Enable SVG, WebP, and ICO Upload
By default, WordPress does not allow uploading file formats like SVG, WebP, and ICO (in some hostings) citing security reasons. These files are becoming very popular and in fact, are recommended by popular web speed scan platforms like Google PageSpeed Insights or Gtmetrix to resolve the serve images in nextgen formats. Thus, this FREE PLUGIN will enable you to upload these files.
Simply install the plugin and your WordPress website now can easily accept media in SVG, WebP, and ICO format. You will also have an option to disable some or all images format (of the three) as required.
Tutorial video
If you want to learn more about the plugin – please check our website – ideastocode.com.
CVE History
| CVE | Published | CVSS v3 | CVSS v2 |
|---|---|---|---|
| 8.8 HIGH | — | ||
The Enable SVG, WebP, and ICO Upload plugin for WordPress is vulnerable to arbitrary file upload in all versions up to, and including, 1.1.3. This is due to insufficient file type validation detecting ICO files, allowing double extension files with the appropriate magic bytes to bypass sanitization while being accepted as a valid ICO file. This makes it possible for authenticated attackers, with author-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible. | |||