Kantan Analytics

Changelog

2.20.1

• Security: the excluded-IPs and data-retention settings endpoints now require administrator access even for read requests.
• Change: the admin dashboard’s tooltip styles are now enqueued as a stylesheet instead of inlined.

2.20.0

• Hardening: every visitor-tracking, UTM, conversion, and form input is now unslashed and sanitized at the point it is read, and the values forwarded to integration hooks are sanitized arrays rather than the raw request.
• Security: diagnostics and configuration endpoints (status, conversion links, attribution webhook config) now require administrator access even for read requests.
• Change: all admin and front-end JavaScript is enqueued through WordPress — no inline script tags remain.
• Change: bundled Chart.js updated to 4.5.1.

2.19.0

• Hardening: comprehensive output escaping across the admin dashboard, timezone-safe date handling, and URL parsing through WordPress core wrappers — aligning the plugin with the official WordPress.org plugin coding standards.
• Change: minimum supported WordPress raised to 5.6.
• Docs: clarified the privacy documentation to disclose the optional Attribution Webhook, which sends conversion data to a CRM endpoint you configure — and only when you enable it.

2.18.0

• New: Business Profile — a canonical, editable record of your business facts (hours, offerings, address/phone, brand voice, claims to make or avoid) under Settings → Business Profile. The downloadable AI agents now read it as ground truth before writing or rewriting content, so generated copy uses real facts and your voice instead of guessing. Your agent can even draft it from your site (“Draft my business profile”), and it’s the same source of truth for both the Analytics and SEO agents.

2.17.0

• New: Attribution Webhook — send every conversion to your email/CRM platform (HubSpot, GoHighLevel, Salesforce, Zapier, Make, and more) with its first-party campaign + journey attribution, keyed by an anonymous visitor id. HMAC-signed; no personal data leaves your site. Set it up under Settings → Attribution Webhook / CRM, with a one-click “Send test”.
• New: passthrough parameter capture — Kantan now captures ad-click and CRM contact ids from inbound links (gclid, fbclid, msclkid, contact_id, mkt_tok and ~45 more) and includes them in the webhook, so your CRM can join the conversion to the right contact. The captured params are stripped from stored URLs.

2.16.1

• Improved: the downloadable AI agent now officially documents Gemini CLI alongside Claude Code (it’s the same Markdown format — drop it in ~/.claude/agents/ or ~/.gemini/agents/). The agent self-updates to this broadened version automatically.
• Improved: “Ask the agent” prompts now copy with the agent name prefixed, so the pasted prompt delegates to the right Kantan agent. Wording across the agent download is now tool-neutral.
• New: a “What about Codex?” explainer on the agent download covering why OpenAI Codex isn’t officially supported yet (and how to use Kantan with it today).

2.16.0

• New: Scroll Depth by Page — the Interactions tab now breaks scroll depth down per page (with a visual bar), so you can see which pages get read versus abandoned instead of just a site-wide average.
• New: click a visitor’s name on the Realtime tab (or in Visitor Profiles) to open their full visit history — every session, the pages they walked, durations, and conversions.

2.15.0

• New: Interactions drill-downs — click any Click Region to see exactly which elements were clicked there and on which pages, and click any row in Top Clicked Elements for its per-page breakdown.
• Improved: click tracking now records the actual link/button clicked (not the inner span or icon) with a clean, accessible-name-first label, and no longer captures whole-page text from stray clicks. Top Clicked Elements merges the same control across pages and filters out container/no-text noise — so the report finally reflects what visitors actually click.

2.14.1

• New: Top Referrers detail modal — click any referrer on the Overview dashboard to see its sessions, visitors, daily trend, landing pages, the exact referring URLs, and recent visitors.
• New: the Claude Code agent now keeps itself up to date — it checks for a newer version about once a week and refreshes in place, with no re-download and without ever rotating your API key. Added an “Update agent file” button and clearer “install once, use on every site” guidance.

