[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fnBwkaoPaoMZRX1vvEFWbmGOjpngTOw8zGEwjBl-_XpA":3,"$f9HC_AnVUSGeQTWU70uyEoreDj6E49_hx23ubK1U-d4A":212,"$fyLhDkOYhmBpqV8owZVfmBDB4XPA4FwsSveMihRAwgfI":217},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":17,"download_link":21,"security_score":22,"vuln_count":23,"unpatched_count":13,"last_vuln_date":24,"fetched_at":25,"discovery_status":26,"vulnerabilities":27,"developer":45,"crawl_stats":33,"alternatives":51,"analysis":151,"fingerprints":197},"your-simple-svg-support","Your Simple SVG Support","1.0.3","Vladyslav Lykhenko","https:\u002F\u002Fprofiles.wordpress.org\u002Fobbdpu\u002F","\u003Cp>Your Simple SVG Support is a lightweight and user-friendly plugin that allows you to upload and use SVG images on your WordPress site without any complex configuration. SVG (Scalable Vector Graphics) is a vector image format that ensures high-quality graphics on any screen resolution, making it perfect for logos, icons, and responsive designs.\u003C\u002Fp>\n","Your Simple SVG Support plugin for Enabling SVG Uploads in WordPress.",20,717,0,"2025-12-07T06:31:00.000Z","6.9.4","5.5","",[19,20],"support","svg","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fyour-simple-svg-support.1.0.3.zip",99,1,"2025-03-24 21:16:05","2026-04-16T10:56:18.058Z","no_bundle",[28],{"id":29,"url_slug":30,"title":31,"description":32,"plugin_slug":4,"theme_slug":33,"affected_versions":34,"patched_in_version":35,"severity":36,"cvss_score":37,"cvss_vector":38,"vuln_type":39,"published_date":24,"updated_date":40,"references":41,"days_to_patch":23,"patch_diff_files":43,"patch_trac_url":33,"research_status":33,"research_verified":44,"research_rounds_completed":13,"research_plan":33,"research_summary":33,"research_vulnerable_code":33,"research_fix_diff":33,"research_exploit_outline":33,"research_model_used":33,"research_started_at":33,"research_completed_at":33,"research_error":33,"poc_status":33,"poc_video_id":33,"poc_summary":33,"poc_steps":33,"poc_tested_at":33,"poc_wp_version":33,"poc_php_version":33,"poc_playwright_script":33,"poc_exploit_code":33,"poc_has_trace":44,"poc_model_used":33,"poc_verification_depth":33},"CVE-2025-2542","your-simple-svg-support-authenticated-author-stored-cross-site-scripting-via-svg-file-upload","Your Simple SVG Support \u003C= 1.0.1 - Authenticated (Author+) Stored Cross-Site Scripting via SVG File Upload","The Your Simple SVG Support plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.0.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses the SVG file.",null,"\u003C=1.0.1","1.0.2","medium",6.4,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:N\u002FS:C\u002FC:L\u002FI:L\u002FA:N","Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')","2025-03-25 09:22:02",[42],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F1aa9d836-4e13-4c6a-b1e6-a8f984805842?source=api-prod",[],false,{"slug":46,"display_name":7,"profile_url":8,"plugin_count":47,"total_installs":48,"avg_security_score":49,"avg_patch_time_days":23,"trust_score":49,"computed_at":50},"obbdpu",3,90,100,"2026-05-20T08:05:43.600Z",[52,77,97,118,133],{"slug":53,"name":54,"version":55,"author":56,"author_profile":57,"description":58,"short_description":59,"active_installs":60,"downloaded":61,"rating":62,"num_ratings":63,"last_updated":64,"tested_up_to":15,"requires_at_least":65,"requires_php":66,"tags":67,"homepage":73,"download_link":74,"security_score":75,"vuln_count":11,"unpatched_count":13,"last_vuln_date":76,"fetched_at":25},"themeisle-companion","Orbit Fox: Duplicate Page, Menu Icons, SVG Support, Cookie Notice, Custom Fonts & More","3.0.5","Themeisle","https:\u002F\u002Fprofiles.wordpress.org\u002Fthemeisle\u002F","\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FfoS_QbuY-Lg?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Ch3>Why Choose Orbit Fox?\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>All Essential Website Features in One Place\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Orbit Fox includes all the popular functionality most site owners need: SVG support, social sharing, website templates, custom fonts, stock photos, page builder widgets, menu icons, and site customization tools.