[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fK0OqzyWe68MyPTkRPd1G0tzcwYDvXazCoBwCSKyfmWk":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"vulnerabilities":31,"developer":32,"crawl_stats":29,"alternatives":38,"analysis":132,"fingerprints":222},"wp-super-heatmap","WP Super Heatmap","0.1.0","Ryan","https:\u002F\u002Fprofiles.wordpress.org\u002Frfrankel\u002F","\u003Cp>This plugin was created to give WordPress users a simple way of creating heatmaps for their website without any cost and without using third-party services.  All of the click-track data is stored locally and the heatmap is also calculated on your own server.  I tried to make the interface as simple as possible and anyone should be able to use this plugin without much trouble.\u003C\u002Fp>\n\u003Cp>Please note that this is currently an Alpha release of this plugin and please report any bugs to \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fryan-frankel\u002Fwp_super_heatmap\u002Fissues?sort=created&direction=desc&state=open\" rel=\"nofollow ugc\">our GitHub repository.\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>You can also visit this plugins \u003Ca href=\"http:\u002F\u002Fwp-super-heatmap.swampedpublishing.com\u002F\" rel=\"nofollow ugc\">homepage to leave feedback\u003C\u002Fa> and to also get more detailed information about the plugin.  If you have ideas to improve the plugin please leave your comments on that page.\u003C\u002Fp>\n","This plugin tracks user clicks and creates a heatmap for your website. All data is stored locally and no third-party service is used. Completely free!",10,7117,60,2,"2011-11-15T21:21:00.000Z","3.2.1","3.0","",[20,21,22,23,24],"analytics","click-map","clickmap","heat-map","heatmap","http:\u002F\u002FURI_Of_Page_Describing_Plugin_and_Updates","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-super-heatmap.0.1.0.zip",85,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":33,"display_name":7,"profile_url":8,"plugin_count":14,"total_installs":34,"avg_security_score":27,"avg_patch_time_days":35,"trust_score":36,"computed_at":37},"rfrankel",310,30,84,"2026-04-04T03:49:14.978Z",[39,55,74,89,111],{"slug":40,"name":41,"version":42,"author":43,"author_profile":44,"description":45,"short_description":46,"active_installs":28,"downloaded":47,"rating":28,"num_ratings":28,"last_updated":18,"tested_up_to":48,"requires_at_least":49,"requires_php":50,"tags":51,"homepage":18,"download_link":52,"security_score":53,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":54},"wp-light-heatmap","WP Light Heatmap","1.0.0","wplightheatmap","https:\u002F\u002Fprofiles.wordpress.org\u002Fwplightheatmap\u002F","\u003Cp>This plugin allows you to create a heatmap based on mouse clicks and cursor movements. By default, positions of the cursor in the work area (e.g. main page of the blog, any post, categories, tags, etc.) will be saved per some interval in seconds (5 seconds by default) for every user that will visit your homepage.\u003C\u002Fp>\n\u003Cp>Also, you can add click tracking and the position of every mouse click will be saved too. All the saved coordinates will be saved in the database and can be rendered by admins at any time with the “Display Heatmap” button on the main page.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Major features of the plugin\u003C\u002Fstrong>\u003Cbr \u002F>\n– Automatically saves the position of the cursor per some time interval for every user\u003Cbr \u002F>\n– Immediately saves click positions on any page\u003Cbr \u002F>\n– Allows to set own position-save interval\u003Cbr \u002F>\n– Saves everything in your own WP database. No 3rd party services involved!\u003C\u002Fp>\n","This plugin allows you to create a heatmap based on mouse clicks and cursor movements.",3039,"5.3.21","3.0.1","5.6",[20,21,22,23,24],"https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-light-heatmap.1.0.zip",100,"2026-03-15T10:48:56.248Z",{"slug":56,"name":57,"version":58,"author":24,"author_profile":59,"description":60,"short_description":61,"active_installs":62,"downloaded":63,"rating":64,"num_ratings":65,"last_updated":66,"tested_up_to":67,"requires_at_least":68,"requires_php":18,"tags":69,"homepage":72,"download_link":73,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"heatmap-for-wp","heatmap for WordPress – Realtime analytics","0.5.2","https:\u002F\u002Fprofiles.wordpress.org\u002Fheatmap\u002F","\u003Cp>heatmap provides realtime analytics and mouse tracking that helps sites editors understand in seconds which are their best performing contents. heatmap is used to optimize the traffic flow on websites and significantly reduce exit rates.