mowomo Variable Fonts Security & Risk Analysis
wordpress.org/plugins/mowomo-variable-fontsAn elegant solution for a better typography with beautiful variable fonts. This plugin allows you to easy use variable fonts, establish a responsive …
Is mowomo Variable Fonts Safe to Use in 2026?
Generally Safe
Score 85/100mowomo Variable Fonts has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.
The "mowomo-variable-fonts" v1.1.0 plugin presents a significant security risk due to its unprotected AJAX handlers. The static analysis reveals 6 AJAX handlers, all of which lack authentication checks. This means any user, regardless of their role or permissions, can trigger these actions, potentially leading to unauthorized operations or information disclosure. While the plugin uses prepared statements for SQL queries and has no recorded vulnerabilities, the absence of security checks on its primary entry points is a major concern. The lack of nonce and capability checks, combined with a low rate of output escaping (only 10%), further exacerbates the risk. The plugin's history of no reported vulnerabilities is positive but does not negate the immediate threats posed by the current code. The overall security posture is weak, with critical vulnerabilities being highly probable given the exposed attack surface. Users should exercise extreme caution or avoid using this plugin until these security flaws are addressed.
Key Concerns
- Unprotected AJAX handlers
- Low rate of output escaping
- No nonce checks
- No capability checks
mowomo Variable Fonts Security Vulnerabilities
mowomo Variable Fonts Code Analysis
Output Escaping
mowomo Variable Fonts Attack Surface
AJAX Handlers 6
WordPress Hooks 9
Maintenance & Trust
mowomo Variable Fonts Maintenance & Trust
Maintenance Signals
Community Trust
mowomo Variable Fonts Alternatives
Variable Font Sampler
variable-font-sampler
Show your variable font in your wordpress site with user determined preview text and slider for weight, width, and font size
Custom Fonts – Host Your Fonts Locally
custom-fonts
Custom Fonts is a powerful WordPress plugin that allows you to upload your own custom fonts or choose from a vast collection of Google Fonts, all host …
OMGF | GDPR/DSGVO Compliant, Faster Google Fonts. Easy.
host-webfonts-local
OMGF automagically caches the Google Fonts used by your theme/plugins locally. No configuration (or brains) required!
Fonts Plugin | Use Google Fonts, Adobe Fonts or Upload Fonts
olympus-google-fonts
The easiest to customize fonts in WordPress. Optimized for Speed. 1000+ font choices. Supports Google Fonts, Adobe Fonts and Upload Fonts.
Skyboot Custom Icons for Elementor
skyboot-custom-icons-for-elementor
Skyboot Custom Icons for Elementor expands your Elementor icon library with 14,300+ icons from 15 packs, fully customizable in Elementor's editor.
mowomo Variable Fonts Developer Profile
5 plugins · 1K total installs
How We Detect mowomo Variable Fonts
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
/wp-content/plugins/mowomo-variable-fonts/assets/js/scripts.js/wp-content/plugins/mowomo-variable-fonts/assets/css/styles.css/wp-content/plugins/mowomo-variable-fonts/assets/js/customizer-scripts.js/wp-content/plugins/mowomo-variable-fonts/assets/js/admin_scripts.js/wp-content/plugins/mowomo-variable-fonts/assets/css/admin_styles.csshttps://rsms.me/inter/inter.cssmowomo-variable-fonts/assets/js/scripts.js?ver=mowomo-variable-fonts/assets/css/styles.css?ver=mowomo-variable-fonts/assets/js/customizer-scripts.js?ver=mowomo-variable-fonts/assets/js/admin_scripts.js?ver=mowomo-variable-fonts/assets/css/admin_styles.css?ver=https://rsms.me/inter/inter.css?ver=HTML / DOM Fingerprints
ajax_vars