WP-Safety

Accessibility Tool Kit: WP Accessibility plugin for WCAG, Section 508, ADA, EAA Compliance Security & Risk Analysis

wordpress.org/plugins/accessibility-plus

Powerful WordPress accessibility plugin to detect and fix WCAG issues, improve usability, and support ADA, EAA, and Section 508 compliance.

1K active installs v2.1.0 PHP 5.6+ WP 5.0+ Updated Mar 17, 2026
a11yaccessibilityadaeaawcag
99
A · Safe
CVEs total1
Unpatched0
Last CVEOct 30, 2025
Plugin page Download
Safety Verdict

Is Accessibility Tool Kit: WP Accessibility plugin for WCAG, Section 508, ADA, EAA Compliance Safe to Use in 2026?

Generally Safe

Score 99/100

Accessibility Tool Kit: WP Accessibility plugin for WCAG, Section 508, ADA, EAA Compliance has a strong security track record. Known vulnerabilities have been patched promptly. It's a solid choice for most WordPress installations.

1 known CVELast CVE: Oct 30, 2025Updated 2mo ago
Risk Assessment

The 'accessibility-plus' plugin v2.0.9 exhibits a generally good security posture based on the provided static analysis. The code demonstrates strong adherence to secure coding practices, with all SQL queries utilizing prepared statements, 100% of output being properly escaped, and a robust implementation of capability checks (9 instances). The presence of a nonce check further reinforces its defensive mechanisms. The limited attack surface, with only one AJAX handler and no exposed REST API routes, shortcodes, or cron events, is also a positive indicator.

However, a significant concern arises from the plugin's vulnerability history. The presence of one known medium-severity CVE, even though currently unpatched, suggests a past weakness. While the common vulnerability type points to 'Missing Authorization,' the static analysis data shows a protected AJAX handler. This discrepancy warrants further investigation to understand if the historical vulnerability was addressed or if it represents a blind spot in the current analysis.

In conclusion, while the current code exhibits strong security practices and a small attack surface, the past medium-severity vulnerability related to authorization is a notable weakness. The plugin has demonstrated the ability to introduce security flaws, and vigilance is required to ensure such issues do not re-emerge. The lack of taint analysis results is neutral, as it could mean no flows were found or the analysis was not comprehensive.

Key Concerns

  • One medium severity CVE historically
Vulnerabilities
1 published

Accessibility Tool Kit: WP Accessibility plugin for WCAG, Section 508, ADA, EAA Compliance Security Vulnerabilities

CVEs by Year

1 CVE in 2025
2025
Patched Has unpatched

Severity Breakdown

Medium
1

1 total CVE

CVE-2025-66112medium · 4.3Missing Authorization

Accessibility Toolkit by WebYes <= 2.0.4 - Missing Authorization

Oct 30, 2025 Patched in 2.0.5 (27d)
Version History

Accessibility Tool Kit: WP Accessibility plugin for WCAG, Section 508, ADA, EAA Compliance Release Timeline

v2.1.0Current
v2.0.9
v2.0.8
v2.0.7
v2.0.6
v2.0.5
v2.0.41 CVE
CVE-2025-66112
v2.0.31 CVE
CVE-2025-66112
v2.0.21 CVE
CVE-2025-66112
v2.0.11 CVE
CVE-2025-66112
v2.0.01 CVE
CVE-2025-66112
v1.2.41 CVE
CVE-2025-66112
v1.2.31 CVE
CVE-2025-66112
v1.2.21 CVE
CVE-2025-66112
v1.2.11 CVE
CVE-2025-66112
v1.21 CVE
CVE-2025-66112
v1.1.31 CVE
CVE-2025-66112
v1.1.21 CVE
CVE-2025-66112
v1.1.11 CVE
CVE-2025-66112
v1.1.01 CVE
CVE-2025-66112
Code Analysis
Analyzed Mar 16, 2026

Accessibility Tool Kit: WP Accessibility plugin for WCAG, Section 508, ADA, EAA Compliance Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
1 prepared
Unescaped Output
0
90 escaped
Nonce Checks
1
Capability Checks
9
File Operations
3
External Requests
1
Bundled Libraries
0

SQL Query Safety

100% prepared1 total queries

Output Escaping

100% escaped90 total outputs
Attack Surface

Accessibility Tool Kit: WP Accessibility plugin for WCAG, Section 508, ADA, EAA Compliance Attack Surface

