Does Advanced Typekit have any unpatched vulnerabilities?

Yes — Advanced Typekit currently has 1 unpatched vulnerability. We recommend switching to an alternative or applying any available workarounds.

Is Advanced Typekit compatible with WordPress 3.1.4?

According to WordPress.org data, Advanced Typekit 1.0.1 has been tested up to WordPress 3.1.4. Check the plugin's changelog for the latest compatibility information.

How often is Advanced Typekit updated?

Advanced Typekit was last updated on Aug 10, 2010. Frequent updates are generally a positive security signal.

What is Advanced Typekit's security score?

Advanced Typekit has a WP-Safety security score of 64/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Advanced Typekit Security & Risk Analysis

wordpress.org/plugins/advanced-typekit

Allows you to add Typekit fonts to your site, by targetting them to specific elements using css selectors from the admin panel.

60 active installs v1.0.1 PHP + WP 2.9+ Updated Aug 10, 2010

fontstypekittypographywebfonts

C · Use Caution

CVEs total1

Unpatched1

Last CVEApr 2, 2025

Plugin page Download

Safety Verdict

Is Advanced Typekit Safe to Use in 2026?

Use With Caution

Score 64/100

Advanced Typekit has 1 unpatched vulnerability. Evaluate alternatives or apply available mitigations.

1 known CVE 1 unpatched Last CVE: Apr 2, 2025Updated 15yr ago

Risk Assessment

The 'advanced-typekit' plugin version 1.0.1 exhibits a concerning security posture due to several critical findings. While it doesn't appear to use dangerous functions or engage in raw SQL queries, a significant risk stems from its unprotected AJAX handler. This entry point lacks any authentication or capability checks, making it a prime target for unauthorized actions. Furthermore, the complete absence of output escaping across all identified outputs is a major weakness, strongly suggesting a high susceptibility to Cross-Site Scripting (XSS) vulnerabilities. The plugin's vulnerability history, specifically a known medium-severity XSS vulnerability that remains unpatched, amplifies these concerns. This pattern indicates a lack of proactive security maintenance. Despite the positive note on SQL practices, the combination of an unprotected attack surface, widespread output escaping failures, and an existing unpatched vulnerability paints a picture of a plugin that requires immediate attention and remediation.

Key Concerns

Unprotected AJAX handler
No output escaping
Unpatched CVE
No capability checks
No nonce checks

Vulnerabilities

Advanced Typekit Security Vulnerabilities

CVEs by Year

1 CVE in 2025 · unpatched

2025

Patched Has unpatched

Severity Breakdown

Medium

1 total CVE

CVE-2025-31622medium · 6.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Advanced Typekit <= 1.0.1 - Authenticated (Subscriber+) Stored Cross-Site Scripting

Apr 2, 2025Unpatched

Code Analysis

Analyzed Mar 16, 2026

Advanced Typekit Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

0 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

0% escaped8 total outputs

Attack Surface

1 unprotected

Advanced Typekit Attack Surface

Entry Points1

Unprotected1

AJAX Handlers 1

authwp_ajax_advanced-typekitadvanced-typekit.php:23

WordPress Hooks 4

actionadmin_initadvanced-typekit.php:21

actionadmin_menuadvanced-typekit.php:22

actionwp_print_scriptsadvanced-typekit.php:29

actionwp_print_stylesadvanced-typekit.php:30

Maintenance & Trust

Advanced Typekit Maintenance & Trust

Maintenance Signals

WordPress version tested3.1.4

Last updatedAug 10, 2010

PHP min version

Downloads9K

Community Trust

Rating0/100

Number of ratings0

Active installs60

Alternatives

Advanced Typekit Alternatives

Easy Google Fonts

easy-google-fonts

Adds google fonts to any theme without coding and integrates with the WordPress Customizer automatically for a realtime live preview.

100K No CVEs

Dehkadeh Fonts

dehkadeh-fonts

This plugin help you to set persian fonts and size for different parts of the theme via wordpress customizer as easily. Also you can set the custom fo …

1K No CVEs

Google Webfonts For Woo Framework

google-fonts-for-woo-framework

Give the WooThemes framework access to the full range of current Google Webfonts.

300 No CVEs

No Google Fonts

no-google-fonts

Prevent Google fonts from loading on the frontend of the website.

10 No CVEs

Fonts Plugin | Use Google Fonts, Adobe Fonts or Upload Fonts

olympus-google-fonts

The easiest to customize fonts in WordPress. Optimized for Speed. 1000+ font choices. Supports Google Fonts, Adobe Fonts and Upload Fonts.

200K 3 CVEs

Developer Profile

Advanced Typekit Developer Profile

Utkarsh Kukreti

7 plugins · 130 total installs

trust score

Avg Security Score

86/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Advanced Typekit

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Script Paths

advanced-typekit/advanced-typekit.php

Version Parameters

advanced-typekit/advanced-typekit.php?ver=

HTML / DOM Fingerprints

CSS Classes

advanced-typekit-options

HTML Comments

<!-- <th class="check-column" scope="row" style="padding:15px 10px;"><input type="checkbox" value="advanced-typekit/advanced-typekit.php" name="checked[]"></th> -->

Data Attributes

advanced_typekit[api_key]advanced_typekit[enabled]advanced_typekit[data][][selectors]advanced_typekit[data][][extra_css]

JS Globals

WebFontConfig

REST Endpoints

/wp-json/advanced-typekit

FAQ