Does AccessYes Accessibility Widget for ADA, EAA & WCAG Readiness have any unpatched vulnerabilities?

No. All known vulnerabilities in AccessYes Accessibility Widget for ADA, EAA & WCAG Readiness have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is AccessYes Accessibility Widget for ADA, EAA & WCAG Readiness compatible with WordPress 6.9.4?

According to WordPress.org data, AccessYes Accessibility Widget for ADA, EAA & WCAG Readiness 3.1.2 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is AccessYes Accessibility Widget for ADA, EAA & WCAG Readiness compatible with PHP 5.6+?

AccessYes Accessibility Widget for ADA, EAA & WCAG Readiness requires PHP 5.6 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

AccessYes Accessibility Widget for ADA, EAA & WCAG Readiness Security & Risk Analysis

wordpress.org/plugins/accessibility-widget

Free accessibility widget to support WCAG, ADA & EAA. Includes text resize, high contrast, dyslexia-friendly font, spacing, and more tools.

10K active installs v3.1.2 PHP 5.6+ WP 5.0.0+ Updated Mar 13, 2026

accessibility-widgetadawcagweb-accessibilitywp-accessibility

A · Safe

CVEs total1

Unpatched0

Last CVEApr 22, 2024

Plugin page Download

Safety Verdict

Is AccessYes Accessibility Widget for ADA, EAA & WCAG Readiness Safe to Use in 2026?

Generally Safe

Score 99/100

AccessYes Accessibility Widget for ADA, EAA & WCAG Readiness has a strong security track record. Known vulnerabilities have been patched promptly.

1 known CVELast CVE: Apr 22, 2024Updated 21d ago

Risk Assessment

The "accessibility-widget" v3.1.2 plugin exhibits a generally good security posture, with a strong emphasis on secure coding practices. The absence of critical or high-severity taint flows, a complete lack of raw SQL queries, and a high percentage of properly escaped output are commendable. The presence of nonce and capability checks on its single AJAX handler further strengthens its defense against common attack vectors. However, the plugin is not without its potential concerns. The single file operation and external HTTP request, while not inherently insecure, represent potential entry points that require careful monitoring and validation of external inputs or data. The existence of a past medium-severity vulnerability related to Cross-site Scripting, despite being patched, suggests a historical tendency for input sanitization issues that warrants continued vigilance.

Overall, the plugin demonstrates a solid foundation of security, with proactive measures in place to prevent many common vulnerabilities. The low number of identified code signals that could be considered risky (file operations, external requests) is encouraging. The history of one medium vulnerability, though now patched, is a reminder that even seemingly secure plugins can have exploitable flaws. While the current version appears to be in good shape, ongoing monitoring for new vulnerabilities and a diligent approach to input validation are recommended to maintain its secure status.

Key Concerns

One past medium severity vulnerability
One file operation detected
One external HTTP request detected

Vulnerabilities

AccessYes Accessibility Widget for ADA, EAA & WCAG Readiness Security Vulnerabilities

CVEs by Year

1 CVE in 2024

2024

Patched Has unpatched

Severity Breakdown

Medium

1 total CVE

CVE-2024-32831medium · 6.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Accessibility Widget <= 2.2 - Authenticated (Contributor+) Stored Cross-Site Scripting

Apr 22, 2024 Patched in 2.2.1 (8d)

Code Analysis

Analyzed Mar 16, 2026

AccessYes Accessibility Widget for ADA, EAA & WCAG Readiness Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

92 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

92% escaped100 total outputs

Attack Surface

AccessYes Accessibility Widget for ADA, EAA & WCAG Readiness Attack Surface

Entry Points1

Unprotected0

AJAX Handlers 1

authwp_ajax_cya11y_submit_uninstall_reasonlite\includes\class-uninstall-feedback.php:53

WordPress Hooks 9

actionwidgets_initlegacy\loader.php:113

actionadmin_menulite\admin\class-admin.php:81

actionadmin_print_scriptslite\admin\class-admin.php:82

actionrest_api_initlite\admin\modules\settings\api\class-api.php:49

actionwp_enqueue_scriptslite\frontend\class-frontend.php:117

actioninitlite\includes\class-activator.php:64

actionadmin_enqueue_scriptslite\includes\class-base.php:145

actionadmin_enqueue_scriptslite\includes\class-base.php:146

actionadmin_footerlite\includes\class-uninstall-feedback.php:52

Maintenance & Trust

AccessYes Accessibility Widget for ADA, EAA & WCAG Readiness Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedMar 13, 2026

PHP min version5.6

Downloads123K

Community Trust

Rating94/100

Number of ratings21

Active installs10K

Alternatives

AccessYes Accessibility Widget for ADA, EAA & WCAG Readiness Alternatives

Accessibility Widget by OneTap – Easy One-Click Accessibility Toolbar

accessibility-onetap

100

OneTap is a multilingual WordPress plugin designed for seamless website accessibility.

40K No CVEs

WebAbility Accessibility Widget

webability-accessibility-widget

100

Easy-to-use accessibility widget that makes your website compliant with WCAG and ADA standards. Simple setup with customizable positioning.

60 No CVEs

Web Accessibility by accessiBe

accessibe

Fix accessibility issues & make your site accessible with an AI-powered accessibility service.

10K 5 CVEs

Equalize Digital Accessibility Checker – Audit Your Website for WCAG, ADA, and Section 508 Accessibility Errors

accessibility-checker

Find and fix accessibility issues on your website. Detailed reports, autogenerated accessibility statement and one-click fixes to improve compliance.

10K 3 CVEs

Accessibly – WordPress Website Accessibility

otm-accessibly

Accessibly app is a WordPress accessibility plugin that will help your website become accessible to even more of your site visitors.

400 No CVEs

Developer Profile

AccessYes Accessibility Widget for ADA, EAA & WCAG Readiness Developer Profile

CookieYes

2 plugins · 1.0M total installs

trust score

Avg Security Score

100/100

Avg Patch Time

725 days

View full developer profile

Detection Fingerprints

How We Detect AccessYes Accessibility Widget for ADA, EAA & WCAG Readiness

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/accessibility-widget/lite/app/dist/assets/index.css/wp-content/plugins/accessibility-widget/lite/app/dist/assets/index.js

Version Parameters

accessibility-widget/lite/app/dist/assets/index.css?ver=accessibility-widget/lite/app/dist/assets/index.js?ver=

HTML / DOM Fingerprints

CSS Classes

cy-a11y-widget

HTML Comments

This program is free software; you can redistribute it and/or modify
	it under the terms of the GNU General Public License, version 2, as
	published by the Free Software Foundation.

This program is distributed in the hope that it will be useful,
	but WITHOUT ANY WARRANTY; without even the implied warranty of
	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
	GNU General Public License for more details.

You should have received a copy of the GNU General Public License
	along with this program; if not, write to the Free Software
	Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA

+6 more

Data Attributes

data-cy-a11y-widget-settings

JS Globals

cyA11yGlobals

REST Endpoints

cya11y/v1/

FAQ