\u003C\u002Fp>\n\u003Ch4>Key features of heatmap\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>realtime analytics, with easy-to-understand heat maps, that are overlaid on your site\u003C\u002Fli>\n\u003Cli>smart heat maps that support responsive web design and touch devices\u003C\u002Fli>\n\u003Cli>fully asynchronous tag; no impact on your site’s performance\u003C\u002Fli>\n\u003Cli>no sampling\u003C\u002Fli>\n\u003Cli>automatic updates (no need to refresh the page)\u003C\u002Fli>\n\u003Cli>only you can see the data of your site\u003C\u002Fli>\n\u003Cli>https supported\u003C\u002Fli>\n\u003Cli>full privacy (your users are anonymous)\u003C\u002Fli>\n\u003Cli>free plan available!\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Visit \u003Ca href=\"https:\u002F\u002Fheatmap.com\u002F\" rel=\"nofollow ugc\">heatmap.com\u003C\u002Fa> to learn more\u003C\u002Fstrong>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Key features of the plugin\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>easy and automatic installation of heatmap’s tag\u003C\u002Fli>\n\u003Cli>no extra load on the database of your wordpress site (no impact on your page speed)\u003C\u002Fli>\n\u003Cli>compatible with symbolic links if you have lots of websites\u003C\u002Fli>\n\u003Cli>written and maintained by the team behind \u003Ca href=\"https:\u002F\u002Fheatmap.com\u002F\" rel=\"nofollow ugc\">heatmap\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n","Real-time analytics and event tracking for your WordPress sites.",1000,100798,82,19,"2019-02-21T03:11:00.000Z","5.1.22","3.1",[20,23,24,70,71],"real-time","realtime","http:\u002F\u002Fwordpress.org\u002Fplugins\u002Fheatmap-for-wp\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fheatmap-for-wp.0.5.2.zip",{"slug":75,"name":76,"version":77,"author":75,"author_profile":78,"description":79,"short_description":80,"active_installs":53,"downloaded":81,"rating":53,"num_ratings":14,"last_updated":82,"tested_up_to":83,"requires_at_least":84,"requires_php":18,"tags":85,"homepage":18,"download_link":88,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"howuku","Heatmap & Analytics – Howuku Web Optimization","1.0.5","https:\u002F\u002Fprofiles.wordpress.org\u002Fhowuku\u002F","\u003Cp>\u003Cstrong>Free heatmap and analytics tool for your WordPress sites.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Howuku is an all-in-one behavior analytics platform created to help you understand your audience better. Designed especially for marketers and product managers, Howuku offers state-of-the-art analytics tools to understand and visualize user behavior with heatmap and how it impacts your product.\u003C\u002Fp>\n\u003Cp>With Howuku, you can track dynamic heatmap, conversion funnels and get instant feedback from your customers to help your product grow.\u003C\u002Fp>\n\u003Cp>Additionally, the heatmap and recording can help you eliminate guesswork and show you what your visitors do exactly and why they drop-off from your website.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fhowuku.com\u002F?utm_source=wordpress&utm_medium=plugin&utm_campaign=wp_plugin_page\" rel=\"nofollow ugc\">Get started for free\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>What is Heatmap?\u003C\u002Fh3>\n\u003Cp>A website heatmap is a visual representation that shows you what elements on your website are getting the most interaction (hot) and those that are getting the least (cold).\u003C\u002Fp>\n\u003Cp>You get a comprehensive understanding of what is holding visitors’ attention, what needs to be improved, and what needs to be removed.\u003C\u002Fp>\n\u003Cp>Basically, a heatmap help you see an aggregated view of your user behaviors’ hotspot.