Upload custom fonts with custom font uploader. Auto converts to woff2 for better performance. Self-hosted, GDPR compliant, and easy custom font plugin
Category Scores
Issues to Review
Prioritized issue groups from the latest Plugin Check scan
Security
67
6 issue groups
Maintainability
23
9 issue groups
Repo Compliance
1
1 issue group
WARNINGSecurityRequest data is not unslashed$_GET['predefinedfontid'] not unslashed before sanitization. Use wp_unslash() or similar16
- Category
- Security
- Occurrences
- 16
- Severity
- warning
Sample message
$_GET['predefinedfontid'] not unslashed before sanitization. Use wp_unslash() or similar
ERRORSecurityOutput is not escapedAll output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$languageSelector['selectHTML']'.13
- Category
- Security
- Occurrences
- 13
- Severity
- error
Sample message
All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$languageSelector['selectHTML']'.
WARNINGSecurityInput is not sanitizedDetected usage of a non-sanitized input variable: $_GET['predefinedfontid']12
- Category
- Security
- Occurrences
- 12
- Severity
- warning
Sample message
Detected usage of a non-sanitized input variable: $_GET['predefinedfontid']
WARNINGSecurityMissing nonce verificationProcessing form data without nonce verification.10
- Category
- Security
- Occurrences
- 10
- Severity
- warning
Sample message
Processing form data without nonce verification.
WARNINGSecurityInput is not validatedDetected usage of a possibly undefined superglobal array index: $_GET['delete_font_assign_key']. Check that the array index exists before using it.10
- Category
- Security
- Occurrences
- 10
- Severity
- warning
Sample message
Detected usage of a possibly undefined superglobal array index: $_GET['delete_font_assign_key']. Check that the array index exists before using it.
WARNINGSecurityNonce verification recommendedProcessing form data without nonce verification.6
- Category
- Security
- Occurrences
- 6
- Severity
- warning
Sample message
Processing form data without nonce verification.
ERRORMaintainabilityfile system operations fcloseFile operations should use WP_Filesystem methods instead of direct PHP filesystem calls. Found: fclose().4
- Category
- Maintainability
- Occurrences
- 4
- Severity
- error
Sample message
File operations should use WP_Filesystem methods instead of direct PHP filesystem calls. Found: fclose().
ERRORMaintainabilityfile system operations fopenFile operations should use WP_Filesystem methods instead of direct PHP filesystem calls. Found: fopen().4
- Category
- Maintainability
- Occurrences
- 4
- Severity
- error
Sample message
File operations should use WP_Filesystem methods instead of direct PHP filesystem calls. Found: fopen().
ERRORMaintainabilityfile system operations fwriteFile operations should use WP_Filesystem methods instead of direct PHP filesystem calls. Found: fwrite().4
- Category
- Maintainability
- Occurrences
- 4
- Severity
- error
Sample message
File operations should use WP_Filesystem methods instead of direct PHP filesystem calls. Found: fwrite().
ERRORMaintainabilitydate datedate() is affected by runtime timezone changes which can cause date/time to be incorrectly displayed. Use gmdate() instead.3
- Category
- Maintainability
- Occurrences
- 3
- Severity
- error
Sample message
date() is affected by runtime timezone changes which can cause date/time to be incorrectly displayed. Use gmdate() instead.
Show 6 moreShow less
ERRORMaintainabilitywp function not compatible with requires wp3
- Category
- Maintainability
- Occurrences
- 3
- Severity
- error
Sample message
Function "sanitize_textarea_field()" requires WordPress 4.7.0, but your plugin minimum supported version is WordPress 4.0.0.
ERRORMaintainabilityrand rand2
- Category
- Maintainability
- Occurrences
- 2
- Severity
- error
Sample message
rand() is discouraged. Use the far less predictable wp_rand() instead.
ERRORMaintainabilityfile system operations mkdir1
- Category
- Maintainability
- Occurrences
- 1
- Severity
- error
Sample message
File operations should use WP_Filesystem methods instead of direct PHP filesystem calls. Found: mkdir().
ERRORMaintainabilityfive star reviews detected1
- Category
- Maintainability
- Occurrences
- 1
- Severity
- error
Sample message
Linking directly to 5 stars reviews is not allowed.
WARNINGMaintainabilitymismatched plugin name1
- Category
- Maintainability
- Occurrences
- 1
- Severity
- warning
Sample message
Plugin name "Use Any Font | Custom Font Uploader" is different from the name declared in plugin header "Use Any Font".
ERRORRepo Complianceplugin header no license1
- Category
- Repo Compliance
- Occurrences
- 1
- Severity
- error
Sample message
Missing "License" in Plugin Header. Please update your Plugin Header with a valid GPLv2 (or later) compatible license.
External Connections
Potential connections found in static code analysis.
Outbound calls
29
External assets
1
Incoming endpoints
1
Notable Domains
Platform / Reference Domains
External Asset Domains
Incoming Endpoints
No public endpoints detected.
Admin AJAX endpoints1
wp_ajax
Score History
2 score snapshots
v6.4
39
Latest
- Findings
- 91
- Errors
- 36
- Warnings
- 55
- Check
- 2.0.0
v6.3.14
38
Score
- Findings
- 90
- Errors
- 37
- Warnings
- 53
- Check
- 2.0.0
| Scan | Score | Findings | Errors | Warnings | Plugin | Check |
|---|---|---|---|---|---|---|
| Latest | 39 | 91 | 36 | 55 | v6.4 | 2.0.0 |
| 38 | 90 | 37 | 53 | v6.3.14 | 2.0.0 |
Relationship Map
Author, categories, issues, domains, and nearby plugins.