2.14.0

• New: “Ask the agent” — a sparkle icon on dashboard data blocks (referrers, traffic sources, pages, journeys, interactions, devices, conversions) opens a modal of copy-paste, data-specific prompts for the Claude agent.
• New: AI-assistant referral attribution — visits are identified from utm_source as well as the referrer (catching empty-referrer ChatGPT/Perplexity/Claude links) and split per assistant; the Overview AI card shows the per-assistant breakdown.
• Fixed: Overview KPI cards lay out cleanly as 3-up / 2-up on laptop screens.

2.13.1

• New: an “AI Assistants” KPI card with sparkline on the Overview dashboard — shows visits referred by AI assistants and their share of total traffic at a glance.

2.13.0

• New: AI assistants (ChatGPT, Perplexity, Claude, Gemini, Copilot and more) are now a first-class traffic source. Visits referred by them are tracked and shown as their own “AI Assistants” category across Traffic Sources, sessions, the realtime tab, and conversions. Existing AI-referred visits are reclassified automatically on upgrade.
• New: the Claude Code agent gained an “AI Assistant Referral Traffic” workflow and an “Am I getting AI traffic yet?” starter prompt.

2.12.1

• New: a “Support & Bug Reports” card in Settings — a one-click email link that pre-fills your plugin, WordPress, and PHP versions plus your site URL, so reports arrive with the diagnostics we need to help. Settings and Support links now also appear in the WordPress plugins list.

2.12.0

• Fixed: the agent download dialog now caps its height and scrolls on short/laptop screens instead of overflowing off-screen.
• New: starter prompts in the Claude Code agent download — copy-to-clipboard example prompts (30-day summary, best/worst content, traffic-source ROI, visitor journeys) appear in the credentials modal and are written into the generated agent .md.

2.11.5

• Fixed: clicking a page row now opens the page-detail modal on every tab. The click handler was previously only present on the Overview tab, so page rows on Pages, Journeys, and the SEO tabs showed a hover state but did nothing when clicked.
• Fixed: the “Visits Over Time” chart on the Overview tab could render blank — the canvas had no sized container, so Chart.js collapsed it to zero height. It now renders in a fixed-height container.
• Fixed: IP exclusion and visitor IP logging now resolve the real client address through reverse-proxy/CDN headers (Cloudflare, nginx, load balancers) instead of always using the proxy’s own address. On proxied sites the “Your current IP” box previously showed a private hop (e.g. 127.0.0.1 or 192.168.x.x), and excluding it had no effect. When only a local/private address is available, the box now flags it and links to an external IP lookup.

2.11.4

• New: optional read-only dashboard access. A user granted the kantan_view_dashboard capability can view the dashboard and its data without manage_options — every write, scan, and sync still requires manage_options. The dashboard menu capability is filterable via kantan_dashboard_capability. Inert on normal sites; powers a public read-only demo.

2.11.3

• Security/clarity: the Claude Code agent download now states plainly that the generated Application Password grants the full API access of your account (not read-only), with guidance to keep the file out of version control and how to revoke the password under Users → Profile → Application Passwords.
• Added: an Update URI header so the “Enable auto-updates” toggle appears for Kantan Analytics in the Plugins list. (The WordPress.org build omits this header so wp.org continues to own updates there.)

2.11.1

• Removed: Conversion Backfill tool in Settings — the underlying hostname-matching bug it patched was fixed back in 2.9.8, so the catch-up tool is no longer needed. The REST endpoint, dashboard UI, and _backfill conversion-type display shim have all been removed.

2.11.0

• New: Conversions tab — see your conversions by type and by traffic source, with a recent-conversion log, right in the dashboard. Surfaces the conversion data Kantan already tracks via Settings → Conversion Links.
• Dashboard assets (Tailwind CSS and Chart.js) are now bundled with the plugin instead of loaded from a CDN — the admin dashboard makes no third-party requests and works fully offline.
• New: Kantan contributes suggested text to WordPress’ built-in Privacy Policy generator (Settings → Privacy), reflecting your configured data-retention window.

