[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fVfP63BwWbt3UgzXyrtMrdyxccmgAJt-2l0KWYFOb5DY":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":24,"download_link":25,"security_score":26,"vuln_count":27,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"vulnerabilities":31,"developer":75,"crawl_stats":37,"alternatives":82,"analysis":180,"fingerprints":233},"easy-svg","Easy SVG Support","4.1","Benjamin Zekavica","https:\u002F\u002Fprofiles.wordpress.org\u002Fbenjamin_zekavica\u002F","\u003Ch4>Direct Upload SVG Files into WordPress\u003C\u002Fh4>\n\u003Cp>EASY SVG Support is a Plugin which allows you to upload SVG Files into your Media library. This plugin was created for persons, who don’t need much options for SVG.\u003C\u002Fp>\n\u003Ch4>Features of the plugin include:\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Uploading SVG Support for WordPress\u003C\u002Fli>\n\u003Cli>Easy installation\u003C\u002Fli>\n\u003Cli>Display SVG Files in the Media Libary\u003C\u002Fli>\n\u003Cli>SVG Sanitize Files direcly \u003C\u002Fli>\n\u003Cli>SVG Sanitize – Custom Hooks for Tags and Attributes\u003C\u002Fli>\n\u003Cli>Updated for the new WordPress Gutenberg Editor\u003C\u002Fli>\n\u003Cli>Support for PHP 8.2\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Documentation & Support\u003C\u002Fh4>\n\u003Cp>Got a problem or need help with Easy SVG Support? Than you can write me an e-mail:\u003C\u002Fp>\n\u003Cp>info@benjamin-zekavica.de or you can ask your question in the forums section.\u003C\u002Fp>\n","This Plugin allows you to upload SVG Files into your Media library.",40000,348069,100,7,"2025-11-14T19:51:00.000Z","6.9.4","6.0","8.0",[4,20,21,22,23],"svg","svg-media","svg-support","upload-svg","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Feasy-svg\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Feasy-svg.4.1.zip",96,3,0,"2026-02-18 15:01:37","2026-03-15T15:16:48.613Z",[32,47,61],{"id":33,"url_slug":34,"title":35,"description":36,"plugin_slug":4,"theme_slug":37,"affected_versions":38,"patched_in_version":6,"severity":39,"cvss_score":40,"cvss_vector":41,"vuln_type":42,"published_date":29,"updated_date":43,"references":44,"days_to_patch":46},"CVE-2025-12451","easy-svg-support-authenticated-author-stored-cross-site-scripting-via-svg-file-upload","Easy SVG Support \u003C= 4.0 - Authenticated (Author+) Stored Cross-Site Scripting via SVG File Upload","The Easy SVG Support plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG file uploads in all versions up to, and including, 4.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses the SVG file.",null,"\u003C=4.0","medium",4.4,"CVSS:3.1\u002FAV:N\u002FAC:H\u002FPR:H\u002FUI:N\u002FS:C\u002FC:L\u002FI:L\u002FA:N","Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')","2026-03-27 11:18:31",[45],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F48ff572a-f18f-4b8d-ac58-78063919ff35?source=api-prod",37,{"id":48,"url_slug":49,"title":50,"description":51,"plugin_slug":4,"theme_slug":37,"affected_versions":52,"patched_in_version":53,"severity":39,"cvss_score":54,"cvss_vector":55,"vuln_type":42,"published_date":56,"updated_date":57,"references":58,"days_to_patch":60},"CVE-2024-10269","easy-svg-support-authenticated-author-stored-cross-site-scripting-via-svg-file-upload-2","Easy SVG Support \u003C= 3.7 - Authenticated (Author+) Stored Cross-Site Scripting via SVG File Upload","The Easy SVG Support plugin for WordPress is vulnerable to Stored Cross-Site Scripting via REST API SVG File uploads in all versions up to, and including, 3.7 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses the SVG file.","\u003C=3.7","3.8",6.4,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:N\u002FS:C\u002FC:L\u002FI:L\u002FA:N","2024-11-07 18:37:40","2024-11-08 06:39:59",[59],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F5fbc0866-1e9d-457a-8ef3-fb046c89c1dd?source=api-prod",1,{"id":62,"url_slug":63,"title":64,"description":65,"plugin_slug":4,"theme_slug":37,"affected_versions":66,"patched_in_version":67,"severity":39,"cvss_score":68,"cvss_vector":69,"vuln_type":42,"published_date":70,"updated_date":71,"references":72,"days_to_patch":74},"CVE-2022-1964","easy-svg-support-cross-site-scripting-via-svg-upload","Easy