DSGVO Google Web Fonts GDPR Security & Risk Analysis
wordpress.org/plugins/dsgvo-google-web-fonts-gdprThe Plugin scan yout Theme functions.php file if there any Google Font calls. If there any calls to the Google font serber, the plugin get the font ur …
Is DSGVO Google Web Fonts GDPR Safe to Use in 2026?
Use With Caution
Score 55/100DSGVO Google Web Fonts GDPR has 1 unpatched vulnerability. Evaluate alternatives or apply available mitigations.
The "dsgvo-google-web-fonts-gdpr" plugin v1.1 exhibits several concerning security weaknesses. While it demonstrates good practices in its handling of SQL queries, the presence of two AJAX handlers without authentication checks significantly expands the attack surface and creates readily accessible entry points for malicious actors. The taint analysis revealing flows with unsanitized paths further exacerbates this issue, suggesting potential for unexpected behavior or exploitation if these paths are manipulated.
The plugin's vulnerability history is a major red flag, with a known critical CVE that remains unpatched. The previous critical vulnerability was related to unrestricted file uploads, which is a severe issue that could lead to code execution. The fact that a critical vulnerability is still present indicates a lack of ongoing security diligence and patching processes.
In conclusion, despite the plugin's positive use of prepared statements for SQL, the critical unpatched vulnerability, unprotected AJAX endpoints, and potential taint flow issues paint a picture of a high-risk plugin. The consistent pattern of critical vulnerabilities suggests a fundamental flaw in the plugin's development and maintenance, making it a significant security concern.
Key Concerns
- Unpatched critical CVE
- AJAX handlers without auth checks
- Flows with unsanitized paths
- Low output escaping coverage
- No capability checks
DSGVO Google Web Fonts GDPR Security Vulnerabilities
CVEs by Year
Severity Breakdown
1 total CVE
DSGVO Google Web Fonts GDPR <= 1.1 - Unauthenticated Arbitrary File Upload via 'fonturl' Parameter
DSGVO Google Web Fonts GDPR Release Timeline
DSGVO Google Web Fonts GDPR Code Analysis
Output Escaping
Data Flow Analysis
DSGVO Google Web Fonts GDPR Attack Surface
AJAX Handlers 2
WordPress Hooks 5
Maintenance & Trust
DSGVO Google Web Fonts GDPR Maintenance & Trust
Maintenance Signals
Community Trust
DSGVO Google Web Fonts GDPR Alternatives
Disable and Remove Google Fonts | GDPR & DSGVO friendly
disable-remove-google-fonts
Improve frontend performance by disabling Google Fonts. GDPR and DSGVO friendly.
Self-Hosted Google Fonts
selfhost-google-fonts
Automatically self-host all the Google Fonts on your site. Plug and play.
Yabe Webfont – Use Custom Fonts, Google Fonts or Adobe Fonts
yabe-webfont
Easy self-host Google Fonts, Adobe Fonts support, or upload custom fonts in WordPress. Integrated into the most popular themes and page builders.
GDPR Localizer – Smart Google Fonts Local Hosting & DSGVO Compliance
gdpr-localizer
Automatically localizes Google Fonts to comply with GDPR/DSGVO requirements by hosting them on your own server. Set it and forget it.
GDPR Cookie Compliance – Cookie Banner, Cookie Consent, Cookie Notice for CCPA, EU Cookie Law
gdpr-cookie-compliance
Cookie notice banner for GDPR, CCPA, EU cookie law, data protection and privacy regulations and other cookie law and consent notice requirements on yo …
DSGVO Google Web Fonts GDPR Developer Profile
8 plugins · 21K total installs
How We Detect DSGVO Google Web Fonts GDPR
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
/wp-content/plugins/dsgvo-google-web-fonts-gdpr/core/assets/css/admin-style.cssHTML / DOM Fingerprints
gfontsdnldstscontent_url()