Vulnerabilities and security researches foraccessibility-checker accessibility-checker
Direction: ascendingJun 07, 2024
Equalize Digital Accessibility Checker – Audit Your Website for WCAG, ADA, and Section 508 Accessibility Errors # 00953e40d1a23c96a72bb008c75ee1e862e1c06b
- CVE, Research URL
- Date
- Feb 28, 2022
- Research Description
- Equalize Digital Accessibility Checker – Audit Your Website for WCAG, ADA, and Section 508 Accessibility Errors [accessibility-checker] < 1.2.8 WordPress Accessibility Checker by Equalize Digital plugin < 1.2.8 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability discovered in WordPress Accessibility Checker by Equalize Digital plugin (versions < 1.2.8).
- Affected versions
-
max 1.2.8.
- Status
-
vulnerable
Nov 16, 2024
Equalize Digital Accessibility Checker – Audit Your Website for WCAG, ADA, and Section 508 Accessibility Errors # CVE-2022-4974
- CVE, Research URL
- Date
- Oct 16, 2024
- Research Description
- The Freemius SDK, as used by hundreds of WordPress plugin and theme developers, was vulnerable to Cross-Site Request Forgery and Information disclosure due to missing capability checks and nonce protection on the _get_debug_log, _get_db_option, and the _set_db_option functions in versions up to, and including 2.4.2. Any WordPress plugin or theme running a version of Freemius less than 2.4.3 is vulnerable.
- Affected versions
-
max 1.2.8.
- Status
-
vulnerable
Aug 24, 2025
Equalize Digital Accessibility Checker – Audit Your Website for WCAG, ADA, and Section 508 Accessibility Errors # CVE-2025-57886
- CVE, Research URL
- Date
- Aug 22, 2025
- Research Description
- Authorization Bypass Through User-Controlled Key vulnerability in Equalize Digital Accessibility Checker by Equalize Digital allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Accessibility Checker by Equalize Digital: from n/a through 1.30.0.
- Affected versions
-
max 1.30.1.
- Status
-
vulnerable
Sep 10, 2025
Equalize Digital Accessibility Checker – Audit Your Website for WCAG, ADA, and Section 508 Accessibility Errors # CVE-2025-58976
- CVE, Research URL
- Date
- Sep 09, 2025
- Research Description
- Missing Authorization vulnerability in Equalize Digital Accessibility Checker by Equalize Digital allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Accessibility Checker by Equalize Digital: from n/a through 1.31.0.
- Affected versions
-
max 1.31.1.
- Status
-
vulnerable
Equalize Digital Accessibility Checker – Audit Your Website for WCAG, ADA, and Section 508 Accessibility Errors # CVE-2025-58981
- CVE, Research URL
- Date
- Sep 09, 2025
- Research Description
- Missing Authorization vulnerability in Equalize Digital Accessibility Checker by Equalize Digital allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Accessibility Checker by Equalize Digital: from n/a through 1.31.0.
- Affected versions
-
max 1.31.1.
- Status
-
vulnerable
May 30, 2026
Equalize Digital Accessibility Checker – Audit Your Website for WCAG, ADA, and Section 508 Accessibility Errors # CVE-2026-9015
- CVE, Research URL
- Date
- May 28, 2026
- Research Description
- The Equalize Digital Accessibility Checker – WCAG, ADA, EAA and Section 508 compliance plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 1.42.0. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for authenticated attackers, with subscriber-level access and above, to modify the ignore state, ignore reason, and ignore comment of arbitrary accessibility issues across the entire site — including mass modification of all rows sharing an 'object' identifier when largeBatch=true is supplied — corrupting accessibility audit integrity by hiding or dismissing findings outside their authorization scope.
- Affected versions
-
max 1.42.1.
- Status
-
vulnerable