Changeset 3175140
- Timestamp:
- 10/24/2024 04:33:04 PM (17 months ago)
- Location:
- gallery-for-ultimate-member/trunk
- Files:
-
- 3 edited
-
gallery-for-ultimate-member.php (modified) (1 diff)
-
includes/um-gallery-ajax.php (modified) (1 diff)
-
readme.txt (modified) (2 diffs)
Legend:
- Unmodified
- Added
- Removed
-
gallery-for-ultimate-member/trunk/gallery-for-ultimate-member.php
r3170401 r3175140 4 4 * Plugin URI: https://suiteplugins.com/ 5 5 * Description: Allow your user to upload photos from their Ultimate Member profile 6 * Version: 1.1. 06 * Version: 1.1.1 7 7 * Requires at least: 5.2 8 8 * Requires PHP: 5.4 -
gallery-for-ultimate-member/trunk/includes/um-gallery-ajax.php
r3170401 r3175140 329 329 } 330 330 331 // Check if the file type is allowed332 if ( ! in_array( $file['type'], $allowed_file_types ) ) {331 $file_info = wp_check_filetype_and_ext( $file['tmp_name'], $file['name'] ); 332 if ( ! $file_info['ext'] || ! $file_info['type'] || ! in_array( $file_info['type'], $allowed_file_types ) ) { 333 333 wp_send_json_error( array( 'message' => 'File type not allowed.' ) ); 334 334 } 335 335 336 $album_id = isset( $_POST['album_id'] ) ? absint( $_POST['album_id'] ) : 0; 336 337 $tmp_file = $file['tmp_name']; -
gallery-for-ultimate-member/trunk/readme.txt
r3170401 r3175140 6 6 Requires PHP: 5.4 7 7 Tested up to: 6.6.2 8 Stable tag: 1.1. 08 Stable tag: 1.1.1 9 9 License: GPLv2 or later 10 10 License URI: http://www.gnu.org/licenses/gpl-2.0.html … … 115 115 == Changelog == 116 116 117 = 1.1.1 = 118 Fixed: Improved file upload security 119 117 120 = 1.1.0 = 118 121 Fixed: Reported Security issue with file uploads
Note: See TracChangeset
for help on using the changeset viewer.