WP-Safety

Easy Symbols & Icons Security & Risk Analysis

wordpress.org/plugins/easy-symbols-icons

A simple WordPress plugin to manage and use icon fonts via a block editor with easy font uploads and selection.

0 active installs v1.0.0 PHP 8.2+ WP 6.2+ Updated Unknown
block-editoreasy-symbol-iconfont-managementicon-fontsicons
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Easy Symbols & Icons Safe to Use in 2026?

Generally Safe

Score 100/100

Easy Symbols & Icons has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs
Risk Assessment

The "easy-symbols-icons" v1.0.0 plugin exhibits a concerning security posture due to a significant number of unprotected entry points into its codebase. While the plugin avoids the use of dangerous functions and largely employs prepared statements for SQL queries, the lack of authentication and capability checks on several AJAX handlers and REST API routes presents a substantial attack surface. This means that unauthorized users could potentially interact with or manipulate these endpoints, leading to unintended consequences. The plugin's static analysis also indicates a generally good practice in output escaping, and importantly, there is no historical vulnerability data, suggesting a proactive approach to security or perhaps limited exposure. However, the presence of unprotected entry points, even without critical taint flows or known CVEs, represents a clear and present risk that needs to be addressed to improve the overall security of sites using this plugin. The plugin's strengths lie in its internal code hygiene regarding SQL and output, but these are overshadowed by the external exposure due to the lack of proper authorization mechanisms.

Key Concerns

  • Unprotected AJAX handler
  • Unprotected REST API route
  • Unprotected REST API route
  • No capability checks found
Vulnerabilities
None known

Easy Symbols & Icons Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 17, 2026

Easy Symbols & Icons Code Analysis

Dangerous Functions
0
Raw SQL Queries
1
6 prepared
Unescaped Output
13
58 escaped
Nonce Checks
5
Capability Checks
0
File Operations
6
External Requests
2
Bundled Libraries
0

SQL Query Safety

86% prepared7 total queries

Output Escaping

82% escaped71 total outputs
Data Flows
All sanitized

Data Flow Analysis

4 flows
__construct (src\menuPages\SettingsPage.php:12)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
3 unprotected

Easy Symbols & Icons Attack Surface

Entry Points4
Unprotected3

AJAX Handlers 1

authwp_ajax_eics_save_dynamic_subsettingsrc\menuPages\SettingsPage.php:57

REST API Routes 2

GET/wp-json/easysymbolsicons/v1/loaded-fontssrc\restEndpoints\RestHandler.php:19
GET/wp-json/easysymbolsicons/v1/used-iconssrc\restEndpoints\RestHandler.php:25

Shortcodes 1

[eics-icon] src\blocks\Blocks.php:26
WordPress Hooks 10
actionrest_api_initeasy-symbols-icons.php:69
actionsave_posteasy-symbols-icons.php:72
actionbefore_delete_posteasy-symbols-icons.php:74
actioninitsrc\blocks\Blocks.php:22
actioninitsrc\blocks\eics-icon\eics-icon.php:21
actionwp_enqueue_scriptssrc\iconHandler\IconHandler.php:816
actionadmin_initsrc\iconHandler\IconHandler.php:830
actionadmin_enqueue_scriptssrc\iconHandler\IconHandler.php:834
actionadmin_menusrc\menuPages\SettingsPage.php:14
actionadmin_enqueue_scriptssrc\menuPages\SettingsPage.php:26
Maintenance & Trust

Easy Symbols & Icons Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedUnknown
PHP min version8.2
Downloads111

Community Trust

Rating0/100
Number of ratings0
Active installs0
Alternatives

Easy Symbols & Icons Alternatives

Skyboot Custom Icons for Elementor

Skyboot Custom Icons for Elementor

skyboot-custom-icons-for-elementor

A
100

Skyboot Custom Icons for Elementor expands your Elementor icon library with 14,300+ icons from 15 packs, fully customizable in Elementor's editor.

200K No CVEs
Custom Icons for Elementor

Custom Icons for Elementor

custom-icons-for-elementor

A
90

Add custom icon fonts to the built in Elementor icon controls

10K 1 CVE
Icons Font Loader – Load Web Fonts and Icon Libraries

Icons Font Loader – Load Web Fonts and Icon Libraries

icons-font-loader

A
98

Load essential Flaticon webfonts into your WordPress site. Use icons anywhere on your site with simple integration, ensuring fast performance.

2K 3 CVEs
Dicode Icons Pack

Dicode Icons Pack

dicode-icons-pack

A
100

Dicode Icons Pack by Designinvento provides ability to add custom font icons to your website from all time top icon libraries.

700 No CVEs
Wp Fontawesome by Creareblogs.net

Wp Fontawesome by Creareblogs.net

wp-cb-fontawesome

A
85

Wp Cb FontAwesome is a plugin to migrate from [FontAwesome](http://www.fontawesome.com "FontAwesome") 4 to 5 in the easiest way possible.

10 No CVEs
Developer Profile

Easy Symbols & Icons Developer Profile

FARN Labs

3 plugins · 200 total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Easy Symbols & Icons

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/easy-symbols-icons/assets/eics-icons/eics-icons.css/wp-content/plugins/easy-symbols-icons/assets/eics-icons/eics-icons.js
Script Paths
/wp-content/plugins/easy-symbols-icons/assets/eics-icons/eics-icons.js

HTML / DOM Fingerprints

CSS Classes
eics-icon
Data Attributes
data-icon-source
JS Globals
EasySymbolsIconseics_icon_data
REST Endpoints
/wp-json/easy-symbols-icons/v1/icons/wp-json/easy-symbols-icons/v1/fonts/wp-json/easy-symbols-icons/v1/icon_usage
Shortcode Output
[easy_icons][easy_icon]
FAQ

Frequently Asked Questions about Easy Symbols & Icons