Does Awesome Capital Letter have any unpatched vulnerabilities?

No. All known vulnerabilities in Awesome Capital Letter have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Awesome Capital Letter compatible with WordPress 4.0.38?

According to WordPress.org data, Awesome Capital Letter 1.0 has been tested up to WordPress 4.0.38. Check the plugin's changelog for the latest compatibility information.

How often is Awesome Capital Letter updated?

Awesome Capital Letter was last updated on Jan 6, 2015. Frequent updates are generally a positive security signal.

What is Awesome Capital Letter's security score?

Awesome Capital Letter has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Awesome Capital Letter Security & Risk Analysis

wordpress.org/plugins/awesome-capital-letter

This is awesome capital letter plugins.

10 active installs v1.0 PHP + WP 3.0.1+ Updated Jan 6, 2015

capital-letterfont-styleletter-style

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Awesome Capital Letter Safe to Use in 2026?

Generally Safe

Score 85/100

Awesome Capital Letter has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 11yr ago

Risk Assessment

The "awesome-capital-letter" v1.0 plugin exhibits a generally positive security posture regarding its attack surface and SQL handling. The complete absence of AJAX handlers, REST API routes, shortcodes, and cron events significantly limits potential entry points for attackers. Furthermore, the fact that all SQL queries, if any were present, utilize prepared statements is a strong indicator of good practice in preventing SQL injection vulnerabilities. The lack of known CVEs and historical vulnerabilities is also a very encouraging sign, suggesting a well-maintained and relatively secure codebase over time.

However, a significant concern arises from the static analysis revealing that 0% of the 24 identified output points are properly escaped. This is a critical weakness as it leaves the plugin highly susceptible to Cross-Site Scripting (XSS) attacks. Any data processed or displayed by the plugin, even if it originates from seemingly safe sources, could be maliciously crafted to execute arbitrary JavaScript in the user's browser. The absence of taint analysis results, while not necessarily indicating a problem, could also mean the analysis was not comprehensive or the plugin has very limited dynamic behavior.

In conclusion, while the plugin avoids common pitfalls like raw SQL queries and a large attack surface, the lack of output escaping represents a severe and actionable security risk. This deficiency needs immediate attention to prevent exploitation. The vulnerability history is a strength, but it does not negate the present and immediate danger posed by the unescaped output.

Key Concerns

0% of outputs properly escaped
No nonce checks
No capability checks

Vulnerabilities

None known

Awesome Capital Letter Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

Awesome Capital Letter Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

0 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

0% escaped24 total outputs

Attack Surface

Awesome Capital Letter Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 8

actioninitplugins-main.php:32

actionwp_enqueue_scriptsplugins-main.php:43

actionadmin_menuplugins-main.php:51

actionadmin_enqueue_scriptsplugins-main.php:62

actionadmin_initplugins-main.php:84

actionwp_headplugins-main.php:308

filterthe_contentplugins-main.php:309

filterplugin_action_linksplugins-main.php:313

Maintenance & Trust

Awesome Capital Letter Maintenance & Trust

Maintenance Signals

WordPress version tested4.0.38

Last updatedJan 6, 2015

PHP min version

Downloads2K

Community Trust

Rating74/100

Number of ratings3

Active installs10

Alternatives

Awesome Capital Letter Alternatives

Fonts Typo | Fonts Typography

fonts-typo

By using this plugin you can change your website font family style with the google fonts.

100 No CVEs

Developer Profile

Awesome Capital Letter Developer Profile

rkpolin

1 plugin · 10 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Awesome Capital Letter

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/awesome-capital-letter/css/style.css/wp-content/plugins/awesome-capital-letter/js/capital-0.1.min.js/wp-content/plugins/awesome-capital-letter/js/capital_color_picker_javascript.js

Script Paths

/wp-content/plugins/awesome-capital-letter/js/capital-0.1.min.js/wp-content/plugins/awesome-capital-letter/js/capital_color_picker_javascript.js

HTML / DOM Fingerprints

HTML Comments

Copyright YEAR Md. Rejaul Karim Polin (email : rkpolin@gmail.com)This program is free software; you can redistribute it and/or modifyit under the terms of the GNU General Public License, version 2, aspublished by the Free Software Foundation.+14 more

Data Attributes

id="capitalletter_color"class="my-color-field"id=""name="capitalletter_options[capitalletter_font_family]"id="arial, cursive"id="Kaushan Script, cursive"+11 more

FAQ