WP-Safety

Everyone Accessibility Suite Security & Risk Analysis

wordpress.org/plugins/everyone-accessibility-suite

A lightweight WordPress accessibility plugin with an accessibility widget and accessibility panel to improve accessibility compliance and usability.

20 active installs v1.1.1 PHP 7.4+ WP 5.8+ Updated Dec 19, 2025
a11yaccessibilitydisabilityscreen-readerwcag
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Everyone Accessibility Suite Safe to Use in 2026?

Generally Safe

Score 100/100

Everyone Accessibility Suite has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 3mo ago
Risk Assessment

The "everyone-accessibility-suite" plugin v1.1.1 demonstrates a strong security posture based on the static analysis. It exhibits excellent adherence to best practices, with 100% of its identified entry points (AJAX handlers, REST API routes, shortcodes, cron events) protected by authentication or capability checks. The code shows a commendable focus on secure coding, with a very high percentage of SQL queries using prepared statements and nearly all output being properly escaped. The absence of dangerous functions and a clean taint analysis with no critical or high severity flows are significant strengths. Furthermore, the plugin has no recorded vulnerabilities in its history, indicating a history of secure development and maintenance.

Despite the overwhelmingly positive findings, the analysis did reveal one specific area of concern: a single taint flow with an unsanitized path. While this flow did not result in a critical or high severity issue in this analysis, it represents a potential entry point for certain types of attacks if not handled with extreme care or if the plugin evolves in a way that exposes this path more broadly. The presence of file operations and external HTTP requests, though not flagged as problematic here, are areas that often require diligent review for potential security weaknesses in other contexts. Overall, this plugin appears to be developed with security as a priority, with only a minor, isolated concern identified.

Key Concerns

  • Taint flow with unsanitized path
Vulnerabilities
None known

Everyone Accessibility Suite Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

Everyone Accessibility Suite Code Analysis

Dangerous Functions
0
Raw SQL Queries
4
25 prepared
Unescaped Output
2
150 escaped
Nonce Checks
7
Capability Checks
16
File Operations
9
External Requests
3
Bundled Libraries
0

SQL Query Safety

86% prepared29 total queries

Output Escaping

99% escaped152 total outputs
Data Flows
1 unsanitized

Data Flow Analysis

2 flows1 with unsanitized paths
<class-speech-generator> (includes\modules\text-to-speech\class-speech-generator.php:0)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

Everyone Accessibility Suite Attack Surface

Entry Points16
Unprotected0

AJAX Handlers 2

authwp_ajax_evas_tts_generateincludes\modules\text-to-speech\class-speech-generator.php:45
noprivwp_ajax_evas_tts_generateincludes\modules\text-to-speech\class-speech-generator.php:46

REST API Routes 7

GET/wp-json/evas/v1/modulesincludes\admin\class-components-page.php:42
POST/wp-json/evas/v1/modules/toggleincludes\admin\class-components-page.php:53
GET/wp-json/evas/v1/modules/activeincludes\admin\class-components-page.php:75
GET/wp-json/evas/v1/settingsincludes\admin\class-settings-page.php:42
POST/wp-json/evas/v1/settingsincludes\admin\class-settings-page.php:53
GET/wp-json/evas/v1/accessibility/settingsincludes\admin\class-settings-page.php:64
POST/wp-json/evas/v1/accessibility/settingsincludes\admin\class-settings-page.php:75