SVG Support \u003C= 3.2.0 - Cross-Site Scripting via SVG Upload","The Easy SVG Support WordPress plugin before 3.3.0 does not sanitise uploaded SVG files, which could allow users with a role as low as Author to upload a malicious SVG containing XSS payloads","\u003C=3.2.0","3.3.0",5.4,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:N\u002FS:U\u002FC:L\u002FI:L\u002FA:N","2022-06-01 00:00:00","2024-01-22 19:56:02",[73],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F6e736e75-5ad4-4773-b1f7-358dc74848f0?source=api-prod",601,{"slug":76,"display_name":7,"profile_url":8,"plugin_count":27,"total_installs":77,"avg_security_score":78,"avg_patch_time_days":79,"trust_score":80,"computed_at":81},"benjamin_zekavica",40840,91,213,73,"2026-04-04T15:21:16.544Z",[83,102,126,148,163],{"slug":84,"name":85,"version":86,"author":87,"author_profile":88,"description":89,"short_description":90,"active_installs":91,"downloaded":92,"rating":28,"num_ratings":28,"last_updated":93,"tested_up_to":94,"requires_at_least":95,"requires_php":96,"tags":97,"homepage":99,"download_link":100,"security_score":101,"vuln_count":28,"unpatched_count":28,"last_vuln_date":37,"fetched_at":30},"add-swf-support-for-media-uploader-inventivo","Add SWF Support for Media Uploader | inventivo","1.0.3","Nils Harder","https:\u002F\u002Fprofiles.wordpress.org\u002Finventivode\u002F","\u003Cp>WordPress does not allow to upload .svg files out of the box. This plugin adds SWF support to the media uploader.\u003C\u002Fp>\n\u003Cp>Visit our Website in order get more handy and \u003Ca href=\"https:\u002F\u002Fwww.inventivo.de\u002Fwordpress-agentur\u002Fwordpress-plugins\" rel=\"nofollow ugc\">free WordPress Plugins\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>Inventivo WordPress plugins are small and simple:\u003Cbr \u002F>\n– Responsive – fits to all screens\u003Cbr \u002F>\n– Easy configuration\u003Cbr \u002F>\n– Lighweight code\u003C\u002Fp>\n\u003Cp>Get your Add SWF Support for Media Uploader Plugin now!\u003C\u002Fp>\n\u003Cp>How it works:\u003C\u002Fp>\n\u003Col>\n\u003Cli>Upload the Plugin\u003C\u002Fli>\n\u003Cli>Activate the Plugin\u003C\u002Fli>\n\u003C\u002Fol>\n","Add SWF Support for Media Uploader",80,7593,"2021-04-30T12:59:00.000Z","5.7.15","3.0","",[20,98,23],"svg-media-uploader","https:\u002F\u002Fwww.inventivo.de\u002Fwordpress-agentur\u002Fwordpress-plugins","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fadd-swf-support-for-media-uploader-inventivo.1.0.3.zip",85,{"slug":103,"name":104,"version":105,"author":106,"author_profile":107,"description":108,"short_description":109,"active_installs":110,"downloaded":111,"rating":26,"num_ratings":112,"last_updated":113,"tested_up_to":16,"requires_at_least":114,"requires_php":115,"tags":116,"homepage":121,"download_link":122,"security_score":123,"vuln_count":124,"unpatched_count":28,"last_vuln_date":125,"fetched_at":30},"themeisle-companion","Orbit Fox: Duplicate Page, Menu Icons, SVG Support, Cookie Notice, Custom Fonts & More","3.0.5","Themeisle","https:\u002F\u002Fprofiles.wordpress.org\u002Fthemeisle\u002F","\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FfoS_QbuY-Lg?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Ch3>Why Choose Orbit Fox?\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>All Essential Website Features in One Place\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Orbit Fox includes all the popular functionality most site owners need: SVG support, social sharing, website templates, custom fonts, stock photos, page builder widgets, menu icons, and site customization tools.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Eliminate Plugin Bloat\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Replace over a dozen individual utility plugins with just one solution. Reduce plugin management complexity, minimize potential conflicts, and keep your WordPress dashboard organized.