Title: Aura Frontend Inspector Author: Pedro Matias (FroPT) Published: June 16, 2026 Last modified: June 16, 2026 --- Search plugins ![](https://ps.w.org/aura-frontend-inspector/assets/banner-772x250.png?rev=3574373) ![](https://ps.w.org/aura-frontend-inspector/assets/icon-256x256.png?rev=3574373) # Aura Frontend Inspector By [Pedro Matias (FroPT)](https://profiles.wordpress.org/fropt/) [Download](https://downloads.wordpress.org/plugin/aura-frontend-inspector.zip) * [Details](https://wordpress.org/plugins/aura-frontend-inspector/#description) * [Reviews](https://wordpress.org/plugins/aura-frontend-inspector/#reviews) * [Installation](https://wordpress.org/plugins/aura-frontend-inspector/#installation) * [Development](https://wordpress.org/plugins/aura-frontend-inspector/#developers) [Support](https://wordpress.org/support/plugin/aura-frontend-inspector/) ## Description **Aura Frontend Inspector** is a professional-grade debugging tool designed for WordPress developers and agencies who need to ensure their sites are compliant, accessible, and error-free. Unlike traditional auditors, Aura is built for the AI era. It features the **ARF 1.0 (Aura Report Format)**, a structured data standard that allows you to copy detected issues directly into AI tools like ChatGPT or Claude to receive instant, context- aware code fixes. ### Built for AI-Assisted Debugging Every issue detected by Aura includes a **“Copy AI Prompt”** button. This assembles a high-signal prompt containing the exact HTML snippet, site environment, and error metadata in the ARF 1.0 format. Simply paste it into your favorite LLM for a precise solution tailored to your WordPress site. ### Professional Accessibility (A11y) Auditing Ensure your site meets WCAG 2.1 standards with real-time detection of: * **Duplicate IDs**: Finds elements sharing IDs that break screen readers and ARIA landmarks. *** Missing Labels**: Identifies form inputs without accessible names. * **ARIA Integrity**: Detects broken `aria-labelledby`, `aria-describedby`, and hidden focusable elements.*** Semantic Structure**: Validates heading levels (H1-H6), main landmarks, and page titles. * **Interactive Elements**: Flags non-interactive elements with click handlers and buttons without types. ### Developer-First Features * **Persistent Logging**: Issues are stored in a dedicated database table with rate-limiting and deduplication. * **HTML Snapshots**: Capture the full rendered DOM of any page for offline audit or historical reference. * **Environment Aware**: Configure Aura to run only in `Development` or `Staging` modes to protect production performance. * **Auto-Fix Engine**: Optionally allow Aura to automatically resolve common issues like duplicate IDs on the fly. * **Export Options**: Download professional CSV logs or ARF 1.0 JSON reports for your client audits. ### Part of the Aura Plugin Series Aura Frontend Inspector is part of the **Aura Plugin Series**, a suite of AI-native tools including **Aura Static Security Analyzer** and **Aura Login**. Together, they provide a unified “Security & Compliance” ecosystem for WordPress professionals. ## Installation 1. Upload the `aura-frontend-inspector` folder to the `/wp-content/plugins/` directory, or install directly through the WordPress plugins screen. 2. Activate the plugin through the ‘Plugins’ screen in WordPress. 3. Navigate to the **Aura FI** menu in your admin sidebar. 4. Enable the debugger and visit any page on your frontend to start detecting issues. ## FAQ ### Does this plugin affect my site’s speed? Aura is highly optimized. The detection engine runs in the client’s browser, and the logging system uses a dedicated database table with rate-limiting to ensure zero impact on your server’s core performance. ### What is ARF 1.0? ARF (Aura Report Format) is a standardized JSON schema created by the Aura team. It is designed to be “AI-Readable,” allowing developers to pass complex technical issues to LLMs without manual formatting. ### Can I use this for ADA/WCAG compliance? Yes. Aura is an excellent tool for identifying Level A and AA violations. Use the ARF export to generate audit reports for your clients or legal compliance teams. ### Does it work with Page