Equalize Digital Accessibility Checker – Audit Your Website for WCAG, ADA, and Section 508 Accessibility Errors Security & Risk Analysis

wordpress.org/plugins/accessibility-checker

Find and fix accessibility issues on your website. Detailed reports, autogenerated accessibility statement and one-click fixes to improve compliance.

10K active installs v1.38.0 PHP 7.4+ WP 6.7+ Updated Mar 4, 2026

accessibilityaccessibleadawcagwp-accessibility

A · Safe

CVEs total3

Unpatched0

Last CVESep 9, 2025

Plugin page Download

Safety Verdict

Is Equalize Digital Accessibility Checker – Audit Your Website for WCAG, ADA, and Section 508 Accessibility Errors Safe to Use in 2026?

Generally Safe

Score 97/100

Equalize Digital Accessibility Checker – Audit Your Website for WCAG, ADA, and Section 508 Accessibility Errors has a strong security track record. Known vulnerabilities have been patched promptly.

3 known CVEsLast CVE: Sep 9, 2025Updated 29d ago

Risk Assessment

The accessibility-checker plugin v1.38.0 exhibits a mixed security posture. On the positive side, it demonstrates strong practices in SQL query handling and output escaping, with 100% of SQL queries using prepared statements and 97% of outputs being properly escaped. The plugin also correctly implements nonce and capability checks for a significant number of its entry points. However, there are clear areas of concern, particularly with its attack surface. Four out of sixteen total entry points, specifically AJAX handlers, lack authentication checks, presenting a direct risk of unauthorized actions. Furthermore, the taint analysis revealed two flows with unsanitized paths, both classified as high severity. While the plugin has no currently unpatched CVEs, its history of three medium-severity vulnerabilities, including missing authorization and authorization bypass, suggests a recurring pattern of authorization-related weaknesses. This indicates a need for ongoing vigilance in securing its entry points and user input validation.

Key Concerns

AJAX handlers without auth checks
High severity unsanitized taint flows
Previous vulnerabilities: Missing Authorization
Previous vulnerabilities: Auth Bypass Through User-Controlled Key

Vulnerabilities

Equalize Digital Accessibility Checker – Audit Your Website for WCAG, ADA, and Section 508 Accessibility Errors Security Vulnerabilities

CVEs by Year

3 CVEs in 2025

2025

Patched Has unpatched

Severity Breakdown

Medium

3 total CVEs

CVE-2025-58976medium · 4.3Missing Authorization

Accessibility Checker by Equalize Digital <= 1.31.0 - Missing Authorization

Sep 9, 2025 Patched in 1.31.1 (7d)

CVE-2025-58981medium · 4.3Missing Authorization

Accessibility Checker by Equalize Digital <= 1.31.0 - Missing Authorization

Sep 9, 2025 Patched in 1.31.1 (7d)

CVE-2025-57886medium · 4.3Authorization Bypass Through User-Controlled Key

Accessibility Checker by Equalize Digital <= 1.30.0 - Authenticated (Contributor+) Insecure Direct Object Reference

Aug 22, 2025 Patched in 1.30.1 (5d)

Code Analysis

Analyzed Mar 16, 2026

Equalize Digital Accessibility Checker – Audit Your Website for WCAG, ADA, and Section 508 Accessibility Errors Code Analysis

Dangerous Functions

Raw SQL Queries

80 prepared

Unescaped Output

324 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

100% prepared80 total queries

Output Escaping

97% escaped334 total outputs

Data Flows

2 unsanitized

Data Flow Analysis

7 flows2 with unsanitized paths

edac_review_notice_ajax (admin\class-admin-notices.php:329)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

4 unprotected

Equalize Digital Accessibility Checker – Audit Your Website for WCAG, ADA, and Section 508 Accessibility Errors Attack Surface