Shortcodes 7

[evas-accessibility-statement] includes\modules\accessibility-extras\class-statement-generator.php:121
[evas-mute] includes\modules\text-to-speech\class-tts-shortcodes.php:38
[evas-break] includes\modules\text-to-speech\class-tts-shortcodes.php:41
[evas-say-as] includes\modules\text-to-speech\class-tts-shortcodes.php:44
[evas-emphasis] includes\modules\text-to-speech\class-tts-shortcodes.php:47
[evas-prosody] includes\modules\text-to-speech\class-tts-shortcodes.php:50
[evas-read-button] includes\modules\text-to-speech\class-tts-shortcodes.php:53
WordPress Hooks 60
actionadmin_noticeseveryone-accessibility-suite.php:59
actionplugins_loadedeveryone-accessibility-suite.php:221
actionadmin_menuincludes\admin\class-admin-app.php:51
actionadmin_enqueue_scriptsincludes\admin\class-admin-app.php:52
actionrest_api_initincludes\admin\class-components-page.php:34
actionrest_api_initincludes\admin\class-settings-page.php:34
actionwp_enqueue_scriptsincludes\core\class-accessibility-panel.php:47
actionwp_footerincludes\core\class-accessibility-panel.php:50
actionrest_api_initincludes\modules\accessibility-analyzer\class-accessibility-analyzer-module.php:34
filterevas_register_modulesincludes\modules\accessibility-analyzer\evas-accessibility-analyzer.php:22
actioninitincludes\modules\accessibility-analyzer\evas-accessibility-analyzer.php:36
filterevas_module_accessibility_analyzer_metadataincludes\modules\accessibility-analyzer\evas-accessibility-analyzer.php:37
filterevas_admin_routesincludes\modules\accessibility-analyzer\evas-accessibility-analyzer.php:47
actionrest_api_initincludes\modules\accessibility-extras\class-accessibility-extras-module.php:37
actionwp_footerincludes\modules\accessibility-extras\class-accessibility-extras-module.php:40
actioninitincludes\modules\accessibility-extras\class-statement-generator.php:129
filterevas_register_modulesincludes\modules\accessibility-extras\evas-accessibility-extras.php:22
actioninitincludes\modules\accessibility-extras\evas-accessibility-extras.php:36
filterevas_module_accessibility_extras_metadataincludes\modules\accessibility-extras\evas-accessibility-extras.php:37
filterevas_admin_routesincludes\modules\accessibility-extras\evas-accessibility-extras.php:47
actionrest_api_initincludes\modules\customizer\class-customizer-module.php:157
actionwp_enqueue_scriptsincludes\modules\customizer\class-customizer-module.php:158
actionevas_before_panel_renderincludes\modules\customizer\class-customizer-module.php:161
filterevas_panel_classesincludes\modules\customizer\class-customizer-module.php:162
filterevas_button_classesincludes\modules\customizer\class-customizer-module.php:163
actionwp_footerincludes\modules\customizer\class-customizer-module.php:164
actionplugins_loadedincludes\modules\customizer\core\class-module-standalone.php:28
filterevas_register_modulesincludes\modules\customizer\evas-customizer.php:27
actioninitincludes\modules\customizer\evas-customizer.php:42
filterevas_module_customizer_metadataincludes\modules\customizer\evas-customizer.php:43
filterevas_admin_routesincludes\modules\customizer\evas-customizer.php:53
actionrest_api_initincludes\modules\text-to-speech\class-text-to-speech-module.php:70
actionwp_enqueue_scriptsincludes\modules\text-to-speech\class-text-to-speech-module.php:73
actionevas_panel_controlsincludes\modules\text-to-speech\class-text-to-speech-module.php:76
actionevas_tts_cache_cleanupincludes\modules\text-to-speech\class-text-to-speech-module.php:83
filterevas_register_modulesincludes\modules\text-to-speech\evas-text-to-speech.php:34
actioninitincludes\modules\text-to-speech\evas-text-to-speech.php:52
filterevas_module_text_to_speech_metadataincludes\modules\text-to-speech\evas-text-to-speech.php:53
filterevas_admin_routesincludes\modules\text-to-speech\evas-text-to-speech.php:64
actionrest_api_initincludes\modules\usage-analytics\class-usage-analytics-module.php:75
filterevas_admin_routesincludes\modules\usage-analytics\class-usage-analytics-module.php:78
actionwp_enqueue_scriptsincludes\modules\usage-analytics\class-usage-analytics-module.php:86
actionwp_dashboard_setupincludes\modules\usage-analytics\class-usage-analytics-module.php:90
actionadmin_enqueue_scriptsincludes\modules\usage-analytics\class-usage-analytics-module.php:94
actioninitincludes\modules\usage-analytics\evas-usage-analytics.php:45
actionrest_api_initincludes\modules\virtual-keyboard\class-virtual-keyboard-module.php:41
actionwp_enqueue_scriptsincludes\modules\virtual-keyboard\class-virtual-keyboard-module.php:42
actionevas_panel_controlsincludes\modules\virtual-keyboard\class-virtual-keyboard-module.php:43
actionwp_footerincludes\modules\virtual-keyboard\class-virtual-keyboard-module.php:44
filterevas_register_modulesincludes\modules\virtual-keyboard\evas-virtual-keyboard.php:27
actioninitincludes\modules\virtual-keyboard\evas-virtual-keyboard.php:42
filterevas_module_virtual_keyboard_metadataincludes\modules\virtual-keyboard\evas-virtual-keyboard.php:43
filterevas_admin_routesincludes\modules\virtual-keyboard\evas-virtual-keyboard.php:53
actionrest_api_initincludes\modules\voice-navigation\class-voice-navigation-module.php:61
actionwp_enqueue_scriptsincludes\modules\voice-navigation\class-voice-navigation-module.php:64
actionevas_panel_controlsincludes\modules\voice-navigation\class-voice-navigation-module.php:67
filterevas_register_modulesincludes\modules\voice-navigation\evas-voice-navigation.php:34
actioninitincludes\modules\voice-navigation\evas-voice-navigation.php:49
filterevas_module_voice_navigation_metadataincludes\modules\voice-navigation\evas-voice-navigation.php:50
filterevas_admin_routesincludes\modules\voice-navigation\evas-voice-navigation.php:60

