[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fsAG2ABqqxvpg87gdxcDsgmmjhHnzCV0R3EubDRxAU0s":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":24,"download_link":25,"security_score":13,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28,"vulnerabilities":29,"developer":30,"crawl_stats":27,"alternatives":36,"analysis":139,"fingerprints":186},"svg-safe-uploads","SVG Safe Uploads","1.2","Muhammad Umer Shahzad","https:\u002F\u002Fprofiles.wordpress.org\u002Fumii020\u002F","\u003Cp>A lightweight WordPress plugin to safely upload and sanitize SVG files with admin controls. Enables secure SVG uploads in WordPress with sanitization and admin controls.\u003C\u002Fp>\n\u003Ch3>A brief Markdown Example\u003C\u002Fh3>\n\u003Cp>Markdown is what the parser uses to process much of the readme file.\u003C\u002Fp>\n\u003Cp>Ordered list:\u003C\u002Fp>\n\u003Col>\n\u003Cli>Install plugin\u003C\u002Fli>\n\u003Cli>Configure settings\u003C\u002Fli>\n\u003Cli>Upload SVG files\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>Unordered list:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Secure upload of SVG files\u003C\u002Fli>\n\u003Cli>Sanitization for better security\u003C\u002Fli>\n\u003Cli>Admin control settings\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Links require brackets and parenthesis:\u003C\u002Fp>\n\u003Cp>Here’s a link to \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002F\" title=\"Your favorite software\" rel=\"ugc\">WordPress\u003C\u002Fa> and one to \u003Ca href=\"https:\u002F\u002Fdaringfireball.net\u002Fprojects\u002Fmarkdown\u002Fsyntax\" rel=\"nofollow ugc\">Markdown’s Syntax Documentation\u003C\u002Fa>. Link titles are optional, naturally.\u003C\u002Fp>\n\u003Cp>Blockquotes are email style:\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>Asterisks for \u003Cem>emphasis\u003C\u002Fem>. Double it up for \u003Cstrong>strong\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Cp>And Backticks for code:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>\u003C?php code(); ?>\n\u003C\u002Fcode>\u003C\u002Fpre>\n","Securely upload SVG files in WordPress with built-in sanitization and admin settings.",20,491,100,1,"2025-06-18T16:43:00.000Z","6.8.5","5.0","7.0",[20,21,22,23],"media","security","svg","uploads","https:\u002F\u002Fgithub.com\u002FUmii010\u002Fsvg-safe-uploads","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsvg-safe-uploads.zip",0,null,"2026-03-15T15:16:48.613Z",[],{"slug":31,"display_name":7,"profile_url":8,"plugin_count":32,"total_installs":11,"avg_security_score":13,"avg_patch_time_days":33,"trust_score":34,"computed_at":35},"umii020",3,30,94,"2026-04-04T00:39:27.334Z",[37,60,76,99,121],{"slug":38,"name":39,"version":40,"author":41,"author_profile":42,"description":43,"short_description":44,"active_installs":45,"downloaded":46,"rating":47,"num_ratings":48,"last_updated":49,"tested_up_to":50,"requires_at_least":51,"requires_php":52,"tags":53,"homepage":56,"download_link":57,"security_score":34,"vuln_count":58,"unpatched_count":26,"last_vuln_date":59,"fetched_at":28},"safe-svg","Safe SVG","2.4.0","10up","https:\u002F\u002Fprofiles.wordpress.org\u002F10up\u002F","\u003Cp>Safe SVG is the best way to Allow SVG Uploads in WordPress!\u003C\u002Fp>\n\u003Cp>It gives you the ability to allow SVG uploads whilst making sure that they’re sanitized to stop SVG\u002FXML vulnerabilities affecting your site.  It also gives you the ability to preview your uploaded SVGs in the media library in all views.\u003C\u002Fp>\n\u003Ch4>Current Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Sanitised SVGs\u003C\u002Fstrong> – Don’t open up security holes in your WordPress site by allowing uploads of unsanitised files.