=== Web200 Accessibility Audit === Contributors: web200 Requires at least: 6.4 Tested up to: 6.9 Requires PHP: 8.1 Stable tag: 1.1.2 License: GPLv2 or later License URI: https://www.gnu.org/licenses/gpl-2.0.html Accessibility auditing and remediation toolkit for WordPress with WCAG 2.2 focused workflows. == Description == Web200 Accessibility Audit helps teams detect, track, and remediate common accessibility issues directly in wp-admin. Main capabilities: - Single URL scan and WooCommerce key-page scan. - Configurable scan engine: server HTML or Rendered DOM (via integration hook) with safe fallback. - Crawl mode for multiple URLs. - WCAG issue list with severity, confidence, and practical remediation guidance. - Runtime remediation toggles with action history and rollback. - Source-fix workflows for post content with backup and rollback. - CI gate evaluation, release blockers summary, and exportable evidence. - Pre-publish gate for editor flow (warn or block mode, with optional strict policy for missing/stale scans and missing baseline). - Editor-side publish assistant panel with one-click gate check and suggested remediation navigation links. - Compliance checklist workflow for WCAG 2.2 / EN 301 549. - Full WCAG 2.2 A/AA criteria matrix with status filters, evidence trace, and one-click remediation guidance where possible. - CSV/JSON/HTML exports for scan and remediation reporting. - Admin diagnostics for environment, queue, scheduler, and integration status. This plugin is designed for real-world editorial and development teams that need fast triage, clear visibility, and deterministic remediation controls. == Installation == 1. Upload the plugin files to the `/wp-content/plugins/web200-accessibility-audit` directory, or install the plugin ZIP from the WordPress admin screen. 2. Activate the plugin through the `Plugins` screen in WordPress. 3. Open `Web200 Accessibility Audit` in wp-admin to configure scanning and remediation. == Frequently Asked Questions == = Does the plugin automatically fix every WCAG issue? = No. The plugin provides deterministic runtime and source-level remediations for selected issue groups, plus guidance for manual fixes. = Do all features work with every page builder? = Compatibility depends on builder output and custom markup. The plugin includes builder context, scorecards, and targeted presets to improve coverage. = Is WooCommerce supported? = Yes. The plugin includes WooCommerce page targeting and accessibility checks for key store views. == Screenshots == 1. Web200 Accessibility Audit dashboard in wp-admin with scan summary, diagnostics, and recent issues. 2. Runtime accessibility toolbar and quick remediation controls on the frontend. == Changelog == = 1.1.2 = * Security hardening: scan requests now explicitly enforce safe HTTP(S) scheme checks and reject credentialed URLs. * Security hardening: server-side HTML fetch now uses unsafe-URL rejection, explicit SSL verification, and response size limits. * Security hardening: scanner now rejects non-2xx HTTP responses and non-HTML content types before parsing. = 1.1.1 = * Reworked runtime/frontend CSS output to use WordPress enqueue hooks and inline style APIs instead of direct style tag output. * Reworked source-fix focus remediation to inject CSS classes and use enqueued stylesheet assets. * Added missing translators comments for placeholder-based i18n strings in pre-publish gate notices. * Hardened list-table helper output paths and documented safe escaped HTML output for PHPCS/WPCS. * Improved option lock-key prefix usage in action processing lock writes. * Reworked CSV export writer to avoid direct file-stream operations. = 1.1.0 = * Improved CI gate triage in post/page lists with clickable counters and clickable legend badges. * Added one-click "All" filter reset in CI gate counters. * Added per-user, per-post-type memory of the last selected CI gate filter. * Extended smoke tests for CI gate filters, links, legend actions, and user preference persistence. = 1.0.0 = * Initial stable release with scan, remediation, exports, diagnostics, and compliance workflow. == Upgrade Notice == = 1.1.2 = Security hardening update for scan input validation and safer remote HTML retrieval. = 1.1.1 = Review hardening release for WordPress.org checks (enqueue, i18n comments, escaping, option-prefix consistency, and export internals).