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Smart Performance Optimization\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Modules only load when enabled and are compatible with your existing theme and plugins, ensuring optimal site performance and preventing conflicts.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Save Time on Setup and Maintenance\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Skip installing a dozen separate plugins when building new sites. Get fully functional websites in minutes, not hours. Plus, maintain just one plugin instead of managing multiple updates, settings, and compatibility issues.\u003C\u002Fp>\n\u003Ch3>Orbit Fox Modules\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>Content & Design:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Website Templates – 45+ professional starter website templates to choose from\u003C\u002Fli>\n\u003Cli>Custom Fonts – Upload and use any custom font on your website\u003C\u002Fli>\n\u003Cli>Reading Progress Bar – Increase engagement with a visual reading progress indicator\u003C\u002Fli>\n\u003Cli>SVG Support – Enable safe SVG file uploads\u003C\u002Fli>\n\u003Cli>Free Stock Photos – 1,300+ free images to use for personal and commercial purposes\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Page Building & Widgets:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Elementor Widgets – Add 6 popular widgets to Elementor\u003C\u002Fli>\n\u003Cli>Beaver Builder Modules – Add 6 popular modules to Beaver Builder\u003C\u002Fli>\n\u003Cli>Customize Login Page – Change the design of your site’s login page and customize your login form\u003C\u002Fli>\n\u003Cli>Duplicate Page or Post – Duplicate any post or page on your website with one click\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>User Experience:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Social Share Buttons – Add social sharing buttons to your website with mobile\u002Fdesktop optimization\u003C\u002Fli>\n\u003Cli>Menu Icons – Add icons to any menu\u003C\u002Fli>\n\u003Cli>GDPR\u002FCCPA Cookie Notice – Show GDPR\u002FCCPA-compliant cookie notifications\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Site Management:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Header and Footer Scripts – Add tracking codes and custom CSS\u002FJS\u003C\u002Fli>\n\u003Cli>Disable Comments – Site-wide comment control\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Works With Any Theme\u003C\u002Fh3>\n\u003Cp>Orbit Fox is designed to work seamlessly with all WordPress themes. For the best experience, pair it with our professional themes like \u003Ca href=\"https:\u002F\u002Fthemeisle.com\u002Fthemes\u002Fneve\u002F\" rel=\"nofollow ugc\">\u003Cstrong>Neve\u003C\u002Fstrong>\u003C\u002Fa> and \u003Ca href=\"https:\u002F\u002Fthemeisle.com\u002Fthemes\u002Fhestia\u002F\" rel=\"nofollow ugc\">\u003Cstrong>Hestia\u003C\u002Fstrong>\u003C\u002Fa> – built by the same team for perfect integration.\u003C\u002Fp>\n\u003Ch3>Who Should Use Orbit Fox\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>WordPress Beginners\u003C\u002Fstrong> – Get professional features without the learning curve\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Freelancers & Agencies\u003C\u002Fstrong> – Build efficient, streamlined client websites\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Website Owners\u003C\u002Fstrong> – Access essential functionality through one organized solution\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Anyone\u003C\u002Fstrong> who wants commonly needed features without multiple plugin installations\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Support\u003C\u002Fh3>\n\u003Cp>We’re here to help. Feel free to open a new thread on the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fthemeisle-companion\u002F\" rel=\"ugc\">Support Forum\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>Documentation\u003C\u002Fh3>\n\u003Cp>Need help getting started? Check out our \u003Ca href=\"https:\u002F\u002Fdocs.themeisle.com\u002Farticle\u002F951-orbit-fox-documentation\" rel=\"nofollow ugc\">complete documentation\u003C\u002Fa> for step-by-step guides on every feature.