Enable WordPress features: SVG uploads and more.
- SVG Uploads - Allow SVG file uploads with comprehensive security sanitization
- MIME type registration
- Script/XSS detection and blocking
- XXE (XML External Entity) protection
- Event handler detection
- Obfuscation detection (Unicode/hex escapes, entity encoding)
- Automatic SVG dimension extraction (width/height and viewBox)
- 5MB file size limit
- Post-upload re-validation
composer require lwplugins/lw-enableOr download and upload to /wp-content/plugins/.
- Go to LW Plugins → Enable
- Check the features you want to enable
- Save
# List all features and their status
wp lw-enable list
# Enable a feature
wp lw-enable enable svg
# Disable a feature
wp lw-enable disable svg
# Enable all features at once
wp lw-enable enable-all
# Disable all features (restore defaults)
wp lw-enable disable-allAvailable features:
| Feature | Description |
|---|---|
svg |
SVG file uploads with security sanitization |
SVG files can contain malicious code. This plugin performs comprehensive sanitization before allowing uploads:
- 34 dangerous patterns detected (scripts, event handlers, external entities, data URIs, etc.)
- Entity decoding to catch obfuscated payloads
- XML validation via DOMDocument
- Post-upload verification - files are re-checked after WordPress processes them
- Automatic cleanup - invalid files are deleted immediately
Supported by Sinann