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Eliminate Plugin Bloat\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Replace over a dozen individual utility plugins with just one solution. Reduce plugin management complexity, minimize potential conflicts, and keep your WordPress dashboard organized.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Smart Performance Optimization\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Modules only load when enabled and are compatible with your existing theme and plugins, ensuring optimal site performance and preventing conflicts.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Save Time on Setup and Maintenance\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Skip installing a dozen separate plugins when building new sites. Get fully functional websites in minutes, not hours. Plus, maintain just one plugin instead of managing multiple updates, settings, and compatibility issues.\u003C\u002Fp>\n\u003Ch3>Orbit Fox Modules\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>Content & Design:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Website Templates – 45+ professional starter website templates to choose from\u003C\u002Fli>\n\u003Cli>Custom Fonts – Upload and use any custom font on your website\u003C\u002Fli>\n\u003Cli>Reading Progress Bar – Increase engagement with a visual reading progress indicator\u003C\u002Fli>\n\u003Cli>SVG Support – Enable safe SVG file uploads\u003C\u002Fli>\n\u003Cli>Free Stock Photos – 1,300+ free images to use for personal and commercial purposes\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Page Building & Widgets:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Elementor Widgets – Add 6 popular widgets to Elementor\u003C\u002Fli>\n\u003Cli>Beaver Builder Modules – Add 6 popular modules to Beaver Builder\u003C\u002Fli>\n\u003Cli>Customize Login Page – Change the design of your site’s login page and customize your login form\u003C\u002Fli>\n\u003Cli>Duplicate Page or Post – Duplicate any post or page on your website with one click\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>User Experience:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Social Share Buttons – Add social sharing buttons to your website with mobile\u002Fdesktop optimization\u003C\u002Fli>\n\u003Cli>Menu Icons – Add icons to any menu\u003C\u002Fli>\n\u003Cli>GDPR\u002FCCPA Cookie Notice – Show GDPR\u002FCCPA-compliant cookie notifications\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Site Management:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Header and Footer Scripts – Add tracking codes and custom CSS\u002FJS\u003C\u002Fli>\n\u003Cli>Disable Comments – Site-wide comment control\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Works With Any Theme\u003C\u002Fh3>\n\u003Cp>Orbit Fox is designed to work seamlessly with all WordPress themes. For the best experience, pair it with our professional themes like \u003Ca href=\"https:\u002F\u002Fthemeisle.com\u002Fthemes\u002Fneve\u002F\" rel=\"nofollow ugc\">\u003Cstrong>Neve\u003C\u002Fstrong>\u003C\u002Fa> and \u003Ca href=\"https:\u002F\u002Fthemeisle.com\u002Fthemes\u002Fhestia\u002F\" rel=\"nofollow ugc\">\u003Cstrong>Hestia\u003C\u002Fstrong>\u003C\u002Fa> – built by the same team for perfect integration.\u003C\u002Fp>\n\u003Ch3>Who Should Use Orbit Fox\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>WordPress Beginners\u003C\u002Fstrong> – Get professional features without the learning curve\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Freelancers & Agencies\u003C\u002Fstrong> – Build efficient, streamlined client websites\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Website Owners\u003C\u002Fstrong> – Access essential functionality through one organized solution\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Anyone\u003C\u002Fstrong> who wants commonly needed features without multiple plugin installations\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Support\u003C\u002Fh3>\n\u003Cp>We’re here to help. Feel free to open a new thread on the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fthemeisle-companion\u002F\" rel=\"ugc\">Support Forum\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>Documentation\u003C\u002Fh3>\n\u003Cp>Need help getting started? Check out our \u003Ca href=\"https:\u002F\u002Fdocs.themeisle.com\u002Farticle\u002F951-orbit-fox-documentation\" rel=\"nofollow ugc\">complete documentation\u003C\u002Fa> for step-by-step guides on every feature.