\u003C\u002Fp>\n\u003Ch3>Useful Resources\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>If you like Orbit Fox, you’re sure to love \u003Ca href=\"https:\u002F\u002Fthemeisle.com\u002Fwordpress-plugins\u002F\" rel=\"nofollow ugc\">our other plugins\u003C\u002Fa> as well.\u003C\u002Fli>\n\u003Cli>Learn more about WordPress on our \u003Ca href=\"https:\u002F\u002Fthemeisle.com\u002Fblog\u002F\" rel=\"nofollow ugc\">blog\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>Get the most out of your WordPress website with our helpful \u003Ca href=\"https:\u002F\u002Fyoutube.com\u002Fplaylist?list=PLmRasCVwuvpSep2MOsIoE0ncO9JE3FcKP\" rel=\"nofollow ugc\">YouTube Tutorials\u003C\u002Fa>.\u003C\u002Fli>\n\u003C\u002Ful>\n","Add modules like share buttons, header & footer scripts, disable comments, reading progress bar, custom fonts, custom login page & more in one plugin.",100000,13570171,317,"2025-12-10T19:26:00.000Z","5.3","7.4",[117,118,119,120,22],"cookie-notice","duplicate-page","login-customizer","share-buttons","https:\u002F\u002Forbitfox.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fthemeisle-companion.zip",83,20,"2025-11-03 00:00:00",{"slug":127,"name":128,"version":129,"author":130,"author_profile":131,"description":132,"short_description":133,"active_installs":134,"downloaded":135,"rating":13,"num_ratings":136,"last_updated":137,"tested_up_to":16,"requires_at_least":138,"requires_php":139,"tags":140,"homepage":143,"download_link":144,"security_score":145,"vuln_count":146,"unpatched_count":28,"last_vuln_date":147,"fetched_at":30},"wp-svg-images","WP SVG Images","4.4","ShortPixel","https:\u002F\u002Fprofiles.wordpress.org\u002Fshortpixel\u002F","\u003Cp>\u003Cstrong>Securely upload SVG files to your Media Library. Uploaded SVG files are automatically sanitized.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>SVG stands for \u003Ca href=\"https:\u002F\u002Fen.wikipedia.org\u002Fwiki\u002FScalable_Vector_Graphics\" rel=\"nofollow ugc\">Scalable Vector Graphics\u003C\u002Fa> and is probably the most efficient way to display images.\u003Cbr \u002F>\nWP SVG Images Plugin is an \u003Cstrong>easy-to-use and lightweight plugin\u003C\u002Fstrong> that allows you to upload SVG files to your media library safely and easily.\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Support for SVG uploads to your Media Library.\u003C\u002Fli>\n\u003Cli>Sanitize uploaded SVG files. Malicious SVG\u002FXML files are rejected from upload.\u003C\u002Fli>\n\u003Cli>Admin configurable SVG support for different user roles. Ability to disable SVG upload for different user roles.\u003C\u002Fli>\n\u003Cli>Different user roles can upload and\u002For sanitize the uploaded SVG images.\u003C\u002Fli>\n\u003Cli>SVG preview in Media Library.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Support\u003C\u002Fh4>\n\u003Cp>24\u002F7 SVG support offered by \u003Ca href=\"https:\u002F\u002Fshortpixel.com\" rel=\"nofollow ugc\">ShortPixel\u003C\u002Fa> \u003Ca href=\"https:\u002F\u002Fshortpixel.com\u002Fcontact\" rel=\"nofollow ugc\">here\u003C\u002Fa> or \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fwp-svg-images\u002F\" rel=\"ugc\">here\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>Recommended plugins\u003C\u002Fh4>\n\u003Cp>This plugin is supported & maintained by \u003Ca href=\"https:\u002F\u002Fshortpixel.com\u002F\" rel=\"nofollow ugc\">ShortPixel\u003C\u002Fa>.\u003Cbr \u002F>\nOther popular plugins by ShortPixel:\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Ffastpixel-website-accelerator\u002F\" rel=\"ugc\">FastPixel Caching\u003C\u002Fa> – WP Optimization made easy\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fshortpixel-image-optimiser\u002F\" rel=\"ugc\">ShortPixel Image Optimizer\u003C\u002Fa> – Image optimization & compression for all the images on your website, including WebP delivery – ShortPixel Image Optimizer.\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fshortpixel-adaptive-images\u002F\" rel=\"ugc\">ShortPixel Adaptive Images\u003C\u002Fa> – On-the-fly image optimization & CDN delivery.