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>SVGO Optimisation\u003C\u002Fstrong> – Runs your SVGs through the SVGO tool on upload to save you space. This feature is disabled by default but can be enabled by adding the following code: \u003Ccode>add_filter( 'safe_svg_optimizer_enabled', '__return_true' );\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>View SVGs in the Media Library\u003C\u002Fstrong> – Gone are the days of guessing which SVG is the correct one, we’ll enable SVG previews in the WordPress media library.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Choose Who Can Upload\u003C\u002Fstrong> – Restrict SVG uploads to certain users on your WordPress site or allow anyone to upload.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Initially a proof of concept for \u003Ca href=\"https:\u002F\u002Fcore.trac.wordpress.org\u002Fticket\u002F24251\" rel=\"nofollow ugc\">#24251\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>SVG Sanitization is done through the following library: \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fdarylldoyle\u002Fsvg-sanitizer\" rel=\"nofollow ugc\">https:\u002F\u002Fgithub.com\u002Fdarylldoyle\u002Fsvg-sanitizer\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>SVG Optimization is done through the following library: \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fsvg\u002Fsvgo\" rel=\"nofollow ugc\">https:\u002F\u002Fgithub.com\u002Fsvg\u002Fsvgo\u003C\u002Fa>.\u003C\u002Fp>\n","Enable SVG uploads and sanitize them to stop XML\u002FSVG vulnerabilities in your WordPress website.",1000000,12729263,98,77,"2026-01-04T21:05:00.000Z","6.9.4","6.6","7.4",[20,54,21,22,55],"mime","vector","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fsafe-svg\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsafe-svg.2.4.0.zip",6,"2024-10-17 00:00:00",{"slug":61,"name":62,"version":63,"author":64,"author_profile":65,"description":66,"short_description":67,"active_installs":68,"downloaded":69,"rating":26,"num_ratings":26,"last_updated":70,"tested_up_to":16,"requires_at_least":17,"requires_php":52,"tags":71,"homepage":74,"download_link":75,"security_score":13,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28},"secure-svg","Secure SVG Upload","1.0.3","Fahim Reza","https:\u002F\u002Fprofiles.wordpress.org\u002Fbadhonrocks\u002F","\u003Cp>\u003Cstrong>Secure SVG Upload\u003C\u002Fstrong> lets you upload SVG files to your WordPress media library. With built-in sanitization that removes harmful content while preserving valid SVG markup, this plugin offers comprehensive protection and reliable management for your vector images.\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>SVG Upload Support:\u003C\u002Fstrong> Add SVG files directly to your media library.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Automatic Sanitization:\u003C\u002Fstrong> Each SVG upload is cleaned by default to prevent security risks.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Privacy Policy\u003C\u002Fh3>\n\u003Cp>Secure SVG does not collect or store any personal data.\u003C\u002Fp>\n","Safely upload SVG files in WordPress with robust SVG support and automatic sanitization.",10,660,"2025-08-06T00:26:00.000Z",[72,21,22,73,23],"sanitize-svg","svg-upload","","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsecure-svg.1.0.3.zip",{"slug":77,"name":78,"version":79,"author":80,"author_profile":81,"description":82,"short_description":83,"active_installs":84,"downloaded":85,"rating":86,"num_ratings":87,"last_updated":88,"tested_up_to":89,"requires_at_least":90,"requires_php":18,"tags":91,"homepage":95,"download_link":96,"security_score":97,"vuln_count":14,"unpatched_count":26,"last_vuln_date":98,"fetched_at":28},"add-from-server","Add From Server","3.4.5","Dion Hulse","https:\u002F\u002Fprofiles.wordpress.org\u002Fdd32\u002F","\u003Cp>This plugin offers limited support. Please do not expect new features or too many bugfixes. Features may be removed at any time.\u003C\u002Fp>\n\u003Cp>Add From Server is designed to help ease the pain of bad web hosts, allowing you to upload files via FTP or SSH and later import them into WordPress.