2.10.0

• New: Realtime tab — shows visitors active in the last 5 minutes with their current page, traffic source, session age, and “last seen” age. Auto-refreshes every 30 seconds with a visible countdown and a manual “Refresh now” button. Pauses polling when the browser tab is hidden.
• New: Live visitor count badge next to the “Realtime” item in the dashboard nav. Visible from every tab — the same 30s poll that drives the Realtime tab also keeps the badge current, with a pulsing green dot when at least one visitor is active.
• New: REST endpoint GET /kantan/v1/realtime?window=5 — returns { count, window_minutes, visitors, timestamp }. Each visitor row includes the most recent pageview (current page), generated display name, traffic source, session age, and seconds since last activity.

2.9.9

• New: UTM parameters now surface on the Journeys tab alongside each named visitor’s session timeline — see campaign, source, and medium for pre-conversion visits (previously only visible aggregated on the UTM tab). REST /visitors and /journeys endpoints also expose the new fields, so the Claude Code agent and recommendations engine can attribute behavior to campaigns.

2.9.8

• Fix: conversion link matching corrected — hostname was being searched inside the full URL string (always -1); now checks href.startsWith(rule.domain) OR rule.domain contains hostname. Affected all conversion link click tracking since the feature launched.
• New: Conversion Backfill tool added to Settings. Scans historical click data and creates approximate conversion records for sessions likely missed by the bug. Matches anchor text against each rule’s label; backfilled records carry a _backfill type suffix. Idempotent — safe to run multiple times.

2.9.7

• Author renamed from “Kinda Useful Plugins” to “Try Kantan” across plugin header, readme, and updater comment.
• readme description and FAQ rewritten — full feature pitch with subsection structure; FAQ expanded from 4 to 10 items (caching, GDPR/CCPA, GA import, deactivation, multisite, agent, etc.).

2.9.6

• Fix: conversions endpoint now returns correct visitor_id for pre-2.9.4 records; query uses COALESCE(c.visitor_id, a.visitor_id) to recover attribution from the joined session record when the conversion row has a null visitor_id.
• Fix: version constant bumped to match header (was stuck at 2.9.4).

2.9.5

• Sidebar nav groups now accordion — clicking a group label collapses or expands it. The active group always starts expanded; inactive groups start collapsed. Keeps the nav usable on laptops when many SEO sub-tabs are registered.

2.9.4

• Persistent visitor attribution for conversions: visitor_id column added to wp_kantan_conversions so attribution survives beyond the 90-day raw-data retention window.
• Form integrations now inject kantan_visitor_id alongside kantan_session_id on all detected forms (CF7, WPForms, Gravity, Formidable, Ninja, Elementor Pro, Fluent, Forminator).
• Schema migration runs automatically on update — no manual action required.

2.9.3

• Update channel migrated to trykantan.com. Plugin URIs, SEO upgrade link, and auto-updater endpoint now point to the new domain.

2.9.0

• New: Split test tracking integration — pageviews can now record test_id and variant_id from a companion split-testing plugin.
• New: kantan_pageview_tracked action hook fired after each pageview insert.
• Database migration to add test_id and variant_id columns to the pageviews table.

2.8.0

• New: Clickable page URLs throughout dashboard — opens SEO page detail modal or upsell.
• New: Sparkline mini-charts on Overview stat cards.
• Surface recommendations engine on Overview, Interactions, and Journeys tabs.

2.7.0

• New: IP address exclusion for analytics filtering.
• Rebuilt Journeys tab with visitor profiles and generated names.

2.6.0

• New: Admin exclusion and bot filtering.
• New: Interactions endpoint for click heatmap and scroll depth data.
• New: Device breakdown endpoint and queries.
• Switched dashboard to left sidebar nav with grouped tabs.

2.0.0

• New: Click tracking, scroll depth tracking, and user journey analysis.
• New: Entry/exit page tracking and top-clicked-elements report.
• New: Automatic daily cleanup with configurable retention.

1.0.0

• Initial release: core visitor tracking and admin dashboard.