WP-Safety

Equalize Digital Accessibility Checker – WCAG, ADA, EAA and Section 508 compliance Security & Risk Analysis

wordpress.org/plugins/accessibility-checker

Find and fix accessibility issues with confidence. Real-time reports, automated fixes, and guidance. Reduce compliance risk and reach more users.

10K active installs v1.39.0 PHP 7.4+ WP 6.7+ Updated Mar 17, 2026
accessibilityadaeaawcagwp-accessibility
97
A · Safe
CVEs total3
Unpatched0
Last CVESep 9, 2025
Plugin page Download
Safety Verdict

Is Equalize Digital Accessibility Checker – WCAG, ADA, EAA and Section 508 compliance Safe to Use in 2026?

Generally Safe

Score 97/100

Equalize Digital Accessibility Checker – WCAG, ADA, EAA and Section 508 compliance has a strong security track record. Known vulnerabilities have been patched promptly. It's a solid choice for most WordPress installations.

3 known CVEsLast CVE: Sep 9, 2025Updated 2mo ago
Risk Assessment

The accessibility-checker plugin v1.38.0 exhibits a mixed security posture. On the positive side, it demonstrates strong practices in SQL query handling and output escaping, with 100% of SQL queries using prepared statements and 97% of outputs being properly escaped. The plugin also correctly implements nonce and capability checks for a significant number of its entry points. However, there are clear areas of concern, particularly with its attack surface. Four out of sixteen total entry points, specifically AJAX handlers, lack authentication checks, presenting a direct risk of unauthorized actions. Furthermore, the taint analysis revealed two flows with unsanitized paths, both classified as high severity. While the plugin has no currently unpatched CVEs, its history of three medium-severity vulnerabilities, including missing authorization and authorization bypass, suggests a recurring pattern of authorization-related weaknesses. This indicates a need for ongoing vigilance in securing its entry points and user input validation.

Key Concerns

  • AJAX handlers without auth checks
  • High severity unsanitized taint flows
  • Previous vulnerabilities: Missing Authorization
  • Previous vulnerabilities: Auth Bypass Through User-Controlled Key
Vulnerabilities
3 published

Equalize Digital Accessibility Checker – WCAG, ADA, EAA and Section 508 compliance Security Vulnerabilities

CVEs by Year

3 CVEs in 2025
2025
Patched Has unpatched

Severity Breakdown

Medium
3

3 total CVEs

CVE-2025-58976medium · 4.3Missing Authorization

Accessibility Checker by Equalize Digital <= 1.31.0 - Missing Authorization

Sep 9, 2025 Patched in 1.31.1 (7d)
CVE-2025-58981medium · 4.3Missing Authorization

Accessibility Checker by Equalize Digital <= 1.31.0 - Missing Authorization

Sep 9, 2025 Patched in 1.31.1 (7d)
CVE-2025-57886medium · 4.3Authorization Bypass Through User-Controlled Key

Accessibility Checker by Equalize Digital <= 1.30.0 - Authenticated (Contributor+) Insecure Direct Object Reference

Aug 22, 2025 Patched in 1.30.1 (5d)
Version History

Equalize Digital Accessibility Checker – WCAG, ADA, EAA and Section 508 compliance Release Timeline

v1.39.0Current
v1.38.0
v1.37.0
v1.36.0
v1.35.0
v1.34.0
v1.33.0
v1.32.0
v1.31.1
v1.31.02 CVEs
CVE-2025-58976 CVE-2025-58981
v1.30.12 CVEs
CVE-2025-58976 CVE-2025-58981
v1.30.03 CVEs
CVE-2025-58976 CVE-2025-57886 CVE-2025-58981
v1.29.03 CVEs
CVE-2025-58976 CVE-2025-57886 CVE-2025-58981
v1.28.03 CVEs
CVE-2025-58976 CVE-2025-57886 CVE-2025-58981
v1.27.13 CVEs
CVE-2025-58976 CVE-2025-57886 CVE-2025-58981
v1.27.03 CVEs
CVE-2025-58976 CVE-2025-57886 CVE-2025-58981
v1.26.03 CVEs
CVE-2025-58976 CVE-2025-57886 CVE-2025-58981
v1.25.03 CVEs
CVE-2025-58976 CVE-2025-57886 CVE-2025-58981
v1.24.03 CVEs
CVE-2025-58976 CVE-2025-57886 CVE-2025-58981
v1.23.13 CVEs
CVE-2025-58976 CVE-2025-57886 CVE-2025-58981
Code Analysis
Analyzed Mar 16, 2026

