PatchSiren

equalizedigital CVE debriefs

These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.

MEDIUM equalizedigital CVE published 2026-06-18

CVE-2026-9199

The Equalize Digital Accessibility Checker – WCAG, ADA, EAA and Section 508 compliance plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 1.42.1. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for authenticated attackers, with author-level access and above, to dismiss, ignore, or restore [truncated]

MEDIUM equalizedigital CVE published 2026-05-28

CVE-2026-9015

The Equalize Digital Accessibility Checker plugin for WordPress contains an authorization bypass vulnerability affecting versions up to and including 1.42.0. The flaw allows authenticated attackers with subscriber-level access or higher to modify accessibility issue metadata—including ignore state, ignore reason, and ignore comments—without proper authorization verification. When the largeBatch=true param [truncated]