WP-Safety

Local Fonts Uploader – Upload & Host Any Font Locally for GDPR Security & Risk Analysis

wordpress.org/plugins/local-fonts-uploader

Easily upload and host fonts locally. Avoid external requests to enhance security, privacy, speed, and GDPR compliance.

2K active installs v1.3.0 PHP 7.4+ WP 6.0+ Updated Oct 28, 2025
custom-fontsgdpr-compliantgoogle-fontslocal-fontsupload-fonts
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Local Fonts Uploader – Upload & Host Any Font Locally for GDPR Safe to Use in 2026?

Generally Safe

Score 100/100

Local Fonts Uploader – Upload & Host Any Font Locally for GDPR has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 5mo ago
Risk Assessment

The "local-fonts-uploader" plugin v1.3.0 demonstrates a mixed security posture. On the positive side, it exhibits strong practices regarding output escaping, SQL query sanitization (82% prepared), and has no recorded vulnerabilities or dangerous functions. The absence of file operations and external HTTP requests also reduces its attack surface in those areas. However, a significant concern lies in its attack surface, with 9 AJAX handlers identified, a substantial 7 of which lack authentication checks. This creates an easily exploitable entry point for attackers to potentially trigger unintended actions. While taint analysis and vulnerability history are clean, the high number of unprotected AJAX endpoints represents a concrete, immediate risk that needs attention.

Key Concerns

  • Unprotected AJAX handlers present
  • Limited use of prepared statements in SQL
Vulnerabilities
None known

Local Fonts Uploader – Upload & Host Any Font Locally for GDPR Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

Local Fonts Uploader – Upload & Host Any Font Locally for GDPR Code Analysis

Dangerous Functions
0
Raw SQL Queries
3
14 prepared
Unescaped Output
0
26 escaped
Nonce Checks
3
Capability Checks
5
File Operations
0
External Requests
0
Bundled Libraries
0

SQL Query Safety

82% prepared17 total queries

Output Escaping

100% escaped26 total outputs
Attack Surface
7 unprotected

Local Fonts Uploader – Upload & Host Any Font Locally for GDPR Attack Surface

Entry Points9
Unprotected7

AJAX Handlers 9

authwp_ajax_lfontsupGetAllFontsadmin\ajax-handler.php:32
authwp_ajax_lfontsupCreateFontadmin\ajax-handler.php:35
authwp_ajax_lfontsupRemoveFontadmin\ajax-handler.php:38
authwp_ajax_lfontsupGetVariantsadmin\ajax-handler.php:41
authwp_ajax_lfontsupAddVariantadmin\ajax-handler.php:44
authwp_ajax_lfontsupDeleteVariantadmin\ajax-handler.php:47
authwp_ajax_lfontsupVariantAssignadmin\ajax-handler.php:50
authwp_ajax_lfontsupFetchBackupadmin\ajax-handler.php:53
authwp_ajax_lfontsupRestoreDataadmin\ajax-handler.php:56
WordPress Hooks 8
actionadmin_menuadmin\admin-menu.php:23
filterruby_dashboard_menuadmin\admin-menu.php:24
filterwp_check_filetype_and_extadmin\admin-menu.php:25
filterplugin_action_linksadmin\admin-menu.php:26
filterupload_mimesadmin\admin-menu.php:122
actionadmin_enqueue_scriptsadmin\admin-menu.php:125
actionwp_enqueue_scriptsincludes\client.php:45
actionplugins_loadedlocal-fonts-uploader.php:73
Maintenance & Trust

Local Fonts Uploader – Upload & Host Any Font Locally for GDPR Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedOct 28, 2025
PHP min version7.4
Downloads10K

Community Trust

Rating100/100
Number of ratings6
Active installs2K
Alternatives

Local Fonts Uploader – Upload & Host Any Font Locally for GDPR Alternatives

Fonts Plugin | Use Google Fonts, Adobe Fonts or Upload Fonts

Fonts Plugin | Use Google Fonts, Adobe Fonts or Upload Fonts

olympus-google-fonts

A
98

The easiest to customize fonts in WordPress. Optimized for Speed. 1000+ font choices. Supports Google Fonts, Adobe Fonts and Upload Fonts.

200K 3 CVEs
Custom Fonts – Host Your Fonts Locally

Custom Fonts – Host Your Fonts Locally

custom-fonts

A
98

Custom Fonts is a powerful WordPress plugin that allows you to upload your own custom fonts or choose from a vast collection of Google Fonts, all host …

300K 2 CVEs
Use Any Font | Custom Font Uploader

Use Any Font | Custom Font Uploader

use-any-font

A
97

Upload custom fonts with custom font uploader. Auto converts to woff2 for better performance. Self-hosted, GDPR compliant, and easy custom font plugin

200K 4 CVEs
Fonts

Fonts

fonts

A
100

Add More Font To Your WordPress Editor

9K No CVEs
Yabe Webfont – Use Custom Fonts, Google Fonts or Adobe Fonts

Yabe Webfont – Use Custom Fonts, Google Fonts or Adobe Fonts

yabe-webfont

A
100

Easy self-host Google Fonts, Adobe Fonts support, or upload custom fonts in WordPress. Integrated into the most popular themes and page builders.

5K No CVEs
Developer Profile

Local Fonts Uploader – Upload & Host Any Font Locally for GDPR Developer Profile

ThemeRuby

5 plugins · 7K total installs

91
trust score
Avg Security Score
95/100
Avg Patch Time
10 days
View full developer profile
Detection Fingerprints

How We Detect Local Fonts Uploader – Upload & Host Any Font Locally for GDPR

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/local-fonts-uploader/admin/assets/vendor.min.css/wp-content/plugins/local-fonts-uploader/admin/assets/main.min.css/wp-content/plugins/local-fonts-uploader/admin/assets/vendor.bundle.js/wp-content/plugins/local-fonts-uploader/admin/assets/main.bundle.js
Script Paths
/wp-content/plugins/local-fonts-uploader/admin/assets/vendor.bundle.js/wp-content/plugins/local-fonts-uploader/admin/assets/main.bundle.js
Version Parameters
local-fonts-uploader/admin/assets/vendor.min.css?ver=local-fonts-uploader/admin/assets/main.min.css?ver=local-fonts-uploader/admin/assets/vendor.bundle.js?ver=local-fonts-uploader/admin/assets/main.bundle.js?ver=

HTML / DOM Fingerprints

JS Globals
lfontsupAdminConfig
FAQ

Frequently Asked Questions about Local Fonts Uploader – Upload & Host Any Font Locally for GDPR