Equalize Digital Accessibility Checker – WCAG, ADA, EAA and Section 508 compliance Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
80 prepared
Unescaped Output
10
324 escaped
Nonce Checks
9
Capability Checks
35
File Operations
1
External Requests
1
Bundled Libraries
0

SQL Query Safety

100% prepared80 total queries

Output Escaping

97% escaped334 total outputs
Data Flows · Security
2 unsanitized

Data Flow Analysis

7 flows2 with unsanitized paths
edac_review_notice_ajax (admin\class-admin-notices.php:329)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
4 unprotected

Equalize Digital Accessibility Checker – WCAG, ADA, EAA and Section 508 compliance Attack Surface

Entry Points16
Unprotected4

AJAX Handlers 13

authwp_ajax_edac_black_friday_notice_ajaxadmin\class-admin-notices.php:37
authwp_ajax_edac_gaad_notice_ajaxadmin\class-admin-notices.php:38
authwp_ajax_edac_review_notice_ajaxadmin\class-admin-notices.php:39
authwp_ajax_edac_summary_ajaxadmin\class-ajax.php:37
authwp_ajax_edac_details_ajaxadmin\class-ajax.php:38
authwp_ajax_edac_readability_ajaxadmin\class-ajax.php:39
authwp_ajax_edac_insert_ignore_dataadmin\class-ajax.php:40
authwp_ajax_edac_dismiss_welcome_cta_ajaxadmin\class-ajax.php:41
authwp_ajax_edac_dismiss_dashboard_cta_ajaxadmin\class-ajax.php:42
authwp_ajax_edac_frontend_highlight_ajaxadmin\class-frontend-highlight.php:36
noprivwp_ajax_edac_frontend_highlight_ajaxadmin\class-frontend-highlight.php:52
authwp_ajax_edac_email_opt_in_ajaxadmin\opt-in\class-email-opt-in.php:183
authwp_ajax_edac_email_opt_in_closed_modal_ajaxadmin\opt-in\class-email-opt-in.php:184