\u003C\u002Fp>\n\u003Ch3>How can heatmap helps you improve website conversions?\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Make sure all your important Call-to-actions is above the average-fold of your scroll map\u003C\u002Fli>\n\u003Cli>Identify if your visitors are confused by non-clickable elements and turn those into links\u003C\u002Fli>\n\u003Cli>Find out what your visitors are looking for and reposition your element to improve engagement rate\u003C\u002Fli>\n\u003Cli>Make sure visitors seeing critical website elements like eBooks, guides, and solution briefs?\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>KEY FEATURES OF HEATMAP\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Click heatmap to learn where do visitor click the most\u003C\u002Fli>\n\u003Cli>Scroll heatmap to find out how far down do visitors scrolled\u003C\u002Fli>\n\u003Cli>Segment heatmap with segmented user data such as Source, Referrer, Day of Week and etc\u003C\u002Fli>\n\u003Cli>Sharable external heatmap link to your product and marketing team\u003C\u002Fli>\n\u003Cli>Export PDF report of your heatmap\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>OTHER OPTIMIZATION FEATURES\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Heatmap: click map, scroll map, and user segmented hotspot\u003C\u002Fli>\n\u003Cli>Visitor Recording: CCTV for your website\u003C\u002Fli>\n\u003Cli>Realtime Analytics and Conversion Funnel\u003C\u002Fli>\n\u003Cli>Create unlimited no. of websites, recordings and heatmap\u003C\u002Fli>\n\u003Cli>Free feedback widget tool and pop-up survey\u003C\u002Fli>\n\u003Cli>On-site A\u002FB testing no coding needed\u003C\u002Fli>\n\u003Cli>Filtering and segmentation\u003C\u002Fli>\n\u003Cli>Mobile, tablet, and PC recordings\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cem>Learn more about \u003Ca href=\"https:\u002F\u002Fhowuku.com\u002Ffeatures?utm_source=wordpress&utm_medium=plugin&utm_campaign=wp_plugin_page\" rel=\"nofollow ugc\">all optimization features here\u003C\u002Fa>!\u003C\u002Fem>\u003C\u002Fp>\n\u003Ch3>Resources\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>Website:\u003C\u002Fstrong> \u003Ca href=\"https:\u002F\u002Fhowuku.com\u002F?utm_source=wordpress&utm_medium=plugin&utm_campaign=wp_plugin_page\" rel=\"nofollow ugc\">Howuku Homepage\u003C\u002Fa>\u003Cbr \u002F>\n\u003Cstrong>Pricing:\u003C\u002Fstrong> \u003Ca href=\"https:\u002F\u002Fhowuku.com\u002Fpricing?utm_source=wordpress&utm_medium=plugin&utm_campaign=wp_plugin_page\" rel=\"nofollow ugc\">Affordable Plans\u003C\u002Fa>\u003Cbr \u002F>\n\u003Cstrong>Heatmap:\u003C\u002Fstrong> \u003Ca href=\"https:\u002F\u002Fhowuku.com\u002Fwebsite-heatmap?utm_source=wordpress&utm_medium=plugin&utm_campaign=wp_plugin_page\" rel=\"nofollow ugc\">Dynamic Heatmap\u003C\u002Fa>\u003Cbr \u002F>\n\u003Cstrong>Register:\u003C\u002Fstrong> \u003Ca href=\"https:\u002F\u002Fapp.howuku.com\u002Fsign-up\u002Fbasic?utm_source=wordpress\" rel=\"nofollow ugc\">GET STARTED FOR FREE\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Legal\u003C\u002Fh3>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fhelp.howuku.com\u002Farticle\u002F18-terms-of-service\" rel=\"nofollow ugc\">Terms & Condition\u003C\u002Fa>\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fhelp.howuku.com\u002Farticle\u002F17-privacy-policy\" rel=\"nofollow ugc\">Privacy Policy\u003C\u002Fa>\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fhelp.howuku.com\u002Farticle\u002F35-gdpr\" rel=\"nofollow ugc\">GDPR Compliant\u003C\u002Fa>\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fhelp.howuku.com\u002Farticle\u002F41-cookies-policy\" rel=\"nofollow ugc\">Cookies Policy\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>\u003Cem>Sign up for FREE today, no credit card needed!