WordPress.org

Ready to get started?Download WordPress

Forums

Why upload function does not check the MIME Type of the uploaded file (2 posts)

  1. yaohaixiao@gmail.com
    Member
    Posted 1 year ago #

    WordPress is used by personal website, but I think it should check the MIME type for security.

    WP 3.5.1 can change the extension php to gif, then I can upload as an image.

  2. Mustafa Uysal
    Member
    Posted 1 year ago #

    WordPress already checking mime types. Default supported formats are here - http://core.trac.wordpress.org/browser/tags/3.5.1/wp-includes/functions.php#L1883

Topic Closed

This topic has been closed to new replies.

About this Topic