Entry Points1
Unprotected0

AJAX Handlers 1

authwp_ajax_wya11y_submit_uninstall_reasonlite\includes\class-uninstall-feedback.php:51
WordPress Hooks 27
actionadmin_menulegacy\inc\options.php:165
actiontemplate_redirectlegacy\loader.php:347
actionadmin_enqueue_scriptslegacy\loader.php:367
actionadmin_menulite\admin\class-admin.php:81
actionadmin_print_scriptslite\admin\class-admin.php:82
filterscript_loader_taglite\admin\class-admin.php:157
actionrest_api_initlite\admin\modules\settings\api\class-api.php:50
actionrest_api_initlite\admin\modules\statement\api\class-api.php:51
actionwp_enqueue_scriptslite\frontend\class-frontend.php:88
actionwp_enqueue_scriptslite\frontend\class-frontend.php:89
actionwp_enqueue_scriptslite\frontend\class-frontend.php:90
actionwp_headlite\frontend\class-frontend.php:91
filterscript_loader_taglite\frontend\class-frontend.php:186
actioninitlite\frontend\modules\fixes\class-fixes.php:27
filtercomment_form_defaultslite\frontend\modules\fixes\fix\class-comment-search.php:37
filterget_search_formlite\frontend\modules\fixes\fix\class-comment-search.php:41
filterwp_headlite\frontend\modules\fixes\fix\class-focus-outline.php:34
filterlanguage_attributeslite\frontend\modules\fixes\fix\class-lang-dir.php:35
filterwya11y_configlite\frontend\modules\fixes\fix\class-lang-dir.php:36
actionwp_enqueue_scriptslite\frontend\modules\fixes\fix\class-new-window-warning.php:37
actionwp_headlite\frontend\modules\fixes\fix\class-new-window-warning.php:47
actionwp_body_openlite\frontend\modules\fixes\fix\class-skip-link.php:33
filterwya11y_configlite\frontend\modules\fixes\fix\class-under-line-links.php:34
actioninitlite\includes\class-activator.php:63
actionadmin_enqueue_scriptslite\includes\class-base.php:140
actionadmin_enqueue_scriptslite\includes\class-base.php:141
actionadmin_footerlite\includes\class-uninstall-feedback.php:50
Maintenance & Trust

Accessibility Tool Kit: WP Accessibility plugin for WCAG, Section 508, ADA, EAA Compliance Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedMar 17, 2026
PHP min version5.6
Downloads18K

Community Trust

Rating96/100
Number of ratings5
Active installs1K
Alternatives

Accessibility Tool Kit: WP Accessibility plugin for WCAG, Section 508, ADA, EAA Compliance Alternatives

Accessibility by UserWay

Accessibility by UserWay

userway-accessibility-widget

A
100

UserWay’s Accessibility Widget creates a simpler and more accessible browsing experience for your users.

80K No CVEs
Equalize Digital Accessibility Checker – WCAG, ADA, EAA and Section 508 compliance

Equalize Digital Accessibility Checker – WCAG, ADA, EAA and Section 508 compliance

accessibility-checker

A
97

Find and fix accessibility issues with confidence. Real-time reports, automated fixes, and guidance. Reduce compliance risk and reach more users.

10K 3 CVEs
Accessibility New Window Warnings

Accessibility New Window Warnings

accessibility-new-window-warnings

A
100

Make links that open in a new window compliant with WCAG guidelines for accessibility by adding a warning for users.

1K No CVEs
Accessibility Enabler

Accessibility Enabler

accessibility-enabler

A
100

This plugin increases compliance with WCAG 2.0, ADA , Section 508 without changing your website’s existing code.

300 No CVEs
Accessibility Assistant – Readabler

Accessibility Assistant – Readabler

readabler-assistant

A
92

Readabler Accessibility Assistant adds AI-powered accessibility features directly to your WordPress site for a better user experience.

200 No CVEs
Developer Profile

Accessibility Tool Kit: WP Accessibility plugin for WCAG, Section 508, ADA, EAA Compliance Developer Profile

WebToffee

18 plugins · 377K total installs

78
trust score
Avg Security Score
98/100
Avg Patch Time
152 days
View full developer profile
Detection Fingerprints

How We Detect Accessibility Tool Kit: WP Accessibility plugin for WCAG, Section 508, ADA, EAA Compliance

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/accessibility-plus/lite/css/a11y-style.css/wp-content/plugins/accessibility-plus/lite/js/a11y.js/wp-content/plugins/accessibility-plus/lite/js/accessibility.js/wp-content/plugins/accessibility-plus/lite/js/accessibility-main.js
Script Paths
/wp-content/plugins/accessibility-plus/lite/js/a11y.js/wp-content/plugins/accessibility-plus/lite/js/accessibility.js/wp-content/plugins/accessibility-plus/lite/js/accessibility-main.js
Version Parameters
accessibility-plus/lite/css/a11y-style.css?ver=accessibility-plus/lite/js/a11y.js?ver=accessibility-plus/lite/js/accessibility.js?ver=accessibility-plus/lite/js/accessibility-main.js?ver=

HTML / DOM Fingerprints

CSS Classes
a11y-skip-link-containera11y-skip-link
HTML Comments
<!-- Added by WP Accessibility plugin --><!-- WP Accessibility plugin: Skip to content link -->
Data Attributes
aria-labeldata-a11y-skip-link
JS Globals
a11y
FAQ

Frequently Asked Questions about Accessibility Tool Kit: WP Accessibility plugin for WCAG, Section 508, ADA, EAA Compliance