REST API Routes 3

GET/wp-json/edac/v1/fixesincludes\classes\Fixes\FixesManager.php:262
POST/wp-json/edac/v1/fixes/updateincludes\classes\Fixes\FixesManager.php:274
GET/wp-json/edac/v1/fix-fields/(?P<slug>[a-zA-Z0-9_-]+)includes\classes\Fixes\FixesManager.php:286
WordPress Hooks 86
actionadmin_menuaccessibility-checker.php:111
actionadmin_initaccessibility-checker.php:112
filteredac_filter_admin_scripts_slugsadmin\AdminPage\FixesPage.php:59
filteredac_filter_remove_admin_notices_screensadmin\AdminPage\FixesPage.php:60
filteredac_filter_settings_tab_itemsadmin\AdminPage\FixesPage.php:61
actionedac_settings_tab_contentadmin\AdminPage\FixesPage.php:62
actionadmin_initadmin\class-activation-redirect.php:37
filteradmin_footer_textadmin\class-admin-footer-text.php:28
actionin_admin_headeradmin\class-admin-notices.php:34
actionin_admin_headeradmin\class-admin-notices.php:35
actionupdated_optionadmin\class-admin-notices.php:41
actionadmin_noticesadmin\class-admin-notices.php:56
actionadmin_noticesadmin\class-admin-notices.php:57
actionadmin_noticesadmin\class-admin-notices.php:58
actionadmin_enqueue_scriptsadmin\class-admin.php:55
actionwp_trash_postadmin\class-admin.php:56
actionsave_postadmin\class-admin.php:57
filteredac_filter_generate_link_type_refadmin\class-admin.php:58
actionadd_meta_boxesadmin\class-meta-boxes.php:27
filterplugin_row_metaadmin\class-plugin-row-meta.php:30
actionadmin_initadmin\class-update-database.php:32
actionadmin_menuadmin\class-upgrade-promotion.php:36
actionadmin_headadmin\class-upgrade-promotion.php:37
actionadmin_initadmin\class-upgrade-promotion.php:38
filterallowed_redirect_hostsadmin\class-upgrade-promotion.php:117
actionwp_dashboard_setupadmin\class-widgets.php:25
actionadmin_footeradmin\opt-in\class-email-opt-in.php:78
filtersite_status_testsadmin\site-health\class-checks.php:37
filterdebug_informationadmin\site-health\class-information.php:32
actionwp_footerincludes\classes\class-accessibility-statement.php:29
actionadmin_bar_menuincludes\classes\class-admin-toolbar.php:36
filterperfmatters_lazyloadincludes\classes\class-lazyload-filter.php:26
actioninitincludes\classes\class-plugin.php:52
actionwp_enqueue_scriptsincludes\classes\class-plugin.php:69
actionplugins_loadedincludes\classes\class-plugin.php:87
actionrest_api_initincludes\classes\class-plugin.php:103
actioninitincludes\classes\class-rest-api.php:36
filteredac_filter_js_violation_htmlincludes\classes\class-rest-api.php:37
actionrest_api_initincludes\classes\class-rest-api.php:51
actionrest_api_initincludes\classes\class-rest-api.php:74
actionrest_api_initincludes\classes\class-rest-api.php:101
actionrest_api_initincludes\classes\class-rest-api.php:118
actionrest_api_initincludes\classes\class-rest-api.php:135
actionrest_api_initincludes\classes\class-rest-api.php:152
actionrest_api_initincludes\classes\class-rest-api.php:169
actionrest_api_initincludes\classes\class-rest-api.php:197
actionrest_api_initincludes\classes\class-rest-api.php:215
actionrest_api_initincludes\classes\class-rest-api.php:243
actionrest_api_initincludes\classes\class-rest-api.php:278
filterthe_contentincludes\classes\class-simplified-summary.php:29
filteredac_filter_fixes_settings_fieldsincludes\classes\Fixes\Fix\AddFileSizeAndTypeToLinkedFilesFix.php:70
filteredac_filter_fixes_settings_sectionsincludes\classes\Fixes\Fix\AddLabelToUnlabelledFormFieldsFix.php:73
filteredac_filter_fixes_settings_fieldsincludes\classes\Fixes\Fix\AddLabelToUnlabelledFormFieldsFix.php:85
filteredac_filter_fixes_settings_fieldsincludes\classes\Fixes\Fix\AddMissingOrEmptyPageTitleFix.php:72
filteredac_filter_fixes_settings_fieldsincludes\classes\Fixes\Fix\AddNewWindowWarningFix.php:57
actionwp_enqueue_scriptsincludes\classes\Fixes\Fix\AddNewWindowWarningFix.php:100
filteredac_filter_frontend_fixes_dataincludes\classes\Fixes\Fix\AddNewWindowWarningFix.php:110
actionwp_headincludes\classes\Fixes\Fix\AddNewWindowWarningFix.php:121
filteredac_filter_fixes_settings_fieldsincludes\classes\Fixes\Fix\BlockPDFUploadsFix.php:64
filteredac_filter_fixes_settings_sectionsincludes\classes\Fixes\Fix\CommentSearchLabelFix.php:66
filteredac_filter_fixes_settings_fieldsincludes\classes\Fixes\Fix\CommentSearchLabelFix.php:79
filtercomment_form_defaultsincludes\classes\Fixes\Fix\CommentSearchLabelFix.php:124
filterget_search_formincludes\classes\Fixes\Fix\CommentSearchLabelFix.php:128
filteredac_filter_fixes_settings_sectionsincludes\classes\Fixes\Fix\FocusOutlineFix.php:56
filteredac_filter_fixes_settings_fieldsincludes\classes\Fixes\Fix\FocusOutlineFix.php:69
actionwp_headincludes\classes\Fixes\Fix\FocusOutlineFix.php:106
filteredac_filter_fixes_settings_fieldsincludes\classes\Fixes\Fix\HTMLLangAndDirFix.php:64
filterlanguage_attributesincludes\classes\Fixes\Fix\HTMLLangAndDirFix.php:106
filteredac_filter_frontend_fixes_dataincludes\classes\Fixes\Fix\HTMLLangAndDirFix.php:110
filteredac_filter_fixes_settings_fieldsincludes\classes\Fixes\Fix\LinkUnderline.php:64
filteredac_filter_frontend_fixes_dataincludes\classes\Fixes\Fix\LinkUnderline.php:101
filteredac_filter_fixes_settings_fieldsincludes\classes\Fixes\Fix\MetaViewportScalableFix.php:56
filteredac_filter_frontend_fixes_dataincludes\classes\Fixes\Fix\MetaViewportScalableFix.php:91
filteredac_filter_fixes_settings_fieldsincludes\classes\Fixes\Fix\PreventLinksOpeningNewWindowFix.php:57
filteredac_filter_frontend_fixes_dataincludes\classes\Fixes\Fix\PreventLinksOpeningNewWindowFix.php:96
filteredac_filter_fixes_settings_fieldsincludes\classes\Fixes\Fix\RemoveTitleIfPrefferedAccessibleNameFix.php:64
filteredac_filter_frontend_fixes_dataincludes\classes\Fixes\Fix\RemoveTitleIfPrefferedAccessibleNameFix.php:102
filteredac_filter_fixes_settings_sectionsincludes\classes\Fixes\Fix\SkipLinkFix.php:57
filteredac_filter_fixes_settings_fieldsincludes\classes\Fixes\Fix\SkipLinkFix.php:69
actionwp_body_openincludes\classes\Fixes\Fix\SkipLinkFix.php:129
filteredac_filter_frontend_fixes_dataincludes\classes\Fixes\Fix\SkipLinkFix.php:146
filteredac_filter_fixes_settings_fieldsincludes\classes\Fixes\Fix\TabindexFix.php:55
filteredac_filter_frontend_fixes_dataincludes\classes\Fixes\Fix\TabindexFix.php:94
actionadmin_enqueue_scriptsincludes\classes\Fixes\FixesManager.php:74
actionwp_enqueue_scriptsincludes\classes\Fixes\FixesManager.php:109
actionadmin_initincludes\options-page.php:84
Maintenance & Trust

