WP-Safety

Local Open Sans Security & Risk Analysis

wordpress.org/plugins/local-open-sans

Replace Open Sans with a local copy to speed up admin testing and development.

200 active installs v1.0 PHP + WP 3.0+ Updated Aug 3, 2014
adminfontsgoogleopen-sansspeed
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Local Open Sans Safe to Use in 2026?

Generally Safe

Score 85/100

Local Open Sans has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 11yr ago
Risk Assessment

The 'local-open-sans' plugin version 1.0 exhibits an excellent security posture based on the provided static analysis and vulnerability history. The code analysis reveals no detectable attack surface, dangerous functions, raw SQL queries, unescaped output, file operations, external HTTP requests, or missing security checks like nonces and capability checks. Furthermore, the absence of any recorded vulnerabilities, including CVEs across all severity levels, strongly indicates a well-developed and secure plugin.

The plugin's strength lies in its minimal footprint and adherence to secure coding practices. The complete lack of any identified vulnerabilities or concerning code signals suggests that the developers have prioritized security. While the attack surface is zero, this might also indicate a very simple plugin with limited functionality, which inherently reduces potential security risks. The absence of any taint analysis findings further solidifies its secure profile. Overall, this plugin appears to be a very safe choice.

Vulnerabilities
None known

Local Open Sans Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

Local Open Sans Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
0
0 escaped
Nonce Checks
0
Capability Checks
0
File Operations
0
External Requests
0
Bundled Libraries
0
Attack Surface

Local Open Sans Attack Surface

Entry Points0
Unprotected0
WordPress Hooks 1
actionadmin_enqueue_scriptslocal-open-sans.php:35
Maintenance & Trust

Local Open Sans Maintenance & Trust

Maintenance Signals

WordPress version tested3.9.40
Last updatedAug 3, 2014
PHP min version
Downloads4K

Community Trust

Rating100/100
Number of ratings3
Active installs200
Alternatives

Local Open Sans Alternatives

Disable Google Fonts

Disable Google Fonts

disable-google-fonts

A
85

Disable enqueuing of fonts from Google used by WordPress core, default themes, Gutenberg, and many more.

40K No CVEs
Remove Google Fonts

Remove Google Fonts

remove-open-sans-font-from-wp-core

A
85

Remove Google fonts link from WP core and default themes.

800 No CVEs
TDB G Fonts Swap

TDB G Fonts Swap

tdb-g-fonts-swap

A
100

Increase page speed adding display=swap to Google Fonts

10 No CVEs
Site Kit by Google – Analytics, Search Console, AdSense, Speed

Site Kit by Google – Analytics, Search Console, AdSense, Speed

google-site-kit

A
100

Site Kit is a one-stop solution for WordPress users to use everything Google has to offer to make them successful on the web.

5.0M 1 CVE
Custom Fonts – Host Your Fonts Locally

Custom Fonts – Host Your Fonts Locally

custom-fonts

A
98

Custom Fonts is a powerful WordPress plugin that allows you to upload your own custom fonts or choose from a vast collection of Google Fonts, all host …

300K 2 CVEs
Developer Profile

Local Open Sans Developer Profile

ThemeBoy

12 plugins · 21K total installs

68
trust score
Avg Security Score
84/100
Avg Patch Time
360 days
View full developer profile
Detection Fingerprints

How We Detect Local Open Sans

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/local-open-sans/open-sans.css
Version Parameters
local-open-sans/open-sans.css?ver=

HTML / DOM Fingerprints

FAQ

Frequently Asked Questions about Local Open Sans