\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fenable-media-replace\u002F\" rel=\"ugc\">Enable Media Replace\u003C\u002Fa> – Easily replace images or files in Media Library.\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fregenerate-thumbnails-advanced\u002F\" rel=\"ugc\">reGenerate Thumbnails Advanced\u003C\u002Fa> – Easily regenerate thumbnails.\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fresize-image-after-upload\u002F\" rel=\"ugc\">Resize Image After Upload\u003C\u002Fa> – Automatically resize each uploaded image.\u003C\u002Fp>\n\u003Ch3>Hooks for developers\u003C\u002Fh3>\n\u003Ch4>WPSVG_setAllowedTags\u003C\u002Fh4>\n\u003Cp>Allows you to specify more tags that will be not removed during sanitization\u003C\u002Fp>\n\u003Cpre>\u003Ccode>add_filter( 'WPSVG_setAllowedTags', 'my_custom_allowed_svg_tags', 10, 1 );\nfunction my_custom_allowed_svg_tags( $tags ){\n    $tags[] = 'path';\n    return $tags;\n}\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch4>WPSVG_setAllowedAttrs\u003C\u002Fh4>\n\u003Cp>Allows you to specify more attributes that will be not removed during sanitization\u003C\u002Fp>\n\u003Cpre>\u003Ccode>add_filter( 'WPSVG_setAllowedAttrs', 'my_custom_allowed_svg_attributes', 10, 1 );\nfunction my_custom_allowed_svg_attributes( $attributes ){\n    $attributes[] = 'fill';\n    return $attributes;\n}\n\u003C\u002Fcode>\u003C\u002Fpre>\n","Add SVG support to your WP website. Securely upload SVG files, automatic sanitization, Media Library preview.",30000,304959,12,"2025-12-10T11:53:00.000Z","3.0.1","5.6.40",[141,20,22,142],"sanitization","svg-upload","https:\u002F\u002Fshortpixel.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-svg-images.4.4.zip",99,2,"2024-06-20 00:00:00",{"slug":23,"name":149,"version":86,"author":150,"author_profile":151,"description":152,"short_description":153,"active_installs":154,"downloaded":155,"rating":13,"num_ratings":146,"last_updated":156,"tested_up_to":16,"requires_at_least":157,"requires_php":158,"tags":159,"homepage":96,"download_link":162,"security_score":13,"vuln_count":28,"unpatched_count":28,"last_vuln_date":37,"fetched_at":30},"Upload SVG","html5maps","https:\u002F\u002Fprofiles.wordpress.org\u002Fhtml5maps\u002F","\u003Cp>Upload SVG is a secure and user-friendly WordPress plugin that allows you to safely upload and manage SVG files in your Media Library. SVG files can potentially contain malicious code, but with Upload SVG, you can enable automatic sanitization to prevent XML\u002FSVG vulnerabilities on your website. This plugin ensures your SVG uploads are handled with enhanced security while offering a seamless user experience.\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Securely upload SVG files to your Media Library.\u003C\u002Fli>\n\u003Cli>Enable automatic sanitization to protect against XML\u002FSVG vulnerabilities.\u003C\u002Fli>\n\u003Cli>Effortlessly manage and preview SVG files in your Media Library.\u003C\u002Fli>\n\u003Cli>Restrict SVG uploads to trusted user roles for additional security.\u003C\u002Fli>\n\u003Cli>Seamless integration with the latest version of WordPress.\u003C\u002Fli>\n\u003Cli>Lightweight and optimized for optimal performance.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>SVG Sanitization is implemented using the following library: \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fdarylldoyle\u002Fsvg-sanitizer\" rel=\"nofollow ugc\">https:\u002F\u002Fgithub.com\u002Fdarylldoyle\u002Fsvg-sanitizer\u003C\u002Fa>.\u003C\u002Fp>\n","Safely enable SVG uploads with sanitization and prevent XML\u002FSVG vulnerabilities on your WordPress website. Preview SVG files in your Media Library.",1000,8429,"2025-12-03T15:44:00.000Z","5.7","7.1",[160,20,22,142,161],"sanitize","upload","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fupload-svg.1.0.3.zip",{"slug":164,"name":165,"version":86,"author":166,"author_profile":167,"description":168,"short_description":169,"active_installs":170,"downloaded":171,"rating":28,"num_ratings":28,"last_updated":172,"tested_up_to":173,"requires_at_least":174,"requires_php":158,"tags":175,"homepage":178,"download_link":179,"security_score":101,"vuln_count":28,"unpatched_count":28,"last_vuln_date":37,"fetched_at":30},"svg-enabler","SVG Enabler","Optimist Hub","https:\u002F\u002Fprofiles.wordpress.org\u002Foptimisthub\u002F","\u003Cp>This plugin gives you the ability to allow SVG uploads whilst making sure that they’re sanitized to stop SVG\u002FXML vulnerabilities affecting your site.