Builders? Absolutely. Aura inspects the _rendered_ HTML, meaning it works perfectly with Elementor, Divi, Beaver Builder, and the Block Editor (Gutenberg). ## Reviews There are no reviews for this plugin. ## Contributors & Developers “Aura Frontend Inspector” is open source software. The following people have contributed to this plugin. Contributors * [ Pedro Matias (FroPT) ](https://profiles.wordpress.org/fropt/) [Translate “Aura Frontend Inspector” into your language.](https://translate.wordpress.org/projects/wp-plugins/aura-frontend-inspector) ### Interested in development? [Browse the code](https://plugins.trac.wordpress.org/browser/aura-frontend-inspector/), check out the [SVN repository](https://plugins.svn.wordpress.org/aura-frontend-inspector/), or subscribe to the [development log](https://plugins.trac.wordpress.org/log/aura-frontend-inspector/) by [RSS](https://plugins.trac.wordpress.org/log/aura-frontend-inspector/?limit=100&mode=stop_on_copy&format=rss). ## Changelog #### 2.5.9 * FIX: Logs table timestamps were off by exactly the site’s UTC offset (e.g. “- 3600 seconds ago” on a UTC+1 site) — aura_fi_format_timestamp() was double-applying the timezone offset on an already-local timestamp. #### 2.5.8 * FIX: “Scan Now” did nothing when the passive-monitoring toggle/environment heuristic considered debugging inactive — the scan engine module is now always loaded, and an explicit admin-triggered scan always runs regardless of that heuristic. * FIX: Default landing page changed from Logs to Settings, so the enable toggle is visible immediately instead of being buried in a second tab. * NEW: A “Scan Now” that finds zero issues now logs a “Scan Complete — No issues found” entry instead of silently doing nothing, so a clean scan is no longer indistinguishable from a broken one. #### 2.5.7 * FIX: Scanner no longer reports false positives for elements inside the WP admin bar (#wpadminbar) or Query Monitor panels (#qm, [id^=”qm-“]). * COMPLIANCE: Replaced json_encode() with wp_json_encode() for inline script output. * COMPLIANCE: ABSPATH guard in RuleRegistry moved before use statements to satisfy Plugin Check. * COMPLIANCE: $_GET[‘nonce’] and $_POST[‘nonce’] in get_logs() now individually unslashed; correct NonceVerification phpcs:ignore codes added. * COMPLIANCE: $_GET[‘limit’] in export_logs_json() now unslashed before intval(). * COMPLIANCE: Migration INSERT IGNORE query phpcs:ignore extended to cover DirectQuery and NoCaching sniffs. * CHANGE: Tested up to WordPress 7.0. * UI: False Positive column header widened to prevent text wrapping in Logs table. * UI: “View Code” column renamed to “Line” and now displays the detected source line number. #### 2.5.6 * COMPLIANCE: register_setting() updated to array form with explicit type and sanitize_callback. * COMPLIANCE: exclude_wp_core_elements option now correctly sanitized in sanitizeOptions()— was silently dropped on save. * COMPLIANCE: HTML capture feature removed from free build; unsanitized full-page HTML cannot be adequately sanitized with WordPress built-ins without breaking the feature. * SECURITY: json_last_error() validation added after JSON decode in LogHandler and ValidationHandler. #### 2.5.5 * COMPLIANCE: wp_die() calls in LogHandler now wrapped with esc_html__() for proper escaping and i18n compatibility. #### 2.5.4 * CHANGE: AJAX handler modularised — Handler.php split into AbstractHandler, CaptureHandler, ValidationHandler, and LogHandler. * UI: Removed non-functional light/dark theme toggle from Captures page; stripped all emoji characters from Captures admin page. * BUILD: openspec/ directory excluded from distribution zip. #### 2.5.3 * FIX: validate_html() fatal HTTP 500 — Aura_FI_HTML_Validator class reference prefixed with \ to resolve from global namespace. #### 2.5.2 * SECURITY: Rate-limit directory now uses wp_upload_dir() for compatibility with custom upload paths. * SECURITY: HTML captures directory protected with deny-from-all .htaccess on creation. * SECURITY: capture_html() rejects payloads exceeding 5 MB. * FIX: JSON validation_options boolean flags and max_issues explicitly cast after array_merge(). #### 2.5.1 * COMPLIANCE: Removed remaining inline blocks from Captures and LogsTable