Does LocalFonts have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is LocalFonts compatible with WordPress 6.9.4?

According to WordPress.org data, LocalFonts 2.0.1 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is LocalFonts compatible with PHP 7.4+?

LocalFonts requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is LocalFonts updated?

LocalFonts was last updated on Apr 15, 2026. Frequent updates are generally a positive security signal.

What is LocalFonts's security score?

LocalFonts has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

LocalFonts Security & Risk Analysis

wordpress.org/plugins/browsefyi-local-font-loader-for-google-fonts

Self-host Google Fonts for faster load times, GDPR/DSGVO compliance, and visitor privacy. Zero configuration required.

0 active installs v2.0.1 PHP 7.4+ WP 5.0+ Updated Apr 15, 2026

gdprgoogle-fontslocal-fontsperformanceself-host

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is LocalFonts Safe to Use in 2026?

Generally Safe

Score 100/100

LocalFonts has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 29d ago

Risk Assessment

The plugin 'browsefyi-local-font-loader-for-google-fonts' version 2.0.1 exhibits a generally strong security posture. The static analysis reveals no dangerous functions, all SQL queries use prepared statements, and all output is properly escaped. There are also no recorded vulnerabilities in its history, suggesting a consistent focus on security. The presence of nonces and capability checks on key operations further reinforces this positive assessment.

Key Concerns

External HTTP requests present
Cron events present

Vulnerabilities

None known

LocalFonts Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

LocalFonts Release Timeline

v2.0.1Current

v2.0

Code Analysis

Analyzed Apr 16, 2026

LocalFonts Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

25 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

100% escaped25 total outputs

Data Flows · Security

All sanitized

Data Flow Analysis

2 flows

lgfl_render_settings_page (localfonts.php:550)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

LocalFonts Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 9

actionplugins_loadedlocalfonts.php:39

actionadmin_initlocalfonts.php:43

actionadmin_menulocalfonts.php:44

actionadmin_post_lgfl_download_fontslocalfonts.php:45

actionadmin_post_lgfl_clear_logslocalfonts.php:46

actionlgfl_async_download_fontlocalfonts.php:50

filterstyle_loader_srclocalfonts.php:55

filterwp_resource_hintslocalfonts.php:56

actiontemplate_redirectlocalfonts.php:60

Scheduled Events 1

lgfl_async_download_font

Maintenance & Trust

LocalFonts Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedApr 15, 2026

PHP min version7.4

Downloads72

Community Trust

Rating0/100

Number of ratings0

Active installs0

Alternatives

LocalFonts Alternatives

Local Fonts Uploader – Upload & Host Any Font Locally for GDPR

local-fonts-uploader

100

Easily upload and host fonts locally. Avoid external requests to enhance security, privacy, speed, and GDPR compliance.

3K No CVEs

GDPR Localizer – Smart Google Fonts Local Hosting & DSGVO Compliance

gdpr-localizer

100

Automatically localizes Google Fonts to comply with GDPR/DSGVO requirements by hosting them on your own server. Set it and forget it.

0 No CVEs

TypeFlow Font Loader for Google Fonts

typeflow-font-loader-google-fonts

100

Beautiful Google Fonts for WordPress with self-hosted GDPR-compliant mode — no coding required.

0 No CVEs

Custom Fonts – Host Your Fonts Locally

custom-fonts

Custom Fonts is a powerful WordPress plugin that allows you to upload your own custom fonts or choose from a vast collection of Google Fonts, all host …

400K 2 CVEs

Disable and Remove Google Fonts | GDPR & DSGVO friendly

disable-remove-google-fonts

100

Improve frontend performance by disabling Google Fonts. GDPR and DSGVO friendly.

100K No CVEs

Developer Profile

LocalFonts Developer Profile

Browse.FYI

1 plugin · 0 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect LocalFonts

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/browsefyi-local-font-loader-for-google-fonts/lgfl-main.css/wp-content/plugins/browsefyi-local-font-loader-for-google-fonts/lgfl-admin.css/wp-content/plugins/browsefyi-local-font-loader-for-google-fonts/lgfl-admin.js

Script Paths

/wp-content/plugins/browsefyi-local-font-loader-for-google-fonts/lgfl-admin.js

Version Parameters

browsefyi-local-font-loader-for-google-fonts/lgfl-main.css?ver=browsefyi-local-font-loader-for-google-fonts/lgfl-admin.css?ver=browsefyi-local-font-loader-for-google-fonts/lgfl-admin.js?ver=

HTML / DOM Fingerprints

CSS Classes

lgfl-settings-wraplgfl-font-manager-wraplgfl-font-table-rowlgfl-font-namelgfl-font-statuslgfl-font-actionlgfl-settings-buttonlgfl-button+4 more

HTML Comments

+1 more

Data Attributes

data-lgfl-font-namedata-lgfl-font-statusdata-lgfl-font-action

JS Globals

lgfl_localize_dataLGFL_SettingsLGFL_FontManagerLGFL_FontTable

FAQ