Does Call Now Accessibility Button have any unpatched vulnerabilities?

No. All known vulnerabilities in Call Now Accessibility Button have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Call Now Accessibility Button compatible with WordPress 6.1.10?

According to WordPress.org data, Call Now Accessibility Button 1.1 has been tested up to WordPress 6.1.10. Check the plugin's changelog for the latest compatibility information.

Is Call Now Accessibility Button compatible with PHP 5.3+?

Call Now Accessibility Button requires PHP 5.3 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Call Now Accessibility Button updated?

Call Now Accessibility Button was last updated on May 31, 2023. Frequent updates are generally a positive security signal.

What is Call Now Accessibility Button's security score?

Call Now Accessibility Button has a WP-Safety security score of 84/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Call Now Accessibility Button Security & Risk Analysis

wordpress.org/plugins/accessibility-help-button

Add an - INVISIBLE Call Now Button - that allows only screen readers to know it's there. This allows a disabled user having issues accessing a pa …

10 active installs v1.1 PHP 5.3+ WP 4.8+ Updated May 31, 2023

a11ycall-nowsection-508wcagweb-accessibility

B · Generally Safe

CVEs total2

Unpatched0

Last CVEJun 19, 2023

Plugin page Download

Safety Verdict

Is Call Now Accessibility Button Safe to Use in 2026?

Mostly Safe

Score 84/100

Call Now Accessibility Button is generally safe to use though it hasn't been updated recently. 2 past CVEs were resolved. Keep it updated.

2 known CVEsLast CVE: Jun 19, 2023Updated 2yr ago

Risk Assessment

The "accessibility-help-button" v1.1 plugin exhibits a mixed security posture. On one hand, the static analysis reveals a seemingly small attack surface with no identified AJAX handlers, REST API routes, shortcodes, or cron events, and importantly, no direct SQL queries are used in a way that bypasses prepared statements. However, a significant concern arises from the taint analysis, which shows all 8 analyzed flows with unsanitized paths, despite none being flagged as critical or high severity. This suggests a potential for vulnerabilities if user input is not properly handled, even if the direct impact is not immediately apparent from the static analysis alone. The plugin's vulnerability history is also a point of concern, with two known medium-severity Cross-Site Scripting (XSS) vulnerabilities recorded, the last of which was patched in June 2023. This history, coupled with the taint analysis results, indicates a recurring pattern of input sanitization issues that require careful monitoring.

Key Concerns

Unsanitized taint flows detected
Medium severity XSS vulnerabilities in history
Low output escaping percentage

Vulnerabilities

Call Now Accessibility Button Security Vulnerabilities

CVEs by Year

2 CVEs in 2023

2023

Patched Has unpatched

Severity Breakdown

Medium

2 total CVEs

CVE-2023-2635medium · 4.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Call Now Accessibility Button <= 1.0.2 - Authenticated (Administrator+) Stored Cross-Site Scripting

Jun 19, 2023 Patched in 1.1 (418d)

CVE-2023-28933medium · 4.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Call Now Accessibility Button <= 1.1 - Authenticated (Administrator+) Stored Cross-Site Scripting

Jun 2, 2023 Patched in 1.2 (235d)

Code Analysis

Analyzed Mar 16, 2026

Call Now Accessibility Button Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

15 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

26% escaped58 total outputs

Data Flows

8 unsanitized

Data Flow Analysis

8 flows8 with unsanitized paths

tab (admin\class-aa-call-aboutus.php:46)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Call Now Accessibility Button Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 11

actioninitaa508-call.php:83

filterpre_update_option_button-textaa508-call.php:86

filterpre_update_option_ass-labelaa508-call.php:87

filterpre_update_option_phone_numberaa508-call.php:88

actionadmin_menuadmin\class-aa-call-menu.php:9

actionplugins_loadedincludes\class-aa-call.php:148

actionadmin_enqueue_scriptsincludes\class-aa-call.php:163

actionadmin_enqueue_scriptsincludes\class-aa-call.php:164

actionwp_enqueue_scriptsincludes\class-aa-call.php:179

actionwp_enqueue_scriptsincludes\class-aa-call.php:180

actionwp_footerpublic\class-aa-call-public.php:54

Maintenance & Trust

Call Now Accessibility Button Maintenance & Trust

Maintenance Signals

WordPress version tested6.1.10

Last updatedMay 31, 2023

PHP min version5.3

Downloads2K

Community Trust

Rating0/100

Number of ratings0

Active installs10

Alternatives

Call Now Accessibility Button Alternatives

Ally – Web Accessibility & Usability

pojo-accessibility

Ally: Make your site more inclusive by scanning for accessibility violations, fixing them easily, and adding a usability widget and accessibility stat …

500K 4 CVEs

AccessibleWP – Accessibility Toolbar

accessible-poetry

Add a professional accessibility toolbar to your WordPress site and make it easier for users with disabilities.

20K No CVEs

Accesibilidad Web con el Widget de AccedeMe

accedeme-for-wp

100

es: Añade a tu sitio WordPress más accesibilidad. Permite que cualquiera pueda acceder a tu página web independientemente de sus capacidades, conocimi …

1K No CVEs

Accessibility Enabler

accessibility-enabler

100

This plugin increases compliance with WCAG 2.0, ADA , Section 508 without changing your website’s existing code.

300 No CVEs

Meacodes Accessibility Tools

meacodes-accessibility-tools

100

This is an accessibility Plugin for people with disabilities to use the web easily.

50 No CVEs

Developer Profile

Call Now Accessibility Button Developer Profile

stpetedesign

1 plugin · 10 total installs

trust score

Avg Security Score

84/100

Avg Patch Time

327 days

View full developer profile

Detection Fingerprints

How We Detect Call Now Accessibility Button

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/accessibility-help-button/admin/css/aa-call-admin.css/wp-content/plugins/accessibility-help-button/admin/js/aa-call-admin.js/wp-content/plugins/accessibility-help-button/public/css/accessibility-help-button-public.css/wp-content/plugins/accessibility-help-button/public/js/accessibility-help-button-public.js

Script Paths

admin/js/aa-call-admin.jspublic/js/accessibility-help-button-public.js

Version Parameters

accessibility-help-button/admin/css/aa-call-admin.css?ver=accessibility-help-button/admin/js/aa-call-admin.js?ver=accessibility-help-button/public/css/accessibility-help-button-public.css?ver=accessibility-help-button/public/js/accessibility-help-button-public.js?ver=

HTML / DOM Fingerprints

CSS Classes

aa-button

Data Attributes

data-colordata-positiondata-toggle

JS Globals

aa_call_params

FAQ