[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fn8kSpK9Zmk3oG73wI2fMUpDSZY-RSsjHWBEz9S8qYEY":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":16,"tags":17,"homepage":23,"download_link":24,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27,"vulnerabilities":28,"developer":29,"crawl_stats":26,"alternatives":34,"analysis":126,"fingerprints":204},"user-insight","User Insight WordPress Plugin","1.0.5","userlocal","https:\u002F\u002Fprofiles.wordpress.org\u002Fuserlocal\u002F","\u003Cp>説明\u003C\u002Fp>\n\u003Cp>このプラグインはWordPressのデータをアクセス解析ツールUser Insightで計測するためのプラグインです。\u003Cbr \u002F>\nデータを解析するため、このプラグインは nakanohito.jp のドメインと通信します。\u003Cbr \u002F>\n1分程度の簡単な設定でWordPressページにUser Insightのタグを設置できます。\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fui.userlocal.jp\" rel=\"nofollow ugc\">User Insightについてより詳しく見る\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Arbitrary section 1\u003C\u002Fh3>\n","ヒートマップ対応アクセス解析ツールUser InsightのWordPressプラグインです。簡単な設定ですぐにUser Insightでデータを計測できるようになります。",200,3987,0,"2021-11-02T09:43:00.000Z","5.8.13","",[18,19,20,21,22],"analytics","analyze","click","heatmap","japanese","https:\u002F\u002Fui.userlocal.jp","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fuser-insight.1.0.5.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":30,"total_installs":11,"avg_security_score":25,"avg_patch_time_days":31,"trust_score":32,"computed_at":33},1,30,84,"2026-04-06T09:28:59.792Z",[35,55,73,91,106],{"slug":36,"name":37,"version":38,"author":39,"author_profile":40,"description":41,"short_description":42,"active_installs":43,"downloaded":44,"rating":45,"num_ratings":46,"last_updated":47,"tested_up_to":48,"requires_at_least":49,"requires_php":50,"tags":51,"homepage":52,"download_link":53,"security_score":54,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27},"aurora-heatmap","Aurora Heatmap","1.7.1","r3098","https:\u002F\u002Fprofiles.wordpress.org\u002Fr3098\u002F","\u003Cp>Goddess Aurora is said to give light to the user world.\u003Cbr \u002F>\nThe name “Aurora Heatmap” visualizes user behavior with a beautiful heatmap.\u003Cbr \u002F>\nBringing light to the activation and optimization of your website.\u003C\u002Fp>\n\u003Ch4>The most important thing in site management.\u003C\u002Fh4>\n\u003Cp>That is, \u003Cem>Is the user satisfied?\u003C\u002Fem>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Where do users see and move through the content?\u003C\u002Fli>\n\u003Cli>Whether the user is not confused?\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Aurora Heatmap is the \u003Cstrong>strongest tool\u003C\u002Fstrong> for visualizing it.\u003C\u002Fp>\n\u003Col>\n\u003Cli>Are you guiding users well?\u003C\u002Fli>\n\u003Cli>Conversion rate\u003C\u002Fli>\n\u003Cli>Are you missing out on prospects and readers?\u003C\u002Fli>\n\u003Cli>How is it evaluated by Google?\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>You will be able to see the points of improvement.\u003C\u002Fp>\n\u003Ch4>Plugin features\u003C\u002Fh4>\n\u003Cp>\u003Cstrong>\u003Cem>No Coding\u003C\u002Fem>\u003C\u002Fstrong>\u003Cbr \u002F>\n\u003Cstrong>\u003Cem>No Setting\u003C\u002Fem>\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>You just install and activate the plugin.\u003Cbr \u002F>\nNo troublesome user registration or setup is required.\u003Cbr \u002F>\nIt works as default in most WordPress environments.\u003Cbr \u002F>\nAnd Aurora Heatmap is \u003Cstrong>complete with just plugin\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003Cp>The free version can check the click heat map of PC and mobile, and can be used on any number of sites.\u003Cbr \u002F>\nEven if it is free, there is no limit due to the number of PV and analysis pages.\u003C\u002Fp>\n\u003Ch4>Special notes\u003C\u002Fh4>\n\u003Cp>If it does not work well when used with a cache plugin, turn off JavaScript-related optimization, or exclude jQuery and Aurora Heatmap measurement script (reporter.js) from optimization.\u003Cbr \u002F>\nFor more details, please refer to \u003Ca href=\"https:\u002F\u002Fmarket.seous.info\u002Fen\u002Faurora-heatmap#oc-1\" rel=\"nofollow ugc\">official site description page\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>Aurora Heatmap can be used with the following cache plugins.