\u003C\u002Fp>\n\u003Cp>This plugin is NOT designed to..\u003Cbr \u002F>\n * Be used as a replacement for the file uploader\u003Cbr \u002F>\n * Be used for migration of websites\u003Cbr \u002F>\n * Re-import your files after moving webhosting\u003Cbr \u002F>\n * Batch import media\u003C\u002Fp>\n\u003Cp>This plugins IS designed to..\u003Cbr \u002F>\n * Import files which are larger than your hosting allows to be uploaded.\u003Cbr \u002F>\n * Import files which are too large for your internet connections upload speed.\u003C\u002Fp>\n\u003Cp>WordPress does a better job of file uploads than this plugin, so please consider your needs before you use it.\u003C\u002Fp>\n\u003Cp>You may also want to look at using WP-CLI for media import purposes:\u003Cbr \u002F>\nhttps:\u002F\u002Fdeveloper.wordpress.org\u002Fcli\u002Fcommands\u002Fmedia\u002Fimport\u002F\u003C\u002Fp>\n","Add From Server is designed to help ease the pain of bad web hosts, allowing you to upload files via FTP or SSH and later import them into WordPress.",70000,1319395,92,239,"2020-12-11T07:32:00.000Z","5.5.18","5.4",[92,93,20,94,23],"admin","import","post","https:\u002F\u002Fdd32.id.au\u002Fwordpress-plugins\u002Fadd-from-server\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fadd-from-server.3.4.5.zip",84,"2016-08-08 00:00:00",{"slug":100,"name":101,"version":102,"author":103,"author_profile":104,"description":105,"short_description":106,"active_installs":107,"downloaded":108,"rating":13,"num_ratings":109,"last_updated":110,"tested_up_to":50,"requires_at_least":111,"requires_php":112,"tags":113,"homepage":117,"download_link":118,"security_score":119,"vuln_count":32,"unpatched_count":26,"last_vuln_date":120,"fetched_at":28},"easy-svg","Easy SVG Support","4.1","Benjamin Zekavica","https:\u002F\u002Fprofiles.wordpress.org\u002Fbenjamin_zekavica\u002F","\u003Ch4>Direct Upload SVG Files into WordPress\u003C\u002Fh4>\n\u003Cp>EASY SVG Support is a Plugin which allows you to upload SVG Files into your Media library. This plugin was created for persons, who don’t need much options for SVG.\u003C\u002Fp>\n\u003Ch4>Features of the plugin include:\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Uploading SVG Support for WordPress\u003C\u002Fli>\n\u003Cli>Easy installation\u003C\u002Fli>\n\u003Cli>Display SVG Files in the Media Libary\u003C\u002Fli>\n\u003Cli>SVG Sanitize Files direcly \u003C\u002Fli>\n\u003Cli>SVG Sanitize – Custom Hooks for Tags and Attributes\u003C\u002Fli>\n\u003Cli>Updated for the new WordPress Gutenberg Editor\u003C\u002Fli>\n\u003Cli>Support for PHP 8.2\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Documentation & Support\u003C\u002Fh4>\n\u003Cp>Got a problem or need help with Easy SVG Support? Than you can write me an e-mail:\u003C\u002Fp>\n\u003Cp>info@benjamin-zekavica.de or you can ask your question in the forums section.\u003C\u002Fp>\n","This Plugin allows you to upload SVG Files into your Media library.",40000,348069,7,"2025-11-14T19:51:00.000Z","6.0","8.0",[100,22,114,115,116],"svg-media","svg-support","upload-svg","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Feasy-svg\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Feasy-svg.4.1.zip",96,"2026-02-18 15:01:37",{"slug":122,"name":123,"version":124,"author":125,"author_profile":126,"description":127,"short_description":128,"active_installs":107,"downloaded":129,"rating":34,"num_ratings":130,"last_updated":131,"tested_up_to":50,"requires_at_least":132,"requires_php":133,"tags":134,"homepage":137,"download_link":138,"security_score":13,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28},"media-sync","Media Sync","1.4.9","erolsk8","https:\u002F\u002Fprofiles.wordpress.org\u002Ferolsk8\u002F","\u003Cp>This plugin allows you to examine all files within the \u003Ccode>uploads\u003C\u002Fcode> directory to determine which ones are present in the Media Library and which ones are just sitting there unused. You can then choose the files you want to import into the database, thereby including them in the Media Library.