pages; JS now served via properly enqueued files. * COMPLIANCE: Added sanitize_text_field(wp_unslash()) before wp_verify_nonce() for all three nonce checks in Captures page (delete_file, delete_all, force_update_config). * COMPLIANCE: Assets class extended to register and enqueue split admin JS files( admin-dashboard, admin-settings, admin-logs-table, admin-captures). #### 2.5.0 * UI: Separated Settings & Logs into two distinct pages. * UI: New tab order — Logs, HTML Captures, Settings, About. * UI: Dashboard statistics cards and log table now live exclusively in the Logs tab. * UI: Settings tab contains only plugin configuration options. * UI: Added (i) info icon to every setting with contextual tooltips; Debug Mode tooltip explains when to choose each environment. * UI: Debug Mode header now shows the active mode name (Development / Staging / Production) instead of the word “SELECT”. * UI: Debug Mode label updates live when the user changes the select, before saving. * UI: Maximum Log Entries and Maximum HTML Captures now show the current value in the header; value updates live as you type. * UI: URLs to Exclude shows an “Edit ›” hint in the header that highlights on hover. * CHANGE: Detect Duplicate IDs and Detect Missing Labels are now always enabled and no longer appear as user-configurable toggles. * SECURITY: Added capability check (aura_fi_current_user_can_access) to log_issue, capture_html, and validate_html AJAX handlers; previously these relied solely on nonce verification. #### 2.4.8 * SECURITY: Added sanitize_text_field() before wp_verify_nonce() in Captures.php( 3 remaining call sites). * SECURITY: json_decode() on $_POST[‘issues’] now uses explicit unslash-then-decode pattern with is_array() guard. * COMPLIANCE: Contributors field in readme.txt corrected to match WordPress.org account username. #### 2.4.7 * SECURITY: All nonce verifications now use sanitize_text_field() before wp_verify_nonce()( 7 call sites). * SECURITY: json_decode() result on validation_options now validated as array before use. * COMPLIANCE: Removed all inline blocks from admin pages; JS extracted to separate enqueued files. * COMPLIANCE: Chart.js bundled locally (assets/vendor/chartjs/); CDN dependency removed. * COMPLIANCE: Rate-limit transient keys prefixed with aurafrin_ instead of generic ajax_. * COMPLIANCE: Debug-active admin notice now scoped to plugin pages only. * COMPLIANCE: Removed Plugin URI pointing to a 404 page. #### 2.4.0 * NEW: Full support for ARF 1.0 (Aura Report Format). * NEW: “Copy AI Prompt” button for instant AI-assisted fixes. * IMPROVED: Enhanced heuristics for mapping DOM elements to source line numbers. * FIX: Performance optimizations for sites with large DOM trees. #### 2.1.0 * PSR-4 Migration: Core architecture refactored for better performance and extensibility. * New modular rule engine: Easily toggle specific detection rules. * Added support for ARIA attribute validation and interactive element checks. #### 2.0.0 * Major Rebrand: Plugin renamed to Aura Frontend Inspector. * New top-level admin menu and unified UI. * Added persistence layer: Issues are now stored in a custom DB table. #### 1.0.0 * Initial release with basic HTML and duplicate ID detection. ## Meta * Version **2.5.9** * Last updated **4 hours ago** * Active installations **Fewer than 10** * WordPress version ** 6.2 or higher ** * Tested up to **7.0** * PHP version ** 7.4 or higher ** * Tags * [a11y](https://wordpress.org/plugins/tags/a11y/)[accessibility](https://wordpress.org/plugins/tags/accessibility/) [audit](https://wordpress.org/plugins/tags/audit/)[html](https://wordpress.org/plugins/tags/html/) [inspector](https://wordpress.org/plugins/tags/inspector/) * [Advanced View](https://wordpress.org/plugins/aura-frontend-inspector/advanced/) ## Ratings No reviews have been submitted yet. [Your review](https://wordpress.org/support/plugin/aura-frontend-inspector/reviews/#new-post) [See all reviews](https://wordpress.org/support/plugin/aura-frontend-inspector/reviews/) ## Contributors * [ Pedro Matias (FroPT) ](https://profiles.wordpress.org/fropt/) ## Support Got something to say? Need help? [View support forum](https://wordpress.org/support/plugin/aura-frontend-inspector/)