\u003C\u002Fem>\u003C\u002Fp>\n","Free heatmap and analytics tool for your WordPress sites.",3333,"2022-06-12T07:44:00.000Z","6.0.11","2.7",[20,23,24,86,87],"heatmaps","recording","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fhowuku.zip",{"slug":90,"name":91,"version":92,"author":93,"author_profile":94,"description":95,"short_description":96,"active_installs":97,"downloaded":98,"rating":99,"num_ratings":100,"last_updated":101,"tested_up_to":102,"requires_at_least":103,"requires_php":104,"tags":105,"homepage":109,"download_link":110,"security_score":53,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"aurora-heatmap","Aurora Heatmap","1.7.1","r3098","https:\u002F\u002Fprofiles.wordpress.org\u002Fr3098\u002F","\u003Cp>Goddess Aurora is said to give light to the user world.\u003Cbr \u002F>\nThe name “Aurora Heatmap” visualizes user behavior with a beautiful heatmap.\u003Cbr \u002F>\nBringing light to the activation and optimization of your website.\u003C\u002Fp>\n\u003Ch4>The most important thing in site management.\u003C\u002Fh4>\n\u003Cp>That is, \u003Cem>Is the user satisfied?\u003C\u002Fem>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Where do users see and move through the content?\u003C\u002Fli>\n\u003Cli>Whether the user is not confused?\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Aurora Heatmap is the \u003Cstrong>strongest tool\u003C\u002Fstrong> for visualizing it.\u003C\u002Fp>\n\u003Col>\n\u003Cli>Are you guiding users well?\u003C\u002Fli>\n\u003Cli>Conversion rate\u003C\u002Fli>\n\u003Cli>Are you missing out on prospects and readers?\u003C\u002Fli>\n\u003Cli>How is it evaluated by Google?\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>You will be able to see the points of improvement.\u003C\u002Fp>\n\u003Ch4>Plugin features\u003C\u002Fh4>\n\u003Cp>\u003Cstrong>\u003Cem>No Coding\u003C\u002Fem>\u003C\u002Fstrong>\u003Cbr \u002F>\n\u003Cstrong>\u003Cem>No Setting\u003C\u002Fem>\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>You just install and activate the plugin.\u003Cbr \u002F>\nNo troublesome user registration or setup is required.\u003Cbr \u002F>\nIt works as default in most WordPress environments.\u003Cbr \u002F>\nAnd Aurora Heatmap is \u003Cstrong>complete with just plugin\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003Cp>The free version can check the click heat map of PC and mobile, and can be used on any number of sites.\u003Cbr \u002F>\nEven if it is free, there is no limit due to the number of PV and analysis pages.\u003C\u002Fp>\n\u003Ch4>Special notes\u003C\u002Fh4>\n\u003Cp>If it does not work well when used with a cache plugin, turn off JavaScript-related optimization, or exclude jQuery and Aurora Heatmap measurement script (reporter.js) from optimization.\u003Cbr \u002F>\nFor more details, please refer to \u003Ca href=\"https:\u002F\u002Fmarket.seous.info\u002Fen\u002Faurora-heatmap#oc-1\" rel=\"nofollow ugc\">official site description page\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>Aurora Heatmap can be used with the following cache plugins.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>WP Rocket\u003C\u002Fli>\n\u003Cli>W3 Total Cache\u003C\u002Fli>\n\u003Cli>WP Super Cache\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Usage and support\u003C\u002Fh4>\n\u003Cp>More detailed usage and FAQs are provided on the \u003Ca href=\"https:\u002F\u002Fmarket.seous.info\u002Fen\u002Faurora-heatmap\" rel=\"nofollow ugc\">Aurora Heatmap official site\u003C\u002Fa>.\u003Cbr \u002F>\nIf you can’t find the answer to your question in those documents, use the WordPress.org \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Faurora-heatmap\u002F\" rel=\"ugc\">support forum\u003C\u002Fa>.\u003Cbr \u002F>\nThe premium version has priority email support.\u003C\u002Fp>\n\u003Ch4>About privacy\u003C\u002Fh4>\n\u003Cp>This plugin \u003Cstrong>does not\u003C\u002Fstrong> perform the following operations.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>User tracking\u003C\u002Fli>\n\u003Cli>Send recorded data to external server\u003C\u002Fli>\n\u003Cli>Use of cookies\u003C\u002Fli>\n\u003Cli>Record of personally identifiable data including IP address\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Aurora Heatmap Free version 90 seconds demo\u003C\u002Fh4>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002F3W17Gg_vbHg?