Does WebAbility Accessibility Widget have any unpatched vulnerabilities?

No. All known vulnerabilities in WebAbility Accessibility Widget have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is WebAbility Accessibility Widget compatible with WordPress 6.8.5?

According to WordPress.org data, WebAbility Accessibility Widget 2.0.0 has been tested up to WordPress 6.8.5. Check the plugin's changelog for the latest compatibility information.

Is WebAbility Accessibility Widget compatible with PHP 7.4+?

WebAbility Accessibility Widget requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is WebAbility Accessibility Widget updated?

WebAbility Accessibility Widget was last updated on Nov 3, 2025. Frequent updates are generally a positive security signal.

What is WebAbility Accessibility Widget's security score?

WebAbility Accessibility Widget has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

WebAbility Accessibility Widget Security & Risk Analysis

wordpress.org/plugins/webability-accessibility-widget

Easy-to-use accessibility widget that makes your website compliant with WCAG and ADA standards. Simple setup with customizable positioning.

60 active installs v2.0.0 PHP 7.4+ WP 5.8+ Updated Nov 3, 2025

accessibilityaccessibility-widgetadawcagweb-accessibility

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is WebAbility Accessibility Widget Safe to Use in 2026?

Generally Safe

Score 100/100

WebAbility Accessibility Widget has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 5mo ago

Risk Assessment

The webability-accessibility-widget plugin version 2.0.0 exhibits a mixed security posture. On the positive side, it demonstrates good practices by utilizing prepared statements for all SQL queries, implementing nonce checks for its entry points, and performing capability checks. The absence of dangerous functions, file operations, and known CVEs in its history are also strong indicators of a relatively secure development process and a clean past. However, a significant concern arises from the presence of an unprotected AJAX handler, which represents a direct entry point into the application without proper authentication or authorization checks. While taint analysis did not reveal any vulnerabilities, the lack of sanitization and validation on this unprotected AJAX handler could potentially be exploited if malicious data is passed to it. The plugin's limited attack surface, with only one entry point and no shortcodes, cron events, or REST API routes, mitigates some of the risk associated with the unprotected handler. Overall, while the plugin has solid security foundations, the single unprotected AJAX handler presents a critical vulnerability that needs immediate attention.

Key Concerns

Unprotected AJAX handler
Inconsistent output escaping

Vulnerabilities

None known

WebAbility Accessibility Widget Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

WebAbility Accessibility Widget Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

13 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

62% escaped21 total outputs

Attack Surface

1 unprotected

WebAbility Accessibility Widget Attack Surface

Entry Points1

Unprotected1

AJAX Handlers 1

authwp_ajax_webability_acwg_verifyincludes\verify.php:4

WordPress Hooks 5

actionadmin_menuincludes\admin-page.php:4

actionadmin_enqueue_scriptsincludes\admin-page.php:16

actionwp_enqueue_scriptsincludes\frontend.php:4

filterscript_loader_tagincludes\frontend.php:30

actionadmin_initincludes\settings.php:18

Maintenance & Trust

WebAbility Accessibility Widget Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5

Last updatedNov 3, 2025

PHP min version7.4

Downloads383

Community Trust

Rating0/100

Number of ratings0

Active installs60

Alternatives

WebAbility Accessibility Widget Alternatives

Accessibility Widget by OneTap – Easy One-Click Accessibility Toolbar

accessibility-onetap

100

OneTap is a multilingual WordPress plugin designed for seamless website accessibility.

40K No CVEs

AccessYes Accessibility Widget for ADA, EAA & WCAG Readiness

accessibility-widget

Free accessibility widget to support WCAG, ADA & EAA. Includes text resize, high contrast, dyslexia-friendly font, spacing, and more tools.

10K 1 CVE

Web Accessibility by accessiBe

accessibe

Fix accessibility issues & make your site accessible with an AI-powered accessibility service.

10K 5 CVEs

Accessibly – WordPress Website Accessibility

otm-accessibly

Accessibly app is a WordPress accessibility plugin that will help your website become accessible to even more of your site visitors.

400 No CVEs

Accessibility Enabler

accessibility-enabler

100

This plugin increases compliance with WCAG 2.0, ADA , Section 508 without changing your website’s existing code.

300 No CVEs

Developer Profile

WebAbility Accessibility Widget Developer Profile

Webability

1 plugin · 60 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect WebAbility Accessibility Widget

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/webability-accessibility-widget/wa-admin.js

Script Paths

https://widget-v2.webability.io/widget.min.js

HTML / DOM Fingerprints

Data Attributes

data-asw-langdata-asw-positiondata-asw-debugdata-asw-analyzerdata-asw-offset

JS Globals

WEBABILITY_ACWG_VERIFY

FAQ