Entry Points16

Unprotected4

AJAX Handlers 13

authwp_ajax_edac_black_friday_notice_ajaxadmin\class-admin-notices.php:37

authwp_ajax_edac_gaad_notice_ajaxadmin\class-admin-notices.php:38

authwp_ajax_edac_review_notice_ajaxadmin\class-admin-notices.php:39

authwp_ajax_edac_summary_ajaxadmin\class-ajax.php:37

authwp_ajax_edac_details_ajaxadmin\class-ajax.php:38

authwp_ajax_edac_readability_ajaxadmin\class-ajax.php:39

authwp_ajax_edac_insert_ignore_dataadmin\class-ajax.php:40

authwp_ajax_edac_dismiss_welcome_cta_ajaxadmin\class-ajax.php:41

authwp_ajax_edac_dismiss_dashboard_cta_ajaxadmin\class-ajax.php:42

authwp_ajax_edac_frontend_highlight_ajaxadmin\class-frontend-highlight.php:36

noprivwp_ajax_edac_frontend_highlight_ajaxadmin\class-frontend-highlight.php:52

authwp_ajax_edac_email_opt_in_ajaxadmin\opt-in\class-email-opt-in.php:183

authwp_ajax_edac_email_opt_in_closed_modal_ajaxadmin\opt-in\class-email-opt-in.php:184

REST API Routes 3

GET/wp-json/edac/v1/fixesincludes\classes\Fixes\FixesManager.php:262

POST/wp-json/edac/v1/fixes/updateincludes\classes\Fixes\FixesManager.php:274

GET/wp-json/edac/v1/fix-fields/(?P<slug>[a-zA-Z0-9_-]+)includes\classes\Fixes\FixesManager.php:286

