diff --git a/http/misconfiguration/wordpress/wp-safe-svg-fpd.yaml b/http/misconfiguration/wordpress/wp-safe-svg-fpd.yaml
new file mode 100644
index 00000000000..bd6f4ec22b5
--- /dev/null
+++ b/http/misconfiguration/wordpress/wp-safe-svg-fpd.yaml
@@ -0,0 +1,41 @@
+id: wp-safe-svg-fpd
+
+info:
+  name: WordPress Plugin Safe SVG - Full Path Disclosure
+  author: ritikchaddha
+  severity: low
+  description: |
+    WordPress Safe SVG plugin is vulnerable to full path disclosure via direct access to plugin files.
+  reference:
+    - https://wordpress.org/plugins/safe-svg/
+  metadata:
+    verified: true
+    max-request: 3
+    vendor: developer
+    product: safe-svg
+    framework: wordpress
+    fofa-query: body="/wp-content/plugins/safe-svg/"
+  tags: wp,wordpress,wp-plugin,fpd,safe-svg,exposure
+
+http:
+  - method: GET
+    path:
+      - "{{BaseURL}}/wp-content/plugins/safe-svg/includes/class-safe-svg.php"
+      - "{{BaseURL}}/wp-content/plugins/safe-svg/lib/vendor/enshrined/svg-sanitize/src/Sanitizer.php"
+      - "{{BaseURL}}/wp-content/plugins/safe-svg/lib/safe-svg-tags.php"
+
+    stop-at-first-match: true
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "Fatal error"
+          - "safe-svg"
+          - "Uncaught Error:"
+        condition: and
+
+      - type: status
+        status:
+          - 200