=== Web200 Accessibility Audit ===
Contributors: web200
Requires at least: 6.4
Tested up to: 6.9
Requires PHP: 8.1
Stable tag: 1.1.2
License: GPLv2 or later
License URI: https://www.gnu.org/licenses/gpl-2.0.html

Accessibility auditing and remediation toolkit for WordPress with WCAG 2.2 focused workflows.

== Description ==

Web200 Accessibility Audit helps teams detect, track, and remediate common accessibility issues directly in wp-admin.

Main capabilities:

- Single URL scan and WooCommerce key-page scan.
- Configurable scan engine: server HTML or Rendered DOM (via integration hook) with safe fallback.
- Crawl mode for multiple URLs.
- WCAG issue list with severity, confidence, and practical remediation guidance.
- Runtime remediation toggles with action history and rollback.
- Source-fix workflows for post content with backup and rollback.
- CI gate evaluation, release blockers summary, and exportable evidence.
- Pre-publish gate for editor flow (warn or block mode, with optional strict policy for missing/stale scans and missing baseline).
- Editor-side publish assistant panel with one-click gate check and suggested remediation navigation links.
- Compliance checklist workflow for WCAG 2.2 / EN 301 549.
- Full WCAG 2.2 A/AA criteria matrix with status filters, evidence trace, and one-click remediation guidance where possible.
- CSV/JSON/HTML exports for scan and remediation reporting.
- Admin diagnostics for environment, queue, scheduler, and integration status.

This plugin is designed for real-world editorial and development teams that need fast triage, clear visibility, and deterministic remediation controls.

== Installation ==

1. Upload the plugin files to the `/wp-content/plugins/web200-accessibility-audit` directory, or install the plugin ZIP from the WordPress admin screen.
2. Activate the plugin through the `Plugins` screen in WordPress.
3. Open `Web200 Accessibility Audit` in wp-admin to configure scanning and remediation.

== Frequently Asked Questions ==

= Does the plugin automatically fix every WCAG issue? =

No. The plugin provides deterministic runtime and source-level remediations for selected issue groups, plus guidance for manual fixes.

= Do all features work with every page builder? =

Compatibility depends on builder output and custom markup. The plugin includes builder context, scorecards, and targeted presets to improve coverage.

= Is WooCommerce supported? =

Yes. The plugin includes WooCommerce page targeting and accessibility checks for key store views.

== Screenshots ==

1. Web200 Accessibility Audit dashboard in wp-admin with scan summary, diagnostics, and recent issues.
2. Runtime accessibility toolbar and quick remediation controls on the frontend.

== Changelog ==

= 1.1.2 =
* Security hardening: scan requests now explicitly enforce safe HTTP(S) scheme checks and reject credentialed URLs.
* Security hardening: server-side HTML fetch now uses unsafe-URL rejection, explicit SSL verification, and response size limits.
* Security hardening: scanner now rejects non-2xx HTTP responses and non-HTML content types before parsing.

= 1.1.1 =
* Reworked runtime/frontend CSS output to use WordPress enqueue hooks and inline style APIs instead of direct style tag output.
* Reworked source-fix focus remediation to inject CSS classes and use enqueued stylesheet assets.
* Added missing translators comments for placeholder-based i18n strings in pre-publish gate notices.
* Hardened list-table helper output paths and documented safe escaped HTML output for PHPCS/WPCS.
* Improved option lock-key prefix usage in action processing lock writes.
* Reworked CSV export writer to avoid direct file-stream operations.

= 1.1.0 =
* Improved CI gate triage in post/page lists with clickable counters and clickable legend badges.
* Added one-click "All" filter reset in CI gate counters.
* Added per-user, per-post-type memory of the last selected CI gate filter.
* Extended smoke tests for CI gate filters, links, legend actions, and user preference persistence.

= 1.0.0 =
* Initial stable release with scan, remediation, exports, diagnostics, and compliance workflow.

== Upgrade Notice ==

= 1.1.2 =
Security hardening update for scan input validation and safer remote HTML retrieval.

= 1.1.1 =
Review hardening release for WordPress.org checks (enqueue, i18n comments, escaping, option-prefix consistency, and export internals).