WordPress Hooks 86

actionadmin_menuaccessibility-checker.php:111

actionadmin_initaccessibility-checker.php:112

filteredac_filter_admin_scripts_slugsadmin\AdminPage\FixesPage.php:59

filteredac_filter_remove_admin_notices_screensadmin\AdminPage\FixesPage.php:60

filteredac_filter_settings_tab_itemsadmin\AdminPage\FixesPage.php:61

actionedac_settings_tab_contentadmin\AdminPage\FixesPage.php:62

actionadmin_initadmin\class-activation-redirect.php:37

filteradmin_footer_textadmin\class-admin-footer-text.php:28

actionin_admin_headeradmin\class-admin-notices.php:34

actionin_admin_headeradmin\class-admin-notices.php:35

actionupdated_optionadmin\class-admin-notices.php:41

actionadmin_noticesadmin\class-admin-notices.php:56

actionadmin_noticesadmin\class-admin-notices.php:57

actionadmin_noticesadmin\class-admin-notices.php:58

actionadmin_enqueue_scriptsadmin\class-admin.php:55

actionwp_trash_postadmin\class-admin.php:56

actionsave_postadmin\class-admin.php:57

filteredac_filter_generate_link_type_refadmin\class-admin.php:58

actionadd_meta_boxesadmin\class-meta-boxes.php:27

filterplugin_row_metaadmin\class-plugin-row-meta.php:30

actionadmin_initadmin\class-update-database.php:32

actionadmin_menuadmin\class-upgrade-promotion.php:36

actionadmin_headadmin\class-upgrade-promotion.php:37

actionadmin_initadmin\class-upgrade-promotion.php:38

filterallowed_redirect_hostsadmin\class-upgrade-promotion.php:117

actionwp_dashboard_setupadmin\class-widgets.php:25

actionadmin_footeradmin\opt-in\class-email-opt-in.php:78

filtersite_status_testsadmin\site-health\class-checks.php:37

filterdebug_informationadmin\site-health\class-information.php:32

actionwp_footerincludes\classes\class-accessibility-statement.php:29

actionadmin_bar_menuincludes\classes\class-admin-toolbar.php:36

filterperfmatters_lazyloadincludes\classes\class-lazyload-filter.php:26

actioninitincludes\classes\class-plugin.php:52

actionwp_enqueue_scriptsincludes\classes\class-plugin.php:69

actionplugins_loadedincludes\classes\class-plugin.php:87

actionrest_api_initincludes\classes\class-plugin.php:103

actioninitincludes\classes\class-rest-api.php:36

filteredac_filter_js_violation_htmlincludes\classes\class-rest-api.php:37

actionrest_api_initincludes\classes\class-rest-api.php:51

actionrest_api_initincludes\classes\class-rest-api.php:74

actionrest_api_initincludes\classes\class-rest-api.php:101

actionrest_api_initincludes\classes\class-rest-api.php:118

actionrest_api_initincludes\classes\class-rest-api.php:135

actionrest_api_initincludes\classes\class-rest-api.php:152

actionrest_api_initincludes\classes\class-rest-api.php:169

actionrest_api_initincludes\classes\class-rest-api.php:197

actionrest_api_initincludes\classes\class-rest-api.php:215

actionrest_api_initincludes\classes\class-rest-api.php:243

actionrest_api_initincludes\classes\class-rest-api.php:278

filterthe_contentincludes\classes\class-simplified-summary.php:29

filteredac_filter_fixes_settings_fieldsincludes\classes\Fixes\Fix\AddFileSizeAndTypeToLinkedFilesFix.php:70

filteredac_filter_fixes_settings_sectionsincludes\classes\Fixes\Fix\AddLabelToUnlabelledFormFieldsFix.php:73

filteredac_filter_fixes_settings_fieldsincludes\classes\Fixes\Fix\AddLabelToUnlabelledFormFieldsFix.php:85

filteredac_filter_fixes_settings_fieldsincludes\classes\Fixes\Fix\AddMissingOrEmptyPageTitleFix.php:72

filteredac_filter_fixes_settings_fieldsincludes\classes\Fixes\Fix\AddNewWindowWarningFix.php:57

actionwp_enqueue_scriptsincludes\classes\Fixes\Fix\AddNewWindowWarningFix.php:100

filteredac_filter_frontend_fixes_dataincludes\classes\Fixes\Fix\AddNewWindowWarningFix.php:110

actionwp_headincludes\classes\Fixes\Fix\AddNewWindowWarningFix.php:121

filteredac_filter_fixes_settings_fieldsincludes\classes\Fixes\Fix\BlockPDFUploadsFix.php:64

filteredac_filter_fixes_settings_sectionsincludes\classes\Fixes\Fix\CommentSearchLabelFix.php:66

filteredac_filter_fixes_settings_fieldsincludes\classes\Fixes\Fix\CommentSearchLabelFix.php:79

filtercomment_form_defaultsincludes\classes\Fixes\Fix\CommentSearchLabelFix.php:124

filterget_search_formincludes\classes\Fixes\Fix\CommentSearchLabelFix.php:128

filteredac_filter_fixes_settings_sectionsincludes\classes\Fixes\Fix\FocusOutlineFix.php:56

filteredac_filter_fixes_settings_fieldsincludes\classes\Fixes\Fix\FocusOutlineFix.php:69

actionwp_headincludes\classes\Fixes\Fix\FocusOutlineFix.php:106

filteredac_filter_fixes_settings_fieldsincludes\classes\Fixes\Fix\HTMLLangAndDirFix.php:64

filterlanguage_attributesincludes\classes\Fixes\Fix\HTMLLangAndDirFix.php:106

filteredac_filter_frontend_fixes_dataincludes\classes\Fixes\Fix\HTMLLangAndDirFix.php:110

filteredac_filter_fixes_settings_fieldsincludes\classes\Fixes\Fix\LinkUnderline.php:64

filteredac_filter_frontend_fixes_dataincludes\classes\Fixes\Fix\LinkUnderline.php:101

filteredac_filter_fixes_settings_fieldsincludes\classes\Fixes\Fix\MetaViewportScalableFix.php:56

filteredac_filter_frontend_fixes_dataincludes\classes\Fixes\Fix\MetaViewportScalableFix.php:91

filteredac_filter_fixes_settings_fieldsincludes\classes\Fixes\Fix\PreventLinksOpeningNewWindowFix.php:57

filteredac_filter_frontend_fixes_dataincludes\classes\Fixes\Fix\PreventLinksOpeningNewWindowFix.php:96

