=== Image Hotspot by DevVN ===
Contributors: levantoan
Donate link: https://levantoan.com/donate/
Tags: hotspot, points, image, maps, image hotspot
Requires at least: 4.6
Tested up to: 6.9
Stable tag: 1.3.0
License: GPLv3
License URI: http://www.gnu.org/licenses/gpl-3.0

Image Hotspot by DevVN helps you add hotspots to your images.

== Description ==

Image Hotspot by DevVN helps you add hotspots to your images.

### Usage

Copy your shortcode to view, e.g.: [devvn_ihotspot id="YOUR_ID"]

https://www.youtube.com/watch?v=id2Kt6gUKhs

### jQuery plugin include

- jQuery PowerTip [PowerTop Home](https://stevenbenner.github.io/jquery-powertip/)


== Installation ==

1. Upload the entire `devvn-image-hotspot` folder to the `/wp-content/plugins/` directory.
1. Activate the plugin through the 'Plugins' menu in WordPress.

You will find 'Image Hotspot' menu in your WordPress admin panel.

For basic usage, you can also have a look at the [plugin homepage](https://levantoan.com/devvn-image-hotspot).

== Screenshots ==

1. screenshot-1.png
2. screenshot-2.png

== Frequently Asked Questions ==

= How to change the background tooltip and text color? =

Read here [change the background tooltip and text color](https://github.com/levantoan/WordPress/blob/master/devvn-image-hotspot/change-background-popup-to-white.css)


== Changelog ==

For more information, see [Releases](https://levantoan.com/devvn-image-hotspot).

= 1.3.0 - 12/12/2025 =

* SECURITY: Fix Stored Cross-Site Scripting (XSS) vulnerability in hotspot_content custom field meta (CVE-2025-14445)
* SECURITY: Add re-sanitization of data points when loaded from database to prevent XSS attacks
* SECURITY: Enhance input sanitization for all data point fields (content, URLs, text fields, numeric values)
* SECURITY: Add capability check (edit_posts) to AJAX handler for clone point functionality
* SECURITY: Add wp_unslash() to all $_POST and $_REQUEST inputs before sanitization
* SECURITY: Add sanitization callback for register_setting() to validate and sanitize plugin options
* CODE: Rename functions to follow WordPress naming conventions (add plugin prefix)
* CODE: Fix WordPress Coding Standards violations (function prefixes, hook names, input sanitization)
* CODE: Improve code quality and compliance with WordPress Plugin Check requirements
* CODE: Add proper escaping and sanitization throughout the plugin

= 1.2.9 - 16/07/2025 =

* Add ALT to main image

= 1.2.8 - 26/09/2024 =

* Fix shortcode in content pin.
* Enable iframe in content pin.

= 1.2.7 - 26/08/2024 =

* Update JS to be compatible with lazy load
* Update .pot file (Thanks to Alex Lion (阿力獅) feedback)

= 1.2.6 - 23/08/2024 =

* Add allowed_classes => false to unserialize. As suggested by "Michelle Porter - Wordfence Web Application Vulnerability Analyst". Many thanks to Michelle Porter
* Add ALT tag to point

= 1.2.5 - 16/08/2024 =

* Fix serious error in version 1.2.4

= 1.2.4 - 16/08/2024 =

* Fix Authenticated (Author+) PHP Object Injection. Thanks to Lucio Sá
* Add editor JS and TinyMCE JS

= 1.2.2 - 05/03/2022 =

* Add option for popup full screen or normal on mobile
* Fix css close button

= 1.2.1 - 14/12/2020 =

* Fix with WordPress 5.6

= 1.2.0 - 03/04/2020 =

* Fix: CSS RTL

= 1.1.9 - 28/03/2020 =

* Fix: Stop video when close tooltips

= 1.1.8 =

* PHP Compatibility: compatible with PHP >= 7.2

= 1.1.7 =

* Fix: compatibility with WordPress 5.x.x

= 1.1.6 =

* Fix: text domain from `devvn` to `devvn-image-hotspot`

= 1.1.5 =

* Fix: potential theme CSS conflict

= 1.1.4 =

* Fix: Edit link in popup

= 1.1.3 =

* Fix: some CSS styles

= 1.1.2 =

* Fix: some CSS styles in admin panel

= 1.1.1 =

* Update: some CSS styles

= 1.1.0 =

* Add: target for link pins

= 1.0.9 =

* Fix: conflict with some themes

= 1.0.8 =

* Update responsive for popup

= 1.0.7 =

* Fixed: conflict with Avada theme
* Don't load modal Bootstrap if it exists or is loaded

= 1.0.6 =

* Add: ID and Class for pins

= 1.0.5 =

* Add: Select Placement for each Pin
* Update PowerTip: PowerTip 1.3.0

= 1.0.4 =

* Edit: Don't show tooltip when empty content

= 1.0.3 =

* Add Pulse to pins
* Edit style

= 1.0.2 =

* Edit css
* Compress css and js in frontend
* Add donate button in side

= 1.0.1 =

* [ADD] Link to pins
* [ADD] Custom different icons and different hover icons.

= 1.0 =

* Update new plugin