WP-Safety

Orange Comfort+ accessibility toolbar for WordPress Security & Risk Analysis

wordpress.org/plugins/orange-confort-plus

Add the Orange Comfort+ accessibility toolbar to your WordPress site.

10 active installs v0.8.0 PHP + WP 4.6+ Updated Feb 5, 2026
accessibilityconfortorange-comfortwp-consent-api
99
A · Safe
CVEs total1
Unpatched0
Last CVEFeb 5, 2026
Plugin page Download
Safety Verdict

Is Orange Comfort+ accessibility toolbar for WordPress Safe to Use in 2026?

Generally Safe

Score 99/100

Orange Comfort+ accessibility toolbar for WordPress has a strong security track record. Known vulnerabilities have been patched promptly.

1 known CVELast CVE: Feb 5, 2026Updated 1mo ago
Risk Assessment

The static analysis for 'orange-confort-plus' v0.8.0 reveals a seemingly secure plugin at first glance, with no identified attack surface points or dangerous functions. The complete absence of SQL queries not using prepared statements and no file operations or external HTTP requests are positive indicators. However, the code analysis highlights a significant concern: 100% of outputs are not properly escaped. This points to a high risk of Cross-Site Scripting (XSS) vulnerabilities, where user-supplied data could be injected into web pages without proper sanitization, leading to malicious script execution in the user's browser.

The vulnerability history shows one known medium-severity CVE, identified as Cross-Site Scripting. While this CVE is currently unpatched, its medium severity and the fact that it's the only identified historical issue might suggest it's not a recurring critical problem. However, the presence of an unpatched medium XSS vulnerability, combined with the static analysis finding of 100% unescaped outputs, strongly indicates that XSS is a pervasive and ongoing threat within this plugin. The lack of nonce and capability checks across all entry points (even though the entry point count is zero) is also a general security weakness that could become relevant if new entry points are introduced without proper security considerations.

Key Concerns

  • 100% of outputs are not properly escaped
  • Unpatched medium CVE (XSS)
  • Missing capability checks on entry points
  • Missing nonce checks on entry points
Vulnerabilities
1

Orange Comfort+ accessibility toolbar for WordPress Security Vulnerabilities

CVEs by Year

1 CVE in 2026
2026
Patched Has unpatched

Severity Breakdown

Medium
1

1 total CVE

CVE-2026-1808medium · 6.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Orange Confort+ accessibility toolbar for WordPress <= 0.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes

Feb 5, 2026 Patched in 0.7.1 (1d)
Code Analysis
Analyzed Mar 16, 2026

Orange Comfort+ accessibility toolbar for WordPress Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
1
0 escaped
Nonce Checks
0
Capability Checks
0
File Operations
0
External Requests
0
Bundled Libraries
0

Output Escaping

0% escaped1 total outputs
Attack Surface

Orange Comfort+ accessibility toolbar for WordPress Attack Surface

Entry Points0
Unprotected0
Maintenance & Trust

Orange Comfort+ accessibility toolbar for WordPress Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedFeb 5, 2026
PHP min version
Downloads2K

Community Trust

Rating0/100
Number of ratings0
Active installs10
Alternatives

Orange Comfort+ accessibility toolbar for WordPress Alternatives

Ally – Web Accessibility & Usability

Ally – Web Accessibility & Usability

pojo-accessibility

A
93

Ally: Make your site more inclusive by scanning for accessibility violations, fixing them easily, and adding a usability widget and accessibility stat &hellip;

500K 4 CVEs
Auto Image Attributes From Filename With Bulk Updater (Add Alt Text, Image Title For Image SEO)

Auto Image Attributes From Filename With Bulk Updater (Add Alt Text, Image Title For Image SEO)

auto-image-attributes-from-filename-with-bulk-updater

A
100

Automatically add Image Alt Text, Title, Caption and Description from Filename. Bulk update existing images. Great for Image SEO and Accessibility.

100K No CVEs
Accessibility by UserWay

Accessibility by UserWay

userway-accessibility-widget

A
100

UserWay’s Accessibility Widget creates a simpler and more accessible browsing experience for your users.

80K No CVEs
WP Accessibility

WP Accessibility

wp-accessibility

A
98

WP Accessibility fixes common accessibility issues in your WordPress site.

60K 2 CVEs
Accessibility Widget by OneTap – Easy One-Click Accessibility Toolbar

Accessibility Widget by OneTap – Easy One-Click Accessibility Toolbar

accessibility-onetap

A
100

OneTap is a multilingual WordPress plugin designed for seamless website accessibility.

40K No CVEs
Developer Profile

Orange Comfort+ accessibility toolbar for WordPress Developer Profile

Rolf Allard van Hagen

8 plugins · 111K total installs

76
trust score
Avg Security Score
95/100
Avg Patch Time
293 days
View full developer profile
Detection Fingerprints

How We Detect Orange Comfort+ accessibility toolbar for WordPress

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/orange-confort-plus/vendor/4.3.6/js/toolbar.min.js/wp-content/plugins/orange-confort-plus/js/consent-api-wrapper.min.js/wp-content/plugins/orange-confort-plus/vendor/5.0.1/js/toolbar.min.js
Script Paths
/wp-content/plugins/orange-confort-plus/js/consent-api-wrapper.min.js/wp-content/plugins/orange-confort-plus/vendor/4.3.6/js/toolbar.min.js/wp-content/plugins/orange-confort-plus/vendor/5.0.1/js/toolbar.min.js
Version Parameters
orange-confort-plus/js/consent-api-wrapper.min.js?ver=orange-confort-plus/vendor/4.3.6/js/toolbar.min.js?ver=orange-confort-plus/vendor/5.0.1/js/toolbar.min.js?ver=

HTML / DOM Fingerprints

CSS Classes
wp-block-button__linkwp-element-button
JS Globals
hebergementFullPathaccessibilitytoolbar_customocPlusScriptVersioncustomAppPath
Shortcode Output
[ocplus_button]
FAQ

Frequently Asked Questions about Orange Comfort+ accessibility toolbar for WordPress