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>WP Rocket\u003C\u002Fli>\n\u003Cli>W3 Total Cache\u003C\u002Fli>\n\u003Cli>WP Super Cache\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Usage and support\u003C\u002Fh4>\n\u003Cp>More detailed usage and FAQs are provided on the \u003Ca href=\"https:\u002F\u002Fmarket.seous.info\u002Fen\u002Faurora-heatmap\" rel=\"nofollow ugc\">Aurora Heatmap official site\u003C\u002Fa>.\u003Cbr \u002F>\nIf you can’t find the answer to your question in those documents, use the WordPress.org \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Faurora-heatmap\u002F\" rel=\"ugc\">support forum\u003C\u002Fa>.\u003Cbr \u002F>\nThe premium version has priority email support.\u003C\u002Fp>\n\u003Ch4>About privacy\u003C\u002Fh4>\n\u003Cp>This plugin \u003Cstrong>does not\u003C\u002Fstrong> perform the following operations.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>User tracking\u003C\u002Fli>\n\u003Cli>Send recorded data to external server\u003C\u002Fli>\n\u003Cli>Use of cookies\u003C\u002Fli>\n\u003Cli>Record of personally identifiable data including IP address\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Aurora Heatmap Free version 90 seconds demo\u003C\u002Fh4>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002F3W17Gg_vbHg?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\n","Beautiful like an aurora! A simple WordPress heatmap that can be completed with just a plugin.",20000,357256,94,7,"2025-04-14T09:25:00.000Z","6.8.0","4.9","7.0",[18,19,20,21,22],"https:\u002F\u002Fmarket.seous.info\u002Faurora-heatmap","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Faurora-heatmap.1.7.1.zip",100,{"slug":56,"name":57,"version":58,"author":59,"author_profile":60,"description":61,"short_description":62,"active_installs":63,"downloaded":64,"rating":54,"num_ratings":30,"last_updated":65,"tested_up_to":66,"requires_at_least":67,"requires_php":68,"tags":69,"homepage":70,"download_link":71,"security_score":25,"vuln_count":30,"unpatched_count":13,"last_vuln_date":72,"fetched_at":27},"userheat","UserHeat Plugin","1.1.11","hayata","https:\u002F\u002Fprofiles.wordpress.org\u002Fhayata\u002F","\u003Cp>UserHeat is free heatmap analytics plugin to visualize user behavior\u003Cbr \u002F>\nboth PC and smartphone.\u003Cbr \u002F>\nIt takes just one step and 30 seconds to start analysis.\u003C\u002Fp>\n\u003Cp>The key features of the plugin are:\u003C\u002Fp>\n\u003Cp>・3 Heatmap(gaze,click,mouse track) reveals see exactly where your\u003Cbr \u002F>\nvisitors click on the page, see how much attention a specific area\u003Cbr \u002F>\ngets by thermography\u003C\u002Fp>\n\u003Cp>・Optimize forms usability to improve submission rates.\u003C\u002Fp>\n\u003Cp>・It is available not only for PC but also smartphones and tablet devices.\u003C\u002Fp>\n\u003Cp>Visit \u003Ca href=\"http:\u002F\u002Fen.userheat.com\" rel=\"nofollow ugc\">userheat\u003C\u002Fa> to learn more.\u003C\u002Fp>\n","Free heatmaps plugin for web analytics, on both PC and smartphone.",6000,35492,"2024-04-01T07:58:00.000Z","5.6.17","4.2","5.4",[18,19,20,21,22],"http:\u002F\u002Fuserheat.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fuserheat.1.1.11.zip","2023-11-07 00:00:00",{"slug":74,"name":75,"version":76,"author":77,"author_profile":78,"description":79,"short_description":80,"active_installs":81,"downloaded":82,"rating":13,"num_ratings":13,"last_updated":83,"tested_up_to":15,"requires_at_least":84,"requires_php":85,"tags":86,"homepage":89,"download_link":90,"security_score":54,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27},"mieruca-heatmap-tag-manager","ミエルカヒートマップ タグマネージャー","1.0.0","Faber Company Inc.","https:\u002F\u002Fprofiles.wordpress.org\u002Ffabercompany\u002F","\u003Cp>無料で使えるヒートマップツール、『ミエルカヒートマップ』のタグ設置が簡単にできるプラグインです。\u003C\u002Fp>\n\u003Ch4>ミエルカヒートマップとは？\u003C\u002Fh4>\n\u003Cp>SEO対策サービス『\u003Ca href=\"https:\u002F\u002Fmieru-ca.com\u002F\" rel=\"nofollow ugc\">ミエルカ\u003C\u002Fa>』の姉妹プロダクト。\u003Cbr \u002F>\n以下の3種類のヒートマップから、売上、SEO流入、CVR改善を見える化し、UI\u002FUX改善へのヒントをご提供します。\u003Cbr \u002F>\n    – スクロールヒートマップ: Googleアナリティクスではわからない「ページ内での離脱箇所」を可視化\u003Cbr \u002F>\n    – クリックヒートマップ: ページ内でよくクリックされている場所を可視化、コンバージョンを妨げているクリック場所がないか確認可能\u003Cbr \u002F>\n    – アテンションヒートマップ: 訪問者がどのコンテンツに注目しているかを可視化、CV改善へのヒントに活用可能\u003Cbr \u002F>\n– 複数のアクセス端末 (PC 、スマートフォン、タブレット) 毎に解析可能、レスポンシブ時代の新たな分析にご活用ください。