\u003C\u002Fp>\n\u003Ch3>Useful Resources\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>If you like Orbit Fox, you’re sure to love \u003Ca href=\"https:\u002F\u002Fthemeisle.com\u002Fwordpress-plugins\u002F\" rel=\"nofollow ugc\">our other plugins\u003C\u002Fa> as well.\u003C\u002Fli>\n\u003Cli>Learn more about WordPress on our \u003Ca href=\"https:\u002F\u002Fthemeisle.com\u002Fblog\u002F\" rel=\"nofollow ugc\">blog\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>Get the most out of your WordPress website with our helpful \u003Ca href=\"https:\u002F\u002Fyoutube.com\u002Fplaylist?list=PLmRasCVwuvpSep2MOsIoE0ncO9JE3FcKP\" rel=\"nofollow ugc\">YouTube Tutorials\u003C\u002Fa>.\u003C\u002Fli>\n\u003C\u002Ful>\n","Add modules like share buttons, header & footer scripts, disable comments, reading progress bar, custom fonts, custom login page & more in one plugin.",100000,13588848,96,317,"2026-03-16T13:11:00.000Z","5.3","7.4",[68,69,70,71,72],"cookie-notice","duplicate-page","login-customizer","share-buttons","svg-support","https:\u002F\u002Forbitfox.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fthemeisle-companion.zip",87,"2025-11-03 00:00:00",{"slug":78,"name":79,"version":80,"author":81,"author_profile":82,"description":83,"short_description":84,"active_installs":85,"downloaded":86,"rating":49,"num_ratings":87,"last_updated":88,"tested_up_to":15,"requires_at_least":89,"requires_php":90,"tags":91,"homepage":94,"download_link":95,"security_score":62,"vuln_count":47,"unpatched_count":13,"last_vuln_date":96,"fetched_at":25},"easy-svg","Easy SVG Support","4.1","Benjamin Zekavica","https:\u002F\u002Fprofiles.wordpress.org\u002Fbenjamin_zekavica\u002F","\u003Ch4>Direct Upload SVG Files into WordPress\u003C\u002Fh4>\n\u003Cp>EASY SVG Support is a Plugin which allows you to upload SVG Files into your Media library. This plugin was created for persons, who don’t need much options for SVG.\u003C\u002Fp>\n\u003Ch4>Features of the plugin include:\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Uploading SVG Support for WordPress\u003C\u002Fli>\n\u003Cli>Easy installation\u003C\u002Fli>\n\u003Cli>Display SVG Files in the Media Libary\u003C\u002Fli>\n\u003Cli>SVG Sanitize Files direcly \u003C\u002Fli>\n\u003Cli>SVG Sanitize – Custom Hooks for Tags and Attributes\u003C\u002Fli>\n\u003Cli>Updated for the new WordPress Gutenberg Editor\u003C\u002Fli>\n\u003Cli>Support for PHP 8.2\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Documentation & Support\u003C\u002Fh4>\n\u003Cp>Got a problem or need help with Easy SVG Support? Than you can write me an e-mail:\u003C\u002Fp>\n\u003Cp>info@benjamin-zekavica.de or you can ask your question in the forums section.\u003C\u002Fp>\n","This Plugin allows you to upload SVG Files into your Media library.",40000,353028,7,"2025-11-14T19:51:00.000Z","6.0","8.0",[78,20,92,72,93],"svg-media","upload-svg","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Feasy-svg\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Feasy-svg.4.1.zip","2026-02-18 15:01:37",{"slug":98,"name":99,"version":100,"author":101,"author_profile":102,"description":103,"short_description":104,"active_installs":105,"downloaded":106,"rating":49,"num_ratings":107,"last_updated":108,"tested_up_to":15,"requires_at_least":109,"requires_php":110,"tags":111,"homepage":114,"download_link":115,"security_score":22,"vuln_count":116,"unpatched_count":13,"last_vuln_date":117,"fetched_at":25},"wp-svg-images","WP SVG Images","4.4","ShortPixel","https:\u002F\u002Fprofiles.wordpress.org\u002Fshortpixel\u002F","\u003Cp>\u003Cstrong>Securely upload SVG files to your Media Library. Uploaded SVG files are automatically sanitized.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>SVG stands for \u003Ca href=\"https:\u002F\u002Fen.wikipedia.org\u002Fwiki\u002FScalable_Vector_Graphics\" rel=\"nofollow ugc\">Scalable Vector Graphics\u003C\u002Fa> and is probably the most efficient way to display images.