Add global mime upload notes to readmes

[jeffpaul]

Description of the Change

This pull request updates the documentation in both README.md and readme.txt to clarify the security considerations around SVG upload handling in WordPress. The new sections explain why Safe SVG does not globally enable SVG uploads and detail the limitations imposed by WordPress’s upload API, emphasizing the plugin’s focus on security over broad compatibility.

Documentation updates regarding SVG upload security:

• Added a "Technical: Upload Path Security" section to both README.md and readme.txt, explaining that WordPress’s _wp_handle_upload() function allows arbitrary actions, making it impossible for Safe SVG to guarantee sanitization across all upload paths. [1] [2]
• Added a "Why doesn't Safe SVG globally enable SVG uploads?" section to both documentation files, describing the risks of globally enabling SVG uploads and reinforcing the plugin’s design decision to only allow SVGs through upload paths it can actively sanitize. [1] [2]

Relates to #286, #296.

How to test the Change

Changelog Entry

Developer - Added docs on recommendation against globally enabling SVG MIME types.

Credits

Props @darylldoyle, @jeffpaul.

Checklist:

• I agree to follow this project's Code of Conduct.
• I have updated the documentation accordingly.
• I have added Critical Flows, Test Cases, and/or End-to-End Tests to cover my change.
• All new and existing tests pass.