\u003C\u002Fp>\n","This plugin gives you the ability to allow SVG uploads whilst making sure that they’re sanitized to stop SVG\u002FXML vulnerabilities affecting your site.",30,2802,"2023-02-07T17:03:00.000Z","6.1.10","5.0",[176,22,142,177],"allow-svg-upload","svg-upload-enabler","https:\u002F\u002Fgithub.com\u002Foptimisthub\u002Fwordpress-svg-enabler","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsvg-enabler.1.0.3.zip",{"attackSurface":181,"codeSignals":215,"taintFlows":222,"riskAssessment":223,"analyzedAt":232},{"hooks":182,"ajaxHandlers":211,"restRoutes":212,"shortcodes":213,"cronEvents":214,"entryPointCount":28,"unprotectedCount":28},[183,189,193,198,203,207],{"type":184,"name":185,"callback":186,"file":187,"line":188},"filter","wp_handle_upload_prefilter","esw_svg_upload_filter_check_init","easy-svg.php",163,{"type":184,"name":190,"callback":191,"file":187,"line":192},"upload_mimes","esw_add_support",176,{"type":184,"name":194,"callback":195,"priority":196,"file":187,"line":197},"wp_check_filetype_and_ext","esw_upload_check",10,209,{"type":199,"name":200,"callback":201,"file":187,"line":202},"action","wp_AJAX_svg_get_attachment_url","esw_display_svg_files_backend",267,{"type":184,"name":204,"callback":205,"priority":196,"file":187,"line":206},"wp_prepare_attachment_for_js","esw_display_svg_media",313,{"type":199,"name":208,"callback":209,"file":187,"line":210},"admin_head","esw_svg_styles",334,[],[],[],[],{"dangerousFunctions":216,"sqlUsage":217,"outputEscaping":219,"fileOperations":27,"externalRequests":28,"nonceChecks":60,"capabilityChecks":60,"bundledLibraries":221},[],{"prepared":28,"raw":28,"locations":218},[],{"escaped":60,"rawEcho":28,"locations":220},[],[],[],{"summary":224,"deductions":225},"The Easy SVG plugin v4.1 exhibits a mixed security profile.  On one hand, the static analysis reveals commendable security practices within the current codebase.  There are no detected dangerous functions, all SQL queries use prepared statements, and all output is properly escaped. The plugin also includes nonce and capability checks, indicating an effort to secure its functionalities.  However, the presence of three previously disclosed medium-severity vulnerabilities, particularly Cross-Site Scripting, raises a significant concern regarding the plugin's historical security and potential for recurring issues. While these vulnerabilities are reported as patched, the pattern suggests that the plugin may have had past weaknesses that could be reintroduced or that a thorough review of past vulnerabilities is necessary to ensure robust long-term security.  The static analysis did not identify any critical or high-severity taint flows, which is positive, but the history of XSS vulnerabilities warrants caution.",[226,229],{"reason":227,"points":228},"History of medium severity vulnerabilities (3)",15,{"reason":230,"points":231},"History of Cross-Site Scripting vulnerabilities",5,"2026-03-16T17:20:33.984Z",{"wat":234,"direct":243},{"assetPaths":235,"generatorPatterns":238,"scriptPaths":239,"versionParams":240},[236,237],"\u002Fwp-content\u002Fplugins\u002Feasy-svg\u002Fadmin\u002Fcss\u002Fadmin.css","\u002Fwp-content\u002Fplugins\u002Feasy-svg\u002Fadmin\u002Fjs\u002Fadmin.js",[],[237],[241,242],"easy-svg\u002Fadmin\u002Fcss\u002Fadmin.css?ver=","easy-svg\u002Fadmin\u002Fjs\u002Fadmin.js?ver=",{"cssClasses":244,"htmlComments":246,"htmlAttributes":249,"restEndpoints":251,"jsGlobals":253,"shortcodeOutput":255},[245],"esw-svg-uploader",[247,248],"\u003C!-- The main SVG uploader. -->","\u003C!-- SVG files are not allowed in this directory for security reasons. -->",[250],"data-esw-svg-uploader",[252],"\u002Fwp-json\u002Feasy-svg\u002Fv1\u002Fupload",[254],"easy_svg_admin_params",[]]