\u003Cbr \u002F>\nWP SVG Images Plugin is an \u003Cstrong>easy-to-use and lightweight plugin\u003C\u002Fstrong> that allows you to upload SVG files to your media library safely and easily.\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Support for SVG uploads to your Media Library.\u003C\u002Fli>\n\u003Cli>Sanitize uploaded SVG files. Malicious SVG\u002FXML files are rejected from upload.\u003C\u002Fli>\n\u003Cli>Admin configurable SVG support for different user roles. Ability to disable SVG upload for different user roles.\u003C\u002Fli>\n\u003Cli>Different user roles can upload and\u002For sanitize the uploaded SVG images.\u003C\u002Fli>\n\u003Cli>SVG preview in Media Library.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Support\u003C\u002Fh4>\n\u003Cp>24\u002F7 SVG support offered by \u003Ca href=\"https:\u002F\u002Fshortpixel.com\" rel=\"nofollow ugc\">ShortPixel\u003C\u002Fa> \u003Ca href=\"https:\u002F\u002Fshortpixel.com\u002Fcontact\" rel=\"nofollow ugc\">here\u003C\u002Fa> or \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fwp-svg-images\u002F\" rel=\"ugc\">here\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>Recommended plugins\u003C\u002Fh4>\n\u003Cp>This plugin is supported & maintained by \u003Ca href=\"https:\u002F\u002Fshortpixel.com\u002F\" rel=\"nofollow ugc\">ShortPixel\u003C\u002Fa>.\u003Cbr \u002F>\nOther popular plugins by ShortPixel:\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Ffastpixel-website-accelerator\u002F\" rel=\"ugc\">FastPixel Caching\u003C\u002Fa> – WP Optimization made easy\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fshortpixel-image-optimiser\u002F\" rel=\"ugc\">ShortPixel Image Optimizer\u003C\u002Fa> – Image optimization & compression for all the images on your website, including WebP delivery – ShortPixel Image Optimizer.\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fshortpixel-adaptive-images\u002F\" rel=\"ugc\">ShortPixel Adaptive Images\u003C\u002Fa> – On-the-fly image optimization & CDN delivery.\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fenable-media-replace\u002F\" rel=\"ugc\">Enable Media Replace\u003C\u002Fa> – Easily replace images or files in Media Library.\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fregenerate-thumbnails-advanced\u002F\" rel=\"ugc\">reGenerate Thumbnails Advanced\u003C\u002Fa> – Easily regenerate thumbnails.\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fresize-image-after-upload\u002F\" rel=\"ugc\">Resize Image After Upload\u003C\u002Fa> – Automatically resize each uploaded image.\u003C\u002Fp>\n\u003Ch3>Hooks for developers\u003C\u002Fh3>\n\u003Ch4>WPSVG_setAllowedTags\u003C\u002Fh4>\n\u003Cp>Allows you to specify more tags that will be not removed during sanitization\u003C\u002Fp>\n\u003Cpre>\u003Ccode>add_filter( 'WPSVG_setAllowedTags', 'my_custom_allowed_svg_tags', 10, 1 );\nfunction my_custom_allowed_svg_tags( $tags ){\n    $tags[] = 'path';\n    return $tags;\n}\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch4>WPSVG_setAllowedAttrs\u003C\u002Fh4>\n\u003Cp>Allows you to specify more attributes that will be not removed during sanitization\u003C\u002Fp>\n\u003Cpre>\u003Ccode>add_filter( 'WPSVG_setAllowedAttrs', 'my_custom_allowed_svg_attributes', 10, 1 );\nfunction my_custom_allowed_svg_attributes( $attributes ){\n    $attributes[] = 'fill';\n    return $attributes;\n}\n\u003C\u002Fcode>\u003C\u002Fpre>\n","Add SVG support to your WP website. Securely upload SVG files, automatic sanitization, Media Library preview.",30000,306796,12,"2025-12-10T11:53:00.000Z","3.0.1","5.6.40",[112,20,72,113],"sanitization","svg-upload","https:\u002F\u002Fshortpixel.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-svg-images.4.4.zip",2,"2024-06-20 00:00:00",{"slug":93,"name":119,"version":6,"author":120,"author_profile":121,"description":122,"short_description":123,"active_installs":124,"downloaded":125,"rating":49,"num_ratings":116,"last_updated":126,"tested_up_to":15,"requires_at_least":127,"requires_php":128,"tags":129,"homepage":17,"download_link":132,"security_score":49,"vuln_count":13,"unpatched_count":13,"last_vuln_date":33,"fetched_at":25},"Upload SVG","html5maps","https:\u002F\u002Fprofiles.wordpress.org\u002Fhtml5maps\u002F","\u003Cp>Upload SVG is a secure and user-friendly WordPress plugin that allows you to safely upload and manage SVG files in your Media Library. SVG files can potentially contain malicious code, but with Upload SVG, you can enable automatic sanitization to prevent XML\u002FSVG vulnerabilities on your website. This plugin ensures your SVG uploads are handled with enhanced security while offering a seamless user experience.