendly!\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Cp>\u003Cem>Gasper Vidovic, Databox\u003C\u002Fem>\u003C\u002Fp>\n\u003Cp>––––\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>I believe that LiveSession is a must if you have a website, blog, online store, app. Seeing what users really do on your website, where they click, what they don’t click etc. will be the best what can happen to you that will help you design UI\u002FUX that converts better. We noticed 110% increase in sign-ups, over 40% increase in paid subscriptions for our service and we have reduced churn by 40%.\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Cp>\u003Cem>Wojciech Jasnos, RocketLink\u003C\u002Fem>\u003C\u002Fp>\n\u003Ch3>Contact\u003C\u002Fh3>\n\u003Cp>If you have any other questions, please get in touch via hello@livesession.io\u003C\u002Fp>\n","LiveSession is a session replay tool that will help you learn more about your users. You can watch how they interact with your website.",70065,"2021-07-19T13:08:00.000Z","5.7.15","4.6",[19,22,138,127,139],"insights","recordings","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Flivesession.1.0.0.zip",{"attackSurface":142,"codeSignals":177,"taintFlows":310,"riskAssessment":346,"analyzedAt":358},{"hooks":143,"ajaxHandlers":173,"restRoutes":174,"shortcodes":175,"cronEvents":176,"entryPointCount":13,"unprotectedCount":13},[144,150,153,156,160,164,168],{"type":145,"name":146,"callback":147,"file":148,"line":149},"action","admin_menu","rcf_admin_menu","reactflow.php",10,{"type":145,"name":151,"callback":7,"file":148,"line":152},"wp_footer",11,{"type":145,"name":154,"callback":7,"file":148,"line":155},"wp_head",12,{"type":145,"name":157,"callback":158,"file":148,"line":159},"plugins_loaded","reactflow_load_plugin_textdomain",23,{"type":145,"name":161,"callback":162,"file":148,"line":163},"admin_notices","reactflow_warning",184,{"type":145,"name":165,"callback":166,"file":148,"line":167},"wp_dashboard_setup","reactflow_add_dashboard_widgets",949,{"type":169,"name":170,"callback":171,"priority":13,"file":148,"line":172},"filter","plugin_action_links","reactflow_settingsLink",953,[],[],[],[],{"dangerousFunctions":178,"sqlUsage":179,"outputEscaping":181,"fileOperations":13,"externalRequests":27,"nonceChecks":27,"capabilityChecks":27,"bundledLibraries":309},[],{"prepared":13,"raw":13,"locations":180},[],{"escaped":182,"rawEcho":183,"locations":184},34,66,[185,188,190,192,193,194,196,198,200,202,204,206,208,210,211,213,215,216,218,220,222,224,226,228,230,232,234,236,238,240,242,243,245,247,249,251,253,255,257,259,261,263,265,267,269,270,272,274,276,278,280,281,283,285,287,288,290,292,294,296,297,299,301,303,305,307],{"file":148,"line":186,"context":187},44,"raw output",{"file":148,"line":189,"context":187},175,{"file":148,"line":191,"context":187},454,{"file":148,"line":191,"context":187},{"file":148,"line":191,"context":187},{"file":148,"line":195,"context":187},476,{"file":148,"line":197,"context":187},478,{"file":148,"line":199,"context":187},493,{"file":148,"line":201,"context":187},520,{"file":148,"line":203,"context":187},558,{"file":148,"line":205,"context":187},564,{"file":148,"line":207,"context":187},568,{"file":148,"line":209,"context":187},571,{"file":148,"line":209,"context":187},{"file":148,"line":212,"context":187},572,{"file":148,"line":214,"context":187},573,{"file":148,"line":214,"context":187},{"file":148,"line":217,"context":187},574,{"file":148,"line":219,"context":187},581,{"file":148,"line":221,"context":187},582,{"file":148,"line":223,"context":187},583,{"file":148,"line":225,"context":187},584,{"file":148,"line":227,"context":187},585,{"file":148,"line":229,"context":187},586,{"file":148,"line":231,"context":187},590,{"file":148,"line":233,"context":187},593,{"file":148,"line":235,"context":187},595,{"file":148,"line":237,"context":187},614,{"file":148,"line":239,"context":187},620,{"file":148,"line":241,"context":187},623,{"file":148,"line":241,"context":187},{"file":148,"line":244,"context":187},624,{"file":148,"line":246,"context":187},625,{"file":148,"line":248,"context":187},631,{"file":148,"line":250,"context":187},632,{"file":148,"line":252,"context":187