Scheduled Events 1

evas_tts_cache_cleanup
Maintenance & Trust

Everyone Accessibility Suite Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedDec 19, 2025
PHP min version7.4
Downloads234

Community Trust

Rating0/100
Number of ratings0
Active installs20
Alternatives

Everyone Accessibility Suite Alternatives

One Accessibility – Making Your Site Accessible to Everyone

One Accessibility – Making Your Site Accessible to Everyone

website-accessibility

A
100

Make your site accessible to everyone with advanced tools, WCAG compliance, and customization for a truly inclusive experience.

100 No CVEs
AccessiMate – Accessibility Widget for ADA & WCAG Compliance (One-Click Toolbar)

AccessiMate – Accessibility Widget for ADA & WCAG Compliance (One-Click Toolbar)

accessimate

A
100

A WordPress accessibility plugin with essential tools to make your site more accessible and user-friendly with disabilities—all with one click.

30 No CVEs
BarrierEase

BarrierEase

barrierease

A
100

Macht Ihre WordPress-Website barrierefrei mit nur einem Klick. WCAG 2.1 konform, BFSG-ready und 35+ Accessibility-Features.

20 No CVEs
WCAG Admin Accessibility Tools

WCAG Admin Accessibility Tools

wcag-admin-accessibility-tools

A
100

Accessibility diagnostics and tools for alt text, contrast, vague links, and more.

20 No CVEs
Ally – Web Accessibility & Usability

Ally – Web Accessibility & Usability

pojo-accessibility

A
93

Ally: Make your site more inclusive by scanning for accessibility violations, fixing them easily, and adding a usability widget and accessibility stat &hellip;

500K 4 CVEs
Developer Profile

Everyone Accessibility Suite Developer Profile

Alexander Kovalev

6 plugins · 560 total installs

93
trust score
Avg Security Score
98/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Everyone Accessibility Suite

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/everyone-accessibility-suite/assets/css/frontend.css/wp-content/plugins/everyone-accessibility-suite/assets/js/frontend.js/wp-content/plugins/everyone-accessibility-suite/assets/css/wpaifactory-frontend.css
Version Parameters
everyone-accessibility-suite/assets/css/frontend.css?ver=everyone-accessibility-suite/assets/js/frontend.js?ver=everyone-accessibility-suite/assets/css/wpaifactory-frontend.css?ver=

HTML / DOM Fingerprints

CSS Classes
evas-accessibility-panel-containerevas-accessibility-open-buttonevas-accessibility-profiles-menu-item
HTML Comments
<!-- Everyone Accessibility Suite --><div id="evas-accessibility-panel-container"<!-- Everyone Accessibility Suite Pro -->
Data Attributes
data-evas-plugin-version
JS Globals
window.evas_settings
FAQ

Frequently Asked Questions about Everyone Accessibility Suite