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\n","Beautiful like an aurora! A simple WordPress heatmap that can be completed with just a plugin.",20000,357256,94,7,"2025-04-14T09:25:00.000Z","6.8.0","4.9","7.0",[20,106,107,24,108],"analyze","click","japanese","https:\u002F\u002Fmarket.seous.info\u002Faurora-heatmap","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Faurora-heatmap.1.7.1.zip",{"slug":112,"name":113,"version":114,"author":113,"author_profile":115,"description":116,"short_description":117,"active_installs":118,"downloaded":119,"rating":120,"num_ratings":121,"last_updated":122,"tested_up_to":123,"requires_at_least":124,"requires_php":18,"tags":125,"homepage":129,"download_link":130,"security_score":131,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"crazyegg-heatmap-tracking","Crazy Egg","2.12","https:\u002F\u002Fprofiles.wordpress.org\u002Fcrazyegg\u002F","\u003Cp>Crazy Egg is a free plugin that allows you to painlessly add Crazy Egg’s tracking script to your WordPress site. The tracking script lets Crazy Egg track your visitors.\u003Cbr \u002F>\nThe plugin relies on a 3rd party as a service (www.crazyegg.com) in order to track visitor clicks and mouse movements. Please visit www.crazyegg.com\u002Fterms and www.crazyegg.com\u002Fprivacy to find out more about our policies.\u003C\u002Fp>\n","The easiest, free way to add your Crazy Egg tracking script to your WordPress site. The official Crazy Egg Plugin for WordPress.",7000,260860,76,5,"2024-11-08T16:58:00.000Z","6.7.5","2.0.2",[20,107,126,127,128],"crazy-egg","crazyegg","heat-maps","http:\u002F\u002Fwww.crazyegg.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcrazyegg-heatmap-tracking.2.12.zip",92,{"attackSurface":133,"codeSignals":183,"taintFlows":208,"riskAssessment":209,"analyzedAt":221},{"hooks":134,"ajaxHandlers":156,"restRoutes":179,"shortcodes":180,"cronEvents":181,"entryPointCount":182,"unprotectedCount":182},[135,141,145,148,152],{"type":136,"name":137,"callback":138,"file":139,"line":140},"action","wp_enqueue_scripts","wp_super_heatmap_script","wp_super_heatmap.php",35,{"type":136,"name":142,"callback":143,"file":139,"line":144},"admin_init","wp_super_heatmap_admin_script",70,{"type":136,"name":142,"callback":146,"file":139,"line":147},"wp_super_heatmap_init",108,{"type":136,"name":149,"callback":150,"file":139,"line":151},"wp_footer","insert_display_heatmap_bar",275,{"type":136,"name":153,"callback":154,"file":139,"line":155},"admin_menu","wp_super_heatmap_admin_menu",384,[157,162,164,167,169,172,174,177],{"action":158,"nopriv":159,"callback":158,"hasNonce":160,"hasCapCheck":160,"file":139,"line":161},"wp_super_heatmap_add_dot",true,false,171,{"action":158,"nopriv":160,"callback":158,"hasNonce":160,"hasCapCheck":160,"file":139,"line":163},172,{"action":165,"nopriv":159,"callback":165,"hasNonce":160,"hasCapCheck":160,"file":139,"line":166},"wp_super_heatmap_display",207,{"action":165,"nopriv":160,"callback":165,"hasNonce":160,"hasCapCheck":160,"file":139,"line":168},208,{"action":170,"nopriv":159,"callback":170,"hasNonce":160,"hasCapCheck":160,"file":139,"line":171},"wp_super_heatmap_clear_database",260,{"action":170,"nopriv":160,"callback":170,"hasNonce":160,"hasCapCheck":160,"file":139,"line":173},261,{"action":175,"nopriv":159,"callback":175,"hasNonce":160,"hasCapCheck":160,"file":139,"line":176},"wp_super_heatmap_calculate_neighbors",295,{"action":175,"nopriv":160,"callback":175,"hasNonce":160,"hasCapCheck":160,"file":139,"line":178},296,[],[],[],8,{"dangerousFunctions":184,"sqlUsage":185,"outputEscaping":193,"fileOperations":28,"externalRequests":28,"nonceChecks":28,"capabilityChecks":14,"bundledLibraries":207},[],{"prepared":28,"raw":14,"locations":186},[187,190],{"file":139,"line":188,"context":189},240,"$wpdb->get_results() with variable interpolation",{"file":139,"line":191,"context":192},267,"$wpdb->query() with variable interpolation",{"escaped":28,"rawEcho":121,"locations":194},[195,199,201,203,205],{"file":196,"line":197,"context":198},"backup.php",36,"raw output",{"file":196,"line":200,"context":198},41,{"file":139,"line":202,"context":198},253,{"file":139,"line":204,"context":198},284,{"file":139,"line":206,"context":198},377,[],[],{"summary":210,"deductions":211},"The