WP-Safety

Accessibility Security & Risk Analysis

wordpress.org/plugins/accessibility

An advanced plugin, that immediately applies key accessibility features on your WordPress website.

2K active installs v1.0.9 PHP + WP 3.0.1+ Updated Jun 19, 2025
accessibilityaccessible-webuser1waiwcag
99
A · Safe
CVEs total3
Unpatched0
Last CVEJan 31, 2024
Plugin page Download
Safety Verdict

Is Accessibility Safe to Use in 2026?

Generally Safe

Score 99/100

Accessibility has a strong security track record. Known vulnerabilities have been patched promptly.

3 known CVEsLast CVE: Jan 31, 2024Updated 9mo ago
Risk Assessment

The 'accessibility' plugin v1.0.9 presents a mixed security profile. On the positive side, the static analysis reveals excellent practices regarding SQL queries, with all using prepared statements, and a high percentage of output being properly escaped. The absence of file operations and the presence of nonce checks are also encouraging signs. However, the plugin's vulnerability history is a significant concern, with three medium-severity CVEs recorded, including Cross-Site Request Forgery and Cross-Site Scripting. Although none are currently unpatched, this pattern suggests a recurring susceptibility to common web vulnerabilities.

The taint analysis, while not revealing critical or high severity flows, did identify two flows with unsanitized paths. While the attack surface is reported as zero entry points, these unsanitized paths could potentially be exploited if a suitable entry point were to be discovered or introduced in future versions. The lack of capability checks on any entry points is also a notable weakness, although the current reported zero entry points mitigates this immediate risk. The external HTTP request is also a potential, albeit small, vector if the target service is compromised.

In conclusion, the plugin demonstrates strengths in secure coding practices for SQL and output handling. However, the historical pattern of medium-severity vulnerabilities and the presence of unsanitized paths in taint analysis warrant caution. The absence of capability checks, while currently benign due to a zero attack surface, is a potential area for future risk. Ongoing vigilance and prompt patching of any future vulnerabilities will be crucial.

Key Concerns

  • Two flows with unsanitized paths found
  • 3 medium severity CVEs in history
  • 1 external HTTP request
  • 0 capability checks on entry points
Vulnerabilities
3

Accessibility Security Vulnerabilities

CVEs by Year

2 CVEs in 2022
2022
1 CVE in 2024
2024
Patched Has unpatched

Severity Breakdown

Medium
3

3 total CVEs

CVE-2024-24705medium · 5.4Cross-Site Request Forgery (CSRF)

Accessibility <= 1.0.6 - Cross-Site Request Forgery

Jan 31, 2024 Patched in 1.0.7 (86d)
WF-26237984-d7b5-4a55-91f8-a2816f3d2e94-accessibilitymedium · 5.5Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Accessibility <= 1.0.2 - Authenticated (Administrator+) Stored Cross-Site Scritping

Nov 2, 2022 Patched in 1.0.3 (447d)
CVE-2022-41643medium · 5.5Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Accessibility <= 1.0.3 - Authenticated (Administrator+) Stored Cross-Site Scripting

Oct 12, 2022 Patched in 1.0.4 (468d)
Code Analysis
Analyzed Mar 16, 2026

Accessibility Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
1 prepared
Unescaped Output
8
63 escaped
Nonce Checks
2
Capability Checks
0
File Operations
0
External Requests
1
Bundled Libraries
0

SQL Query Safety

100% prepared1 total queries

Output Escaping

89% escaped71 total outputs
Data Flows
2 unsanitized

Data Flow Analysis

4 flows2 with unsanitized paths
_admin_update_accessibility_settings (accessibility.php:248)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

Accessibility Attack Surface

Entry Points0
Unprotected0
WordPress Hooks 5
actionadmin_menuaccessibility.php:64
actionwp_enqueue_scriptsaccessibility.php:72
actionwp_enqueue_scriptsaccessibility.php:73
actionadmin_enqueue_scriptsaccessibility.php:74
actionwp_footeraccessibility.php:75
Maintenance & Trust

Accessibility Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5
Last updatedJun 19, 2025
PHP min version
Downloads24K

Community Trust

Rating100/100
Number of ratings5
Active installs2K
Alternatives

Accessibility Alternatives

AccessibleWP – Accessibility Toolbar

AccessibleWP – Accessibility Toolbar

accessible-poetry

A
92

Add a professional accessibility toolbar to your WordPress site and make it easier for users with disabilities.

20K No CVEs
WP Accessibility Helper (WAH)

WP Accessibility Helper (WAH)

wp-accessibility-helper

A
97

Short Description WP Accessibility Helper helps solve accessibility problems

10K 5 CVEs
Ally – Web Accessibility & Usability

Ally – Web Accessibility & Usability

pojo-accessibility

A
93

Ally: Make your site more inclusive by scanning for accessibility violations, fixing them easily, and adding a usability widget and accessibility stat &hellip;

500K 4 CVEs
Accessibility by UserWay

Accessibility by UserWay

userway-accessibility-widget

A
100

UserWay’s Accessibility Widget creates a simpler and more accessible browsing experience for your users.

80K No CVEs
WP Accessibility

WP Accessibility

wp-accessibility

A
98

WP Accessibility fixes common accessibility issues in your WordPress site.

60K 2 CVEs
Developer Profile

Accessibility Developer Profile

ohadsh535

1 plugin · 2K total installs

78
trust score
Avg Security Score
99/100
Avg Patch Time
334 days
View full developer profile
Detection Fingerprints

How We Detect Accessibility

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/accessibility/assets/css/admin-style.css
Script Paths
//acc.magixite.com/freeCode?oatk=w0rdpre55//acc.magixite.com/license/lw?litk=
Version Parameters
admin-styleaccessibility

HTML / DOM Fingerprints

CSS Classes
oc-accessibility-admin
JS Globals
octLoader
FAQ

Frequently Asked Questions about Accessibility