\u003C\u002Fp>\n\u003Cp>より詳しい機能は\u003Ca href=\"https:\u002F\u002Fmieru-ca.com\u002Fheatmap\u002F\" rel=\"nofollow ugc\">ミエルカヒートマップの公式サイト\u003C\u002Fa>でご確認ください。\u003C\u002Fp>\n","無料で使えるヒートマップツール、ミエルカヒートマップのタグ設置が簡単にできるプラグインです。 This is the plugin to introduce the tag of the free heatmap service \"Mieruca Heatmap\" easily.",800,3830,"2025-10-27T13:55:00.000Z","5.0","7.3",[18,19,20,87,88],"read","scroll","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fmieruca-heatmap-tag-manager\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmieruca-heatmap-tag-manager.zip",{"slug":21,"name":92,"version":93,"author":94,"author_profile":95,"description":96,"short_description":97,"active_installs":31,"downloaded":98,"rating":13,"num_ratings":13,"last_updated":99,"tested_up_to":100,"requires_at_least":16,"requires_php":16,"tags":101,"homepage":104,"download_link":105,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27},"Heatmap Plugin","1.3","DimitryKislichenko","https:\u002F\u002Fprofiles.wordpress.org\u002Fdimitrykislichenko\u002F","\u003Cp>This plugin will help you to analyze where people click on your site. As the result you will discover where better to place banners, how to organize navigation, where to put advertisements like AdSense and more. The heatmap of clicks can show you what works – which links people did find and click on.\u003C\u002Fp>\n\u003Cp>After you activated plugin, go to main page of your blog. If you are authenticated as administrator, at the top you will see small arrow.\u003C\u002Fp>\n","This plugin will help you to analyze where people click on your site. As the result you will discover where better to place banners, how to organize n &hellip;",11044,"2009-03-11T12:05:00.000Z","2.7.1",[102,103,21],"clickmap","clicks-analyzer","http:\u002F\u002Fwpheatmap.oufel.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fheatmap.zip",{"slug":107,"name":108,"version":109,"author":110,"author_profile":111,"description":112,"short_description":113,"active_installs":114,"downloaded":115,"rating":116,"num_ratings":117,"last_updated":118,"tested_up_to":119,"requires_at_least":120,"requires_php":16,"tags":121,"homepage":124,"download_link":125,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27},"wp-super-heatmap","WP Super Heatmap","0.1.0","Ryan","https:\u002F\u002Fprofiles.wordpress.org\u002Frfrankel\u002F","\u003Cp>This plugin was created to give WordPress users a simple way of creating heatmaps for their website without any cost and without using third-party services.  All of the click-track data is stored locally and the heatmap is also calculated on your own server.  I tried to make the interface as simple as possible and anyone should be able to use this plugin without much trouble.\u003C\u002Fp>\n\u003Cp>Please note that this is currently an Alpha release of this plugin and please report any bugs to \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fryan-frankel\u002Fwp_super_heatmap\u002Fissues?sort=created&direction=desc&state=open\" rel=\"nofollow ugc\">our GitHub repository.\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>You can also visit this plugins \u003Ca href=\"http:\u002F\u002Fwp-super-heatmap.swampedpublishing.com\u002F\" rel=\"nofollow ugc\">homepage to leave feedback\u003C\u002Fa> and to also get more detailed information about the plugin.  If you have ideas to improve the plugin please leave your comments on that page.\u003C\u002Fp>\n","This plugin tracks user clicks and creates a heatmap for your website. All data is stored locally and no third-party service is used. Completely free!",10,7117,60,2,"2011-11-15T21:21:00.000Z","3.2.1","3.0",[18,122,102,123,21],"click-map","heat-map","http:\u002F\u002FURI_Of_Page_Describing_Plugin_and_Updates","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-super-heatmap.0.1.0.zip",{"attackSurface":127,"codeSignals":143,"taintFlows":169,"riskAssessment":197,"analyzedAt":203},{"hooks":128,"ajaxHandlers":139,"restRoutes":140,"shortcodes":141,"cronEvents":142,"entryPointCount":13,"unprotectedCount":13},[129,135],{"type":130,"name":131,"callback":132,"file":133,"line":134},"action","wp_footer","attachUiTag","user_insight.php",26,{"type":130,"name":136,"callback":137,"file":133,"line":138},"admin_menu","addPage",27,[],[],[],[],{"dangerousFunctions":144,"sqlUsage":145,"outputEscaping":147,"fileOperations":13,"externalRequests":13,"nonceChecks":117,"capabilityChecks":117,"bundledLibraries":168},[],{"prepared":13,"raw":13,"locations":146},[],{"escaped":30,"rawEcho":148,"locations":149},9,[150,153,156,157,159,161,163,165,166],{"file":133,"line":151,"context":152},65,"raw