Lord of the Files: Enhanced Upload Security

Lord of the Files: Enhanced Upload Security

WordPress relies mostly on name-based validation when deciding whether or not to allow a particular file, leaving the door open for various kinds of attacks.

Lord of the Files adds to this content-based validation and sanitizing, making sure that files are what they say they are and safe for inclusion on your site.

The main features include:

  • Robust real filetype detection;
  • Full MIME alias mapping;
  • SVG sanitization (if SVG uploads have been whitelisted);
  • File upload debugger;
  • Fixes issues related to #40175 that have been present since WordPress 4.7.1.

Screenshots

Changelog

0.8.4
misc Update MIME database.
0.8.3
misc Update MIME database.
0.8.2
misc Update MIME database.
0.8.1
fix Core wp-admin/includes/plugin.php is not always loaded for CRON jobs.
0.8.0
improvement Plugin contributor change monitoring is now handled more efficiently.
misc Update MIME database.