\u003C\u002Fp>\n\u003Cp>Moreover, you can utilize FTP to upload files directly to the \u003Ccode>uploads\u003C\u002Fcode> directory and subsequently add these files to the Media Library avoiding any file size limitations.\u003C\u002Fp>\n\u003Ch4>Disclaimers\u003C\u002Fh4>\n\u003Col>\n\u003Cli>\n\u003Cp>“1 file first”\u003Cbr \u002F>\nPlease try to import only one file first – to see if it works as you expected.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>“All at once”\u003Cbr \u002F>\nThis plugin is designed for scanning, selecting, and importing \u003Cstrong>all files at once\u003C\u002Fstrong>. However, based on your server’s configuration, memory, and timeout challenges may arise with extensive file quantities. To mitigate this, a newly revamped \u003Ca href=\"https:\u002F\u002Fmediasyncplugin.com\u002F?utm_source=readme&utm_medium=base_plugin&utm_campaign=aao\" rel=\"nofollow ugc\">pro version\u003C\u002Fa> employs incremental directory scans to effectively tackle these issues.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>“Your setup is unique”\u003Cbr \u002F>\nPlease be aware that every WordPress installation is unique, and there may be instances where this plugin does not function as expected. Should this occur, we recommend enabling the debugging feature in the plugin’s settings to identify the issue. After investigating, kindly provide a detailed description of your findings in the Support section (or \u003Ca href=\"https:\u002F\u002Fusers.freemius.com\u002Fstore\u002F6428\u002Fsupport\" rel=\"nofollow ugc\">here\u003C\u002Fa> if you’re using pro version). The more comprehensive the details, the higher the likelihood of resolving the problem effectively.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch4>Ignored files\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>various hidden files (.DS_Store, .htaccess),\u003C\u002Fli>\n\u003Cli>WP generated thumbnails (files ending with for example -100×100.jpg),\u003C\u002Fli>\n\u003Cli>WP generated scaled images (files ending with -scaled),\u003C\u002Fli>\n\u003Cli>optimized .webp versions of original images (.jpg.webp),\u003C\u002Fli>\n\u003Cli>retina thumbnails (-100×100@2x.jpg).\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>These can be modified and enhanced using the new advanced filters available in the \u003Ca href=\"https:\u002F\u002Fmediasyncplugin.com\u002F?utm_source=readme&utm_medium=base_plugin&utm_campaign=df\" rel=\"nofollow ugc\">pro version\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>Media Sync Pro features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Revised incremental scan\u003C\u002Fstrong>: Allows scanning and importing unlimited number of files.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Quick single directory rescan\u003C\u002Fstrong>: Easily rescan one directory to find new files or apply a different filter without reloading the whole page.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Advanced filters\u003C\u002Fstrong>: Find any file by customizing all default filters, search for a specific file type (images, videos, etc.), skip by tailor-made rules, or enter any custom pattern.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Schedule automatic imports\u003C\u002Fstrong>: Select a desired interval and let the plugin automatically import any new files it finds.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Import logs\u003C\u002Fstrong>: View the history of manual or scheduled imports.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Limit plugin access\u003C\u002Fstrong>: Limit plugin access to a specific role.