Enable SVG, WebP & ICO Upload

ideasToCode

Developer

1.1.4

Latest version

10,000

Installations

No date

Last updated

WordPress Plugin

No VDP

Claim ownership

Report vulnerability

Vulnerabilities

Security Contributors

Vulnerability history

2 present

3 fixed

2 Mitigation rules

Authenticated (Author+) Arbitrary File Upload via ICO Upload Bypass vulnerability
<= 1.1.2
Nov 18, 2025
Authenticated (Author+) Stored Cross-Site Scripting via SVG File Uploads vulnerability
<= 1.1.2
Nov 18, 2025
Cross Site Scripting (XSS) vulnerability
< 1.1.1
Jun 27, 2023
Authenticated Arbitrary File Upload vulnerability
<= 1.1.0
Aug 1, 2022
Authenticated Stored Cross-Site Scripting (XSS) vulnerability
<= 1.0.6
Aug 1, 2022