Does Google Font have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is Google Font compatible with WordPress 4.8.28?

According to WordPress.org data, Google Font 1.0 has been tested up to WordPress 4.8.28. Check the plugin's changelog for the latest compatibility information.

How often is Google Font updated?

Google Font was last updated on Oct 2, 2016. Frequent updates are generally a positive security signal.

What is Google Font's security score?

Google Font has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Google Font Security & Risk Analysis

wordpress.org/plugins/fonts-add

Google font for your website without coding, you can change font for any element you want.

100 active installs v1.0 PHP + WP 3.6+ Updated Oct 2, 2016

font-changerfontsgooglegoogle-fontstheme-fonts

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is Google Font Safe to Use in 2026?

Generally Safe

Score 85/100

Google Font has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 9yr ago

Risk Assessment

The "fonts-add" v1.0 plugin exhibits a very limited attack surface as indicated by the static analysis. With no AJAX handlers, REST API routes, shortcodes, or cron events, the direct entry points for potential malicious activity are virtually non-existent. The code also shows no signs of dangerous functions, file operations, or external HTTP requests, further contributing to a seemingly secure codebase. The absence of any known vulnerabilities in its history is a positive indicator of its development and maintenance.

Key Concerns

0% of outputs are properly escaped
0 nonces used for potential entry points
0 capability checks used for potential entry points

Vulnerabilities

None known

Google Font Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

Google Font Release Timeline

No version history available.

Code Analysis

Analyzed Mar 16, 2026

Google Font Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

0 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

0% escaped36 total outputs

Attack Surface

Google Font Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 21

actionadmin_menugoogle-fonts-ws.php:12

actionadmin_initgoogle-fonts-ws.php:16

actionadmin_enqueue_scriptsgoogle-fonts-ws.php:75

actionwp_headpublic\wsgf-load-style.php:140

actionwp_headpublic\wsgf-load-style.php:141

actionwp_headpublic\wsgf-load-style.php:142

actionwp_headpublic\wsgf-load-style.php:143

actionwp_headpublic\wsgf-load-style.php:144

actionwp_headpublic\wsgf-load-style.php:145

actionwp_headpublic\wsgf-load-style.php:146

actionwp_headpublic\wsgf-load-style.php:147

actionwp_headpublic\wsgf-load-style.php:148

actionwp_headpublic\wsgf-load-style.php:149

actionwp_headpublic\wsgf-load-style.php:150

actionwp_headpublic\wsgf-load-style.php:151

actionwp_headpublic\wsgf-load-style.php:152

actionwp_headpublic\wsgf-load-style.php:153

actionwp_headpublic\wsgf-load-style.php:154

actionwp_headpublic\wsgf-load-style.php:155

actionwp_headpublic\wsgf-load-style.php:156

actionwp_headpublic\wsgf-load-style.php:157

Maintenance & Trust

Google Font Maintenance & Trust

Maintenance Signals

WordPress version tested4.8.28

Last updatedOct 2, 2016

PHP min version

Downloads22K

Community Trust

Rating36/100

Number of ratings5

Active installs100

Alternatives

Google Font Alternatives

Google Web Fonts Customizer (GWFC)

google-web-fonts-customizer-gwfc

This plugin integrates WordPress Customizer with Google Web Fonts, to add and use google fonts to any themes, no coding needed.

1K No CVEs

Ultimate Fonts

ultimate-fonts

Adds Google Fonts to your WordPress website without coding. Customize any element with support for live preview in the Customizer.

500 No CVEs

Custom Google Fonts

custom-google-fonts

Custom Google Fonts is easy to use WordPress plugin.

30 No CVEs

Custom Fonts – Host Your Fonts Locally

custom-fonts

Custom Fonts is a powerful WordPress plugin that allows you to upload your own custom fonts or choose from a vast collection of Google Fonts, all host …

400K 2 CVEs

Fonts Plugin | Google Fonts, Adobe Fonts & Upload Fonts

olympus-google-fonts

Instantly change your entire website's typography with Google Fonts, Adobe Fonts, or custom fonts — no coding required. Live preview your changes.

200K 3 CVEs

Developer Profile

Google Font Developer Profile

PluginOps

12 plugins · 14K total installs

trust score

Avg Security Score

84/100

Avg Patch Time

422 days

View full developer profile

Detection Fingerprints

How We Detect Google Font

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/fonts-add/css/style.css/wp-content/plugins/fonts-add/js/admin.js

Script Paths

/wp-content/plugins/fonts-add/js/admin.js

Version Parameters

fonts-add/css/style.css?ver=fonts-add/js/admin.js?ver=

HTML / DOM Fingerprints

CSS Classes

onoffswitchonoffswitch-checkboxonoffswitch-labelonoffswitch-inneronoffswitch-switchwsgf_fh1wsgf_fh2wsgf_fh3+6 more

Data Attributes

wsgf_enable_pluginwsgf_select_gfont_h1wsgf_select_gfont_h2wsgf_select_gfont_h3wsgf_select_gfont_h4wsgf_select_gfont_h5+4 more

Shortcode Output

<b> This is Premium Feature <a href="http://web-settler.com/wordpress-google-fonts/" target=_blank>Buy Premium Version</a> </b>

FAQ