\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Securely upload SVG files to your Media Library.\u003C\u002Fli>\n\u003Cli>Enable automatic sanitization to protect against XML\u002FSVG vulnerabilities.\u003C\u002Fli>\n\u003Cli>Effortlessly manage and preview SVG files in your Media Library.\u003C\u002Fli>\n\u003Cli>Restrict SVG uploads to trusted user roles for additional security.\u003C\u002Fli>\n\u003Cli>Seamless integration with the latest version of WordPress.\u003C\u002Fli>\n\u003Cli>Lightweight and optimized for optimal performance.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>SVG Sanitization is implemented using the following library: \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fdarylldoyle\u002Fsvg-sanitizer\" rel=\"nofollow ugc\">https:\u002F\u002Fgithub.com\u002Fdarylldoyle\u002Fsvg-sanitizer\u003C\u002Fa>.\u003C\u002Fp>\n","Safely enable SVG uploads with sanitization and prevent XML\u002FSVG vulnerabilities on your WordPress website. Preview SVG files in your Media Library.",1000,8760,"2025-12-03T15:44:00.000Z","5.7","7.1",[130,20,72,113,131],"sanitize","upload","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fupload-svg.1.0.3.zip",{"slug":134,"name":135,"version":6,"author":136,"author_profile":137,"description":138,"short_description":139,"active_installs":140,"downloaded":141,"rating":13,"num_ratings":13,"last_updated":142,"tested_up_to":143,"requires_at_least":144,"requires_php":128,"tags":145,"homepage":148,"download_link":149,"security_score":150,"vuln_count":13,"unpatched_count":13,"last_vuln_date":33,"fetched_at":25},"svg-enabler","SVG Enabler","Optimist Hub","https:\u002F\u002Fprofiles.wordpress.org\u002Foptimisthub\u002F","\u003Cp>This plugin gives you the ability to allow SVG uploads whilst making sure that they’re sanitized to stop SVG\u002FXML vulnerabilities affecting your site.\u003C\u002Fp>\n","This plugin gives you the ability to allow SVG uploads whilst making sure that they’re sanitized to stop SVG\u002FXML vulnerabilities affecting your site.",30,2868,"2023-02-07T17:03:00.000Z","6.1.10","5.0",[146,72,113,147],"allow-svg-upload","svg-upload-enabler","https:\u002F\u002Fgithub.com\u002Foptimisthub\u002Fwordpress-svg-enabler","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsvg-enabler.1.0.3.zip",85,{"attackSurface":152,"codeSignals":178,"taintFlows":185,"riskAssessment":186,"analyzedAt":196},{"hooks":153,"ajaxHandlers":174,"restRoutes":175,"shortcodes":176,"cronEvents":177,"entryPointCount":13,"unprotectedCount":13},[154,161,165,169],{"type":155,"name":156,"callback":157,"priority":158,"file":159,"line":160},"filter","wp_check_filetype_and_ext","closure",10,"your-simple-svg-support.php",50,{"type":155,"name":162,"callback":163,"file":159,"line":164},"wp_handle_upload_prefilter","your_simple_sanitize_svg",66,{"type":155,"name":166,"callback":167,"file":159,"line":168},"upload_mimes","your_simple_allow_svg_upload",74,{"type":170,"name":171,"callback":172,"file":159,"line":173},"action","admin_enqueue_scripts","your_simple_fix_svg_thumb_display",79,[],[],[],[],{"dangerousFunctions":179,"sqlUsage":180,"outputEscaping":182,"fileOperations":116,"externalRequests":13,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":184},[],{"prepared":13,"raw":13,"locations":181},[],{"escaped":13,"rawEcho":13,"locations":183},[],[],[],{"summary":187,"deductions":188},"The 'your-simple-svg-support' plugin v1.0.3 exhibits a strong security posture based on the static analysis, with no identified dangerous functions, fully prepared SQL statements, and properly escaped output. The complete absence of AJAX handlers, REST API routes, shortcodes, or cron events with unprotected entry points significantly reduces the attack surface. Furthermore, the taint analysis indicates no flows with unsanitized paths, suggesting robust input handling within the analyzed code segments. The plugin also shows no bundled libraries, negating risks associated with outdated third-party components.