WP-Safety

WebAbility Accessibility Widget Security & Risk Analysis

wordpress.org/plugins/webability-accessibility-widget

Easy-to-use accessibility widget that makes your website compliant with WCAG and ADA standards. Simple setup with customizable positioning.

80 active installs v2.3.1 PHP 7.4+ WP 5.8+ Updated Apr 12, 2026
accessibilityaccessibility-widgetadawcagweb-accessibility
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is WebAbility Accessibility Widget Safe to Use in 2026?

Generally Safe

Score 100/100

WebAbility Accessibility Widget has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1mo ago
Risk Assessment

The webability-accessibility-widget plugin version 2.0.0 exhibits a mixed security posture. On the positive side, it demonstrates good practices by utilizing prepared statements for all SQL queries, implementing nonce checks for its entry points, and performing capability checks. The absence of dangerous functions, file operations, and known CVEs in its history are also strong indicators of a relatively secure development process and a clean past. However, a significant concern arises from the presence of an unprotected AJAX handler, which represents a direct entry point into the application without proper authentication or authorization checks. While taint analysis did not reveal any vulnerabilities, the lack of sanitization and validation on this unprotected AJAX handler could potentially be exploited if malicious data is passed to it. The plugin's limited attack surface, with only one entry point and no shortcodes, cron events, or REST API routes, mitigates some of the risk associated with the unprotected handler. Overall, while the plugin has solid security foundations, the single unprotected AJAX handler presents a critical vulnerability that needs immediate attention.

Key Concerns

  • Unprotected AJAX handler
  • Inconsistent output escaping
Vulnerabilities
None known

WebAbility Accessibility Widget Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Version History

WebAbility Accessibility Widget Release Timeline

v2.3.1Current
v2.3.0
v2.1.0
v2.0.0
v1.0.0
Code Analysis
Analyzed Mar 16, 2026

WebAbility Accessibility Widget Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
8
13 escaped
Nonce Checks
1
Capability Checks
2
File Operations
0
External Requests
1
Bundled Libraries
0

Output Escaping

62% escaped21 total outputs
Attack Surface
1 unprotected

WebAbility Accessibility Widget Attack Surface

Entry Points1
Unprotected1

AJAX Handlers 1

authwp_ajax_webability_acwg_verifyincludes\verify.php:4
WordPress Hooks 5
actionadmin_menuincludes\admin-page.php:4
actionadmin_enqueue_scriptsincludes\admin-page.php:16
actionwp_enqueue_scriptsincludes\frontend.php:4
filterscript_loader_tagincludes\frontend.php:30
actionadmin_initincludes\settings.php:18
Maintenance & Trust

WebAbility Accessibility Widget Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5
Last updatedApr 12, 2026
PHP min version7.4
Downloads736

Community Trust

Rating0/100
Number of ratings0
Active installs80
Alternatives

WebAbility Accessibility Widget Alternatives

Accessibility Widget by OneTap – Easy One-Click Accessibility Toolbar

Accessibility Widget by OneTap – Easy One-Click Accessibility Toolbar

accessibility-onetap

A
100

OneTap is a multilingual WordPress plugin designed for seamless website accessibility.

40K No CVEs
AccessYes Accessibility Widget for ADA, EAA & WCAG Readiness

AccessYes Accessibility Widget for ADA, EAA & WCAG Readiness

accessibility-widget

A
100

Free WordPress accessibility widget to improve accessibility for your website visitors. Supports efforts towards meeting WCAG, ADA & EAA requirements.

10K 1 CVE
MH-Accessibility

MH-Accessibility

mh-accessibility

A
100

Professional WordPress accessibility widget with 40+ features: WCAG tools, visual adjustments, reading aids, dyslexia mode, compliance support.

0 No CVEs
Web Accessibility by accessiBe

Web Accessibility by accessiBe

accessibe

A
95

Fix accessibility issues & make your site accessible with an AI-powered accessibility service.

10K 5 CVEs
Accessibly – WordPress Website Accessibility

Accessibly – WordPress Website Accessibility

otm-accessibly

C
67

Accessibly app is a WordPress accessibility plugin that will help your website become accessible to even more of your site visitors.

400 1 unpatched
Developer Profile

WebAbility Accessibility Widget Developer Profile

Sidharth Nayyar

1 plugin · 80 total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect WebAbility Accessibility Widget

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/webability-accessibility-widget/wa-admin.js
Script Paths
https://widget-v2.webability.io/widget.min.js

HTML / DOM Fingerprints

Data Attributes
data-asw-langdata-asw-positiondata-asw-debugdata-asw-analyzerdata-asw-offset
JS Globals
WEBABILITY_ACWG_VERIFY
FAQ

Frequently Asked Questions about WebAbility Accessibility Widget