output",{"file":154,"line":155,"context":152},"view\\admin.php",15,{"file":154,"line":155,"context":152},{"file":154,"line":158,"context":152},19,{"file":154,"line":160,"context":152},43,{"file":154,"line":162,"context":152},47,{"file":154,"line":164,"context":152},80,{"file":154,"line":32,"context":152},{"file":154,"line":167,"context":152},108,[],[170,189],{"entryPoint":171,"graph":172,"unsanitizedCount":13,"severity":188},"settingsPage (user_insight.php:72)",{"nodes":173,"edges":185},[174,179],{"id":175,"type":176,"label":177,"file":133,"line":178},"n0","source","$_POST (x2)",83,{"id":180,"type":181,"label":182,"file":133,"line":183,"wp_function":184},"n1","sink","update_option() [Settings Manipulation]",86,"update_option",[186],{"from":175,"to":180,"sanitized":187},true,"low",{"entryPoint":190,"graph":191,"unsanitizedCount":13,"severity":188},"\u003Cuser_insight> (user_insight.php:0)",{"nodes":192,"edges":195},[193,194],{"id":175,"type":176,"label":177,"file":133,"line":178},{"id":180,"type":181,"label":182,"file":133,"line":183,"wp_function":184},[196],{"from":175,"to":180,"sanitized":187},{"summary":198,"deductions":199},"The \"user-insight\" v1.0.5 plugin exhibits a generally strong security posture based on the provided static analysis and vulnerability history. The absence of any recorded CVEs, particularly critical or high-severity ones, is a significant positive indicator. Furthermore, the static analysis reveals a clean slate in terms of dangerous functions, raw SQL queries, and taint flows, suggesting developers have followed secure coding practices. The presence of nonce and capability checks, along with the exclusive use of prepared statements for SQL queries, are commendable security measures.\n\nHowever, the static analysis does highlight a notable weakness: only 10% of output is properly escaped. This means that for every 10 output operations, 9 could potentially be vulnerable to cross-site scripting (XSS) attacks if the data originates from an untrusted source. While there are no explicit attack vectors like unauthenticated AJAX handlers or REST API routes, an XSS vulnerability could still be exploited in conjunction with other factors or within authenticated contexts. The lack of vulnerability history, while positive, could also be interpreted as a lack of extensive real-world security testing or historical scrutiny, making the current static analysis findings particularly important.\n\nIn conclusion, \"user-insight\" v1.0.5 demonstrates good foundational security practices, especially regarding SQL and taint analysis. The primary concern lies with the significantly low percentage of proper output escaping, which presents a tangible risk for XSS vulnerabilities. The absence of past vulnerabilities is reassuring, but the identified output escaping issue requires immediate attention to bolster the plugin's overall security.",[200],{"reason":201,"points":202},"Low percentage of properly escaped output",20,"2026-03-16T20:08:55.950Z",{"wat":205,"direct":212},{"assetPaths":206,"generatorPatterns":208,"scriptPaths":209,"versionParams":211},[207],"\u002Fwp-content\u002Fplugins\u002Fuser-insight\u002Fcss\u002Fbootstrap.min.css",[],[210],"\u002F\u002Fcs.nakanohito.jp\u002Fb3\u002Fbi.js",[],{"cssClasses":213,"htmlComments":216,"htmlAttributes":221,"restEndpoints":230,"jsGlobals":231,"shortcodeOutput":235},[214,215],"alert-success","alert-danger",[217,218,219,220],"\u003C!-- User Insight PCDF Code Start : userlocal.jp -->","\u003C!-- User Insight PCDF Code End : userlocal.jp -->","\u003C!-- DO NOT ALTER BELOW THIS LINE -->","\u003C!-- WITH FIRST PARTY COOKIE -->",[222,223,224,225,226,227,228,229],"id=\"ui_analytics_id\"","name=\"analyticsId\"","id=\"update_ui_id\"","name=\"update_ui_id_nonce\"","id=\"ui_additional_tag\"","name=\"additionalTag\"","id=\"update_ui_add_tag\"","name=\"update_ui_add_tag_nonce\"",[],[232,233,234],"_uic","_uih","_uic['uls']",[]]