WP-Safety

Remove Google Fonts Security & Risk Analysis

wordpress.org/plugins/remove-open-sans-font-from-wp-core

Remove Google fonts link from WP core and default themes.

800 active installs v1.2.2 PHP + WP 3.3+ Updated Apr 4, 2017
google-fontsinconsolata-fontnoto-sansnoto-serifopen-sans
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Remove Google Fonts Safe to Use in 2026?

Generally Safe

Score 85/100

Remove Google Fonts has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 9yr ago
Risk Assessment

The 'remove-open-sans-font-from-wp-core' plugin, version 1.2.2, exhibits an exceptionally strong security posture based on the provided static analysis. The plugin has zero attack surface in terms of AJAX handlers, REST API routes, shortcodes, and cron events that are exposed without proper authentication. Furthermore, the code signals reveal no dangerous functions, all SQL queries utilize prepared statements, and output is consistently escaped, indicating diligent development practices. The absence of file operations, external HTTP requests, and the lack of specific security checks like nonces and capability checks are not concerns in this context, as they are likely unnecessary for a plugin with this specific, limited functionality. The vulnerability history is also clean, with no known CVEs, reinforcing the plugin's stable security record.

Vulnerabilities
None known

Remove Google Fonts Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

Remove Google Fonts Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
0
0 escaped
Nonce Checks
0
Capability Checks
0
File Operations
0
External Requests
0
Bundled Libraries
0
Attack Surface

Remove Google Fonts Attack Surface

Entry Points0
Unprotected0
WordPress Hooks 2
actioninitno-open-sans-font.php:41
filtergettext_with_contextno-open-sans-font.php:49
Maintenance & Trust

Remove Google Fonts Maintenance & Trust

Maintenance Signals

WordPress version tested4.7.32
Last updatedApr 4, 2017
PHP min version
Downloads51K

Community Trust

Rating100/100
Number of ratings7
Active installs800
Alternatives

Remove Google Fonts Alternatives

Disable Google Fonts

Disable Google Fonts

disable-google-fonts

A
85

Disable enqueuing of fonts from Google used by WordPress core, default themes, Gutenberg, and many more.

40K No CVEs
Twentyfifteen Noto Sans JP

Twentyfifteen Noto Sans JP

twentyfifteen-noto-sans-jp

A
85

The font of TwentyFifteen is changed to a Japanese Gothic font.

60 No CVEs
Custom Fonts – Host Your Fonts Locally

Custom Fonts – Host Your Fonts Locally

custom-fonts

A
98

Custom Fonts is a powerful WordPress plugin that allows you to upload your own custom fonts or choose from a vast collection of Google Fonts, all host …

300K 2 CVEs
Fonts Plugin | Use Google Fonts, Adobe Fonts or Upload Fonts

Fonts Plugin | Use Google Fonts, Adobe Fonts or Upload Fonts

olympus-google-fonts

A
98

The easiest to customize fonts in WordPress. Optimized for Speed. 1000+ font choices. Supports Google Fonts, Adobe Fonts and Upload Fonts.

200K 3 CVEs
Use Any Font | Custom Font Uploader

Use Any Font | Custom Font Uploader

use-any-font

A
97

Upload custom fonts with custom font uploader. Auto converts to woff2 for better performance. Self-hosted, GDPR compliant, and easy custom font plugin

200K 4 CVEs
Developer Profile

Remove Google Fonts Developer Profile

suifengtec

12 plugins · 1K total installs

86
trust score
Avg Security Score
88/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Remove Google Fonts

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

HTML / DOM Fingerprints

FAQ

Frequently Asked Questions about Remove Google Fonts