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Get \u003Ca href=\"https:\u002F\u002Fmediasyncplugin.com\u002F?utm_source=readme&utm_medium=base_plugin&utm_campaign=pfl\" rel=\"nofollow ugc\">pro version here\u003C\u002Fa>.\u003C\u002Fp>\n","Simple plugin to scan \"uploads\" directory and bring those files into Media Library.",527569,82,"2025-11-25T08:11:00.000Z","5.3","7.1",[135,93,20,136,23],"ftp","server","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fmedia-sync\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmedia-sync.1.4.9.zip",{"attackSurface":140,"codeSignals":173,"taintFlows":181,"riskAssessment":182,"analyzedAt":185},{"hooks":141,"ajaxHandlers":169,"restRoutes":170,"shortcodes":171,"cronEvents":172,"entryPointCount":26,"unprotectedCount":26},[142,148,153,157,162,166],{"type":143,"name":144,"callback":145,"file":146,"line":147},"action","admin_init","svg_support_register_settings","admin-settings.php",11,{"type":143,"name":149,"callback":150,"file":151,"line":152},"admin_enqueue_scripts","svg_support_admin_assets","svg-support.php",33,{"type":143,"name":154,"callback":155,"file":151,"line":156},"admin_menu","svg_support_admin_menu",47,{"type":158,"name":159,"callback":160,"file":151,"line":161},"filter","upload_mimes","svg_support_mime_types",73,{"type":158,"name":163,"callback":164,"file":151,"line":165},"wp_handle_upload_prefilter","svg_support_sanitize_svg",88,{"type":158,"name":167,"callback":168,"priority":68,"file":151,"line":47},"wp_check_filetype_and_ext","svg_support_validate_svg_upload",[],[],[],[],{"dangerousFunctions":174,"sqlUsage":175,"outputEscaping":177,"fileOperations":178,"externalRequests":26,"nonceChecks":26,"capabilityChecks":14,"bundledLibraries":180},[],{"prepared":26,"raw":26,"locations":176},[],{"escaped":178,"rawEcho":26,"locations":179},2,[],[],[],{"summary":183,"deductions":184},"The \"svg-safe-uploads\" v1.2 plugin demonstrates a strong security posture based on the provided static analysis. The absence of any identified AJAX handlers, REST API routes, shortcodes, or cron events significantly limits the attack surface. Furthermore, the code signals indicate responsible development practices, with no dangerous functions, all SQL queries using prepared statements, and all output properly escaped. The presence of a capability check and the careful handling of file operations are also positive indicators.\n\nTaint analysis showing zero flows, especially those with unsanitized paths or critical\u002Fhigh severity, further reinforces the plugin's apparent security. The vulnerability history is also clean, with no recorded CVEs, suggesting a history of secure development or diligent patching. The plugin appears to be well-maintained and developed with security in mind, lacking common web application vulnerabilities.\n\nWhile the plugin exhibits excellent security practices, the lack of any identified entry points and a capability check on only one instance might be a point of minor concern if the plugin's functionality is complex and not fully captured by the analysis. However, based on the provided data, the overall risk is very low. The plugin's strengths lie in its minimal attack surface, robust code practices, and clean vulnerability history.",[],"2026-03-16T22:44:49.297Z",{"wat":187,"direct":194},{"assetPaths":188,"generatorPatterns":190,"scriptPaths":191,"versionParams":192},[189],"\u002Fwp-content\u002Fplugins\u002Fsvg-safe-uploads\u002Fcss\u002Fadmin-style.css",[],[],[193],"svg-safe-uploads\u002Fcss\u002Fadmin-style.css?ver=",{"cssClasses":195,"htmlComments":212,"htmlAttributes":213,"restEndpoints":215,"jsGlobals":216,"shortcodeOutput":217},[196,197,198,199,200,201,202,203,204,205,206,207,208,209,210,211],"svg-dashboard","svg-dashboard-grid","svg-box","svg-settings","svg-setting-item","svg-toggle","svg-slider","svg-label","svg-instructions","svg-info","svg-info-content","svg-btn","svg-preview","svg-preview-grid","svg-preview-item","svg-rating",[],[214],"data-upload-type",[],[],[]]