Equalize Digital Accessibility Checker – WCAG, ADA, EAA and Section 508 compliance Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedMar 17, 2026
PHP min version7.4
Downloads372K

Community Trust

Rating100/100
Number of ratings70
Active installs10K
Alternatives

Equalize Digital Accessibility Checker – WCAG, ADA, EAA and Section 508 compliance Alternatives

Accessibility by UserWay

Accessibility by UserWay

userway-accessibility-widget

A
100

UserWay’s Accessibility Widget creates a simpler and more accessible browsing experience for your users.

80K No CVEs
Accessibility Widget by OneTap – Easy One-Click Accessibility Toolbar

Accessibility Widget by OneTap – Easy One-Click Accessibility Toolbar

accessibility-onetap

A
100

OneTap is a multilingual WordPress plugin designed for seamless website accessibility.

40K No CVEs
AccessYes Accessibility Widget for ADA, EAA & WCAG Readiness

AccessYes Accessibility Widget for ADA, EAA & WCAG Readiness

accessibility-widget

A
100

Free WordPress accessibility widget to improve accessibility for your website visitors. Supports efforts towards meeting WCAG, ADA & EAA requirements.

10K 1 CVE
Accessibility Tool Kit: WP Accessibility plugin for WCAG, Section 508, ADA, EAA Compliance

Accessibility Tool Kit: WP Accessibility plugin for WCAG, Section 508, ADA, EAA Compliance

accessibility-plus

A
99

Powerful WordPress accessibility plugin to detect and fix WCAG issues, improve usability, and support ADA, EAA, and Section 508 compliance.

1K 1 CVE
Accessibility Assistant – Readabler

Accessibility Assistant – Readabler

readabler-assistant

A
92

Readabler Accessibility Assistant adds AI-powered accessibility features directly to your WordPress site for a better user experience.

200 No CVEs
Developer Profile

Equalize Digital Accessibility Checker – WCAG, ADA, EAA and Section 508 compliance Developer Profile

Equalize Digital

4 plugins · 12K total installs

99
trust score
Avg Security Score
99/100
Avg Patch Time
6 days
View full developer profile
Detection Fingerprints

How We Detect Equalize Digital Accessibility Checker – WCAG, ADA, EAA and Section 508 compliance

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/accessibility-checker/build/css/admin.css/wp-content/plugins/accessibility-checker/build/admin.bundle.js/wp-content/plugins/accessibility-checker/build/editorApp.bundle.js
Script Paths
/wp-content/plugins/accessibility-checker/build/admin.bundle.js/wp-content/plugins/accessibility-checker/build/editorApp.bundle.js
Version Parameters
accessibility-checker/build/css/admin.css?ver=accessibility-checker/build/admin.bundle.js?ver=accessibility-checker/build/editorApp.bundle.js?ver=

HTML / DOM Fingerprints

Data Attributes
edacApiUrledacUrlpostIDnoncerestNonceproUrl+6 more
JS Globals
edac_script_varsedac_editor_app
REST Endpoints
/accessibility-checker/v1
FAQ

Frequently Asked Questions about Equalize Digital Accessibility Checker – WCAG, ADA, EAA and Section 508 compliance