Using file uploder user can upload any file with description, blog admin/site owner will get a email notification of uploaded file with attachment.
I just downloaded the plugin and can confirm the aforementioned security vulnerabilites do exist. I personally know of at least 1 site that has been defaced because of this plugin, and if active all 11,200 downloaders are vulnerable. DO NOT USE
[Title moderated - Don't shout at us]
If you put this on your site and a hacker finds it they will own your site, and at worst they will own your entire server. No contact information for the author, but hopefully the WordPress security team takes this down when I contact them.
i changed the code a little bit, and it's awesome!
thank you very much, it's perfect for your first plugin!
You must log in to submit a review. You can also log in or register using the form near the top of this page.