\n\nDespite the promising static analysis, a critical concern arises from the vulnerability history. The plugin has one known CVE, although it is currently unpatched and was reported as a medium severity Cross-site Scripting (XSS) vulnerability. While the static analysis for this version shows no XSS vulnerabilities, the historical presence of such issues, even if patched in later versions, warrants careful consideration. This suggests that while the current version appears clean, past vulnerabilities may indicate a recurring pattern or a need for continuous security scrutiny for this plugin.\n\nIn conclusion, the current version of 'your-simple-svg-support' demonstrates good security practices in its code, particularly regarding SQL and output sanitization, and a minimal attack surface. However, the past XSS vulnerability, even if resolved in subsequent versions, is a significant drawback that necessitates vigilance. The strength lies in its clean code, while the weakness lies in its historical security track record, indicating a need for ongoing monitoring.",[189,191,194],{"reason":190,"points":158},"Medium severity XSS vulnerability in history",{"reason":192,"points":193},"No Nonce checks found",5,{"reason":195,"points":193},"No Capability checks found","2026-03-16T23:04:38.490Z",{"wat":198,"direct":205},{"assetPaths":199,"generatorPatterns":201,"scriptPaths":202,"versionParams":203},[200],"\u002Fwp-content\u002Fplugins\u002Fyour-simple-svg-support\u002Fcss\u002Fyour_simple_svg_support_style.css",[],[],[204],"your-simple-svg-support\u002Fcss\u002Fyour_simple_svg_support_style.css?ver=",{"cssClasses":206,"htmlComments":207,"htmlAttributes":208,"restEndpoints":209,"jsGlobals":210,"shortcodeOutput":211},[],[],[],[],[],[],{"error":213,"url":214,"statusCode":215,"statusMessage":216,"message":216},true,"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Fyour-simple-svg-support\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":218,"versions":219},4,[220,225,231,239],{"version":6,"download_url":21,"svn_tag_url":221,"released_at":33,"has_diff":44,"diff_files_changed":222,"diff_lines":33,"trac_diff_url":223,"vulnerabilities":224,"is_current":213},"https:\u002F\u002Fplugins.svn.wordpress.org\u002Fyour-simple-svg-support\u002Ftags\u002F1.0.3\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fyour-simple-svg-support%2Ftags%2F1.0.2&new_path=%2Fyour-simple-svg-support%2Ftags%2F1.0.3",[],{"version":35,"download_url":226,"svn_tag_url":227,"released_at":33,"has_diff":44,"diff_files_changed":228,"diff_lines":33,"trac_diff_url":229,"vulnerabilities":230,"is_current":44},"https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fyour-simple-svg-support.1.0.2.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fyour-simple-svg-support\u002Ftags\u002F1.0.2\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fyour-simple-svg-support%2Ftags%2F1.0.1&new_path=%2Fyour-simple-svg-support%2Ftags%2F1.0.2",[],{"version":232,"download_url":233,"svn_tag_url":234,"released_at":33,"has_diff":44,"diff_files_changed":235,"diff_lines":33,"trac_diff_url":236,"vulnerabilities":237,"is_current":44},"1.0.1","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fyour-simple-svg-support.1.0.1.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fyour-simple-svg-support\u002Ftags\u002F1.0.1\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fyour-simple-svg-support%2Ftags%2F1.0.0&new_path=%2Fyour-simple-svg-support%2Ftags%2F1.0.1",[238],{"id":29,"url_slug":30,"title":31,"severity":36,"cvss_score":37,"vuln_type":39,"patched_in_version":35},{"version":240,"download_url":241,"svn_tag_url":242,"released_at":33,"has_diff":44,"diff_files_changed":243,"diff_lines":33,"trac_diff_url":33,"vulnerabilities":244,"is_current":44},"1.0.0","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fyour-simple-svg-support.1.0.0.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fyour-simple-svg-support\u002Ftags\u002F1.0.0\u002F",[],[245],{"id":29,"url_slug":30,"title":31,"severity":36,"cvss_score":37,"vuln_type":39,"patched_in_version":35}]