wp-super-heatmap v0.1.0 plugin exhibits a concerning security posture, primarily due to its unprotected AJAX endpoints and lack of output escaping. With 8 AJAX handlers identified, all of which lack authentication checks, there is a significant attack surface exposed. This means that any user, including unauthenticated ones, could potentially trigger these functionalities, leading to unintended consequences or the exploitation of underlying vulnerabilities. The absence of proper output escaping on all identified outputs further exacerbates this risk, as it opens the door to cross-site scripting (XSS) attacks. If user-supplied data is reflected directly in the output without sanitization, an attacker could inject malicious scripts that would then execute in the victim's browser.\n\nWhile the plugin has no recorded vulnerability history or critical taint analysis findings, this absence of past issues should not be interpreted as a guarantee of current security. The identified code signals, particularly the lack of authorization and escaping, represent inherent weaknesses that could be leveraged by an attacker if an exploit vector is found. The plugin does have capability checks, which is a positive, but their effectiveness is undermined by the unprotected AJAX endpoints. In conclusion, the plugin has a fundamental flaw in its handling of AJAX requests and output rendering, making it a high-risk target for various attacks despite its clean vulnerability history.",[212,215,217,219],{"reason":213,"points":214},"8 unprotected AJAX handlers",20,{"reason":216,"points":214},"0% output escaping",{"reason":218,"points":11},"2 SQL queries with 0% prepared statements",{"reason":220,"points":11},"0 nonce checks on AJAX","2026-03-17T01:05:35.463Z",{"wat":223,"direct":246},{"assetPaths":224,"generatorPatterns":233,"scriptPaths":234,"versionParams":236},[225,226,227,228,229,230,231,232,225],"\u002Fwp-content\u002Fplugins\u002Fwp-super-heatmap\u002Fcss\u002Fwp_super_heatmap.css","\u002Fwp-content\u002Fplugins\u002Fwp-super-heatmap\u002Fjs\u002Fjson2.js","\u002Fwp-content\u002Fplugins\u002Fwp-super-heatmap\u002Fjs\u002Fwp_super_heatmap_click_js.js","\u002Fwp-content\u002Fplugins\u002Fwp-super-heatmap\u002Fjs\u002Fwp_super_heatmap_js.js","\u002Fwp-content\u002Fplugins\u002Fwp-super-heatmap\u002Fjs\u002Fjquery-ibutton\u002Flib\u002Fjquery.ibutton.min.js","\u002Fwp-content\u002Fplugins\u002Fwp-super-heatmap\u002Fjs\u002Fjquery-ibutton\u002Fcss\u002Fjquery.ibutton.min.css","\u002Fwp-content\u002Fplugins\u002Fwp-super-heatmap\u002Fjs\u002Fjson.js","\u002Fwp-content\u002Fplugins\u002Fwp-super-heatmap\u002Fcss\u002FAristo\u002FAristo.css",[],[226,227,228,229,231,235],"\u002Fwp-content\u002Fplugins\u002Fwp-super-heatmap\u002Fjs\u002Fwp_super_heatmap_admin_js.js",[237,238,239,240,241,242,243,244,237,245],"wp-super-heatmap\u002Fcss\u002Fwp_super_heatmap.css?ver=","wp-super-heatmap\u002Fjs\u002Fjson2.js?ver=","wp-super-heatmap\u002Fjs\u002Fwp_super_heatmap_click_js.js?ver=","wp-super-heatmap\u002Fjs\u002Fwp_super_heatmap_js.js?ver=","wp-super-heatmap\u002Fjs\u002Fjquery-ibutton\u002Flib\u002Fjquery.ibutton.min.js?ver=","wp-super-heatmap\u002Fjs\u002Fjquery-ibutton\u002Fcss\u002Fjquery.ibutton.min.css?ver=","wp-super-heatmap\u002Fjs\u002Fjson.js?ver=","wp-super-heatmap\u002Fcss\u002FAristo\u002FAristo.css?ver=","wp-super-heatmap\u002Fjs\u002Fwp_super_heatmap_admin_js.js?ver=",{"cssClasses":247,"htmlComments":251,"htmlAttributes":260,"restEndpoints":263,"jsGlobals":266,"shortcodeOutput":268},[248,249,250],"wp_super_heatmap_admin_style","wp_super_heatmap_style","iphone_style_checkboxes_style",[252,253,254,255,256,257,258,259],"ajaxurl","\u003C!-- Init plugin options to white list our options -->","\u003C!-- Create the table in the database -->","\u003C!-- Add the options for the plugin -->","\u003C!-- Strip slashes on POST -->","\u003C!-- WP Database setup -->","\u003C!-- Get POST Variables from AJAX -->","\u003C!-- Strip slash -->",[261,262],"wp_super_heatmap_options","wp_super_heatmap_date_options",[264,265],"\u002Fwp-json\u002Fwp_super_heatmap_add_dot","\u002Fwp-json\u002Fwp_super_heatmap_display",[267,261,262,158,165],"MyAjax",[]]