filteredac_filter_fixes_settings_fieldsincludes\classes\Fixes\Fix\RemoveTitleIfPrefferedAccessibleNameFix.php:64

filteredac_filter_frontend_fixes_dataincludes\classes\Fixes\Fix\RemoveTitleIfPrefferedAccessibleNameFix.php:102

filteredac_filter_fixes_settings_sectionsincludes\classes\Fixes\Fix\SkipLinkFix.php:57

filteredac_filter_fixes_settings_fieldsincludes\classes\Fixes\Fix\SkipLinkFix.php:69

actionwp_body_openincludes\classes\Fixes\Fix\SkipLinkFix.php:129

filteredac_filter_frontend_fixes_dataincludes\classes\Fixes\Fix\SkipLinkFix.php:146

filteredac_filter_fixes_settings_fieldsincludes\classes\Fixes\Fix\TabindexFix.php:55

filteredac_filter_frontend_fixes_dataincludes\classes\Fixes\Fix\TabindexFix.php:94

actionadmin_enqueue_scriptsincludes\classes\Fixes\FixesManager.php:74

actionwp_enqueue_scriptsincludes\classes\Fixes\FixesManager.php:109

actionadmin_initincludes\options-page.php:84

Maintenance & Trust

Equalize Digital Accessibility Checker – Audit Your Website for WCAG, ADA, and Section 508 Accessibility Errors Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedMar 4, 2026

PHP min version7.4

Downloads357K

Community Trust

Rating100/100

Number of ratings67

Active installs10K

Alternatives

Equalize Digital Accessibility Checker – Audit Your Website for WCAG, ADA, and Section 508 Accessibility Errors Alternatives

Accessibility Widget by OneTap – Easy One-Click Accessibility Toolbar

accessibility-onetap

100

OneTap is a multilingual WordPress plugin designed for seamless website accessibility.

40K No CVEs

AccessYes Accessibility Widget for ADA, EAA & WCAG Readiness

accessibility-widget

Free accessibility widget to support WCAG, ADA & EAA. Includes text resize, high contrast, dyslexia-friendly font, spacing, and more tools.

10K 1 CVE

Accessibility by AllAccessible

allaccessible

Unlock true digital accessibility with AllAccessible - a comprehensive WordPress plugin driving your website towards WCAG/ADA compliance. Empower your users with a fully customizable accessibility widget, and enhance their experience with our premium AI-powered features.

2K 2 CVEs

Accessibility New Window Warnings

accessibility-new-window-warnings

100

Make links that open in a new window compliant with WCAG guidelines for accessibility by adding a warning for users.

1K No CVEs

Accessibly – WordPress Website Accessibility

otm-accessibly

Accessibly app is a WordPress accessibility plugin that will help your website become accessible to even more of your site visitors.

400 No CVEs

Developer Profile

Equalize Digital Accessibility Checker – Audit Your Website for WCAG, ADA, and Section 508 Accessibility Errors Developer Profile

Equalize Digital

4 plugins · 12K total installs

trust score

Avg Security Score

99/100

Avg Patch Time

6 days

View full developer profile

Detection Fingerprints

How We Detect Equalize Digital Accessibility Checker – Audit Your Website for WCAG, ADA, and Section 508 Accessibility Errors

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/accessibility-checker/build/css/admin.css/wp-content/plugins/accessibility-checker/build/admin.bundle.js/wp-content/plugins/accessibility-checker/build/editorApp.bundle.js

Script Paths

/wp-content/plugins/accessibility-checker/build/admin.bundle.js/wp-content/plugins/accessibility-checker/build/editorApp.bundle.js

Version Parameters

accessibility-checker/build/css/admin.css?ver=accessibility-checker/build/admin.bundle.js?ver=accessibility-checker/build/editorApp.bundle.js?ver=

HTML / DOM Fingerprints

Data Attributes

edacApiUrledacUrlpostIDnoncerestNonceproUrl+6 more

JS Globals

edac_script_varsedac_editor_app

REST Endpoints

/accessibility-checker/v1

FAQ