},633,{"file":148,"line":254,"context":187},636,{"file":148,"line":256,"context":187},676,{"file":148,"line":258,"context":187},678,{"file":148,"line":260,"context":187},682,{"file":148,"line":262,"context":187},691,{"file":148,"line":264,"context":187},694,{"file":148,"line":266,"context":187},698,{"file":148,"line":268,"context":187},699,{"file":148,"line":268,"context":187},{"file":148,"line":271,"context":187},705,{"file":148,"line":273,"context":187},729,{"file":148,"line":275,"context":187},733,{"file":148,"line":277,"context":187},759,{"file":148,"line":279,"context":187},764,{"file":148,"line":279,"context":187},{"file":148,"line":282,"context":187},775,{"file":148,"line":284,"context":187},779,{"file":148,"line":286,"context":187},782,{"file":148,"line":286,"context":187},{"file":148,"line":289,"context":187},793,{"file":148,"line":291,"context":187},799,{"file":148,"line":293,"context":187},808,{"file":148,"line":295,"context":187},811,{"file":148,"line":295,"context":187},{"file":148,"line":298,"context":187},820,{"file":148,"line":300,"context":187},850,{"file":148,"line":302,"context":187},897,{"file":148,"line":304,"context":187},903,{"file":148,"line":306,"context":187},917,{"file":148,"line":308,"context":187},918,[],[311,335],{"entryPoint":312,"graph":313,"unsanitizedCount":13,"severity":334},"rcf_optionpage (reactflow.php:236)",{"nodes":314,"edges":330},[315,320,325,328],{"id":316,"type":317,"label":318,"file":148,"line":319},"n0","source","$_POST",327,{"id":321,"type":322,"label":323,"file":148,"line":229,"wp_function":324},"n1","sink","echo() [XSS]","echo",{"id":326,"type":317,"label":327,"file":148,"line":256},"n2","$_SERVER['REQUEST_URI']",{"id":329,"type":322,"label":323,"file":148,"line":256,"wp_function":324},"n3",[331,333],{"from":316,"to":321,"sanitized":332},true,{"from":326,"to":329,"sanitized":332},"low",{"entryPoint":336,"graph":337,"unsanitizedCount":13,"severity":334},"\u003Creactflow> (reactflow.php:0)",{"nodes":338,"edges":343},[339,340,341,342],{"id":316,"type":317,"label":318,"file":148,"line":319},{"id":321,"type":322,"label":323,"file":148,"line":229,"wp_function":324},{"id":326,"type":317,"label":327,"file":148,"line":256},{"id":329,"type":322,"label":323,"file":148,"line":256,"wp_function":324},[344,345],{"from":316,"to":321,"sanitized":332},{"from":326,"to":329,"sanitized":332},{"summary":347,"deductions":348},"The plugin 'reactflow-session-replay-heatmap' v1.0.11 demonstrates several good security practices, including the complete absence of direct SQL queries and a single external HTTP request that might be legitimate. Furthermore, the static analysis shows a low attack surface with no unprotected AJAX handlers, REST API routes, shortcodes, or cron events, and only one instance of a nonce and capability check, suggesting a controlled and authenticated entry point. However, the low percentage of properly escaped output (34%) presents a significant concern, indicating a high likelihood of cross-site scripting (XSS) vulnerabilities. This is corroborated by its vulnerability history, which includes a medium-severity CVE for XSS and a recent unpatched vulnerability of the same type. The presence of even one unpatched vulnerability, especially of medium severity and XSS, warrants immediate attention. While the plugin appears to have a solid foundation regarding input handling and access control, the lack of comprehensive output escaping is a critical weakness that could be exploited.",[349,352,355],{"reason":350,"points":351},"Unpatched medium severity CVE (XSS)",18,{"reason":353,"points":354},"Low output escaping percentage (34%)",15,{"reason":356,"points":357},"1 external HTTP request",3,"2026-03-16T19:56:29.047Z",{"wat":360,"direct":367},{"assetPaths":361,"generatorPatterns":363,"scriptPaths":364,"versionParams":365},[362],"\u002Fwp-content\u002Fplugins\u002Freactflow-session-replay-heatmap\u002Freactflow.js",[],[362],[366],"reactflow-session-replay-heatmap\u002Freactflow.js?ver=",{"cssClasses":368,"htmlComments":369,"htmlAttributes":371,"restEndpoints":372,"jsGlobals":373,"shortcodeOutput":375},[],[370],"\u003C!-- Reactflow WP v1.0.11 -->",[],[],[374],"reactflow_tracker",[]]