Does Local Google Fonts have any unpatched vulnerabilities?

No. All known vulnerabilities in Local Google Fonts have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Local Google Fonts compatible with WordPress 6.8.5?

According to WordPress.org data, Local Google Fonts 0.24.0 has been tested up to WordPress 6.8.5. Check the plugin's changelog for the latest compatibility information.

Is Local Google Fonts compatible with PHP 7.4+?

Local Google Fonts requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Local Google Fonts updated?

Local Google Fonts was last updated on May 1, 2025. Frequent updates are generally a positive security signal.

What is Local Google Fonts's security score?

Local Google Fonts has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Local Google Fonts Security & Risk Analysis

wordpress.org/plugins/local-google-fonts

Host your used Google fonts on your server and make your site more GDPR compliant 💯.

100K active installs v0.24.0 PHP 7.4+ WP 4.6+ Updated May 1, 2025

fontfontsgdprgooglegooglefonts

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is Local Google Fonts Safe to Use in 2026?

Generally Safe

Score 100/100

Local Google Fonts has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 11mo ago

Risk Assessment

The 'local-google-fonts' plugin v0.24.0 exhibits a generally strong security posture based on the provided static analysis. The absence of dangerous functions, SQL injection vulnerabilities, and improperly escaped output are significant strengths. The plugin also demonstrates good practices by exclusively using prepared statements for SQL queries and incorporating nonce and capability checks, indicating an awareness of common WordPress security pitfalls. The very limited attack surface and the lack of recorded vulnerabilities in its history further contribute to a positive security outlook.

Key Concerns

Two external HTTP requests detected
Four nonce checks present, but could be more
One capability check present, but could be more

Vulnerabilities

None known

Local Google Fonts Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Local Google Fonts Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

47 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

100% escaped47 total outputs

Attack Surface

Local Google Fonts Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 12

filteradmin_initincludes\class-local-google-fonts-admin.php:24

actionadmin_menuincludes\class-local-google-fonts-admin.php:25

actionadmin_footer_textincludes\class-local-google-fonts-admin.php:58

filterupgrader_pre_installincludes\class-local-google-fonts-upgrade.php:15

filterupgrader_post_installincludes\class-local-google-fonts-upgrade.php:33

filterstyle_loader_srcincludes\class-local-google-fonts.php:15

filterswitch_themeincludes\class-local-google-fonts.php:16

filterwp_resource_hintsincludes\class-local-google-fonts.php:17

filterlocal_google_fonts_replace_in_contentincludes\class-local-google-fonts.php:19

filterlocal_google_fonts_replace_urlincludes\class-local-google-fonts.php:20

actionadmin_noticesincludes\class-local-google-fonts.php:22

filterplugin_action_linksincludes\class-local-google-fonts.php:24

Maintenance & Trust

Local Google Fonts Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5

Last updatedMay 1, 2025

PHP min version7.4

Downloads786K

Community Trust

Rating92/100

Number of ratings83

Active installs100K

Alternatives

Local Google Fonts Alternatives

OMGF | GDPR/DSGVO Compliant, Faster Google Fonts. Easy.

host-webfonts-local

OMGF automagically caches the Google Fonts used by your theme/plugins locally. No configuration (or brains) required!

300K 4 CVEs

Disable and Remove Google Fonts | GDPR & DSGVO friendly

disable-remove-google-fonts

100

Improve frontend performance by disabling Google Fonts. GDPR and DSGVO friendly.

100K No CVEs

Self-Hosted Google Fonts

selfhost-google-fonts

Automatically self-host all the Google Fonts on your site. Plug and play.

30K No CVEs

Embed Google Fonts

embed-google-fonts

Embed Google Fonts tries to automatically replace registered Google Fonts from themes and plugin with local versions, directly loaded from your own se …

6K 1 CVE

Yabe Webfont – Use Custom Fonts, Google Fonts or Adobe Fonts

yabe-webfont

100

Easy self-host Google Fonts, Adobe Fonts support, or upload custom fonts in WordPress. Integrated into the most popular themes and page builders.

5K No CVEs

Developer Profile

Local Google Fonts Developer Profile

EverPress

28 plugins · 121K total installs

trust score

Avg Security Score

91/100

Avg Patch Time

255 days

View full developer profile

Detection Fingerprints

How We Detect Local Google Fonts

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/local-google-fonts/assets/admin.css/wp-content/plugins/local-google-fonts/assets/admin.js

Script Paths

/wp-content/plugins/local-google-fonts/assets/admin.js

Version Parameters

local-google-fonts/assets/admin.js?ver=local-google-fonts/assets/admin.css?ver=

HTML / DOM Fingerprints

FAQ