Title: Plugin Security
Last modified: August 31, 2016

---

# Plugin Security

 *  Resolved [CWV Brad](https://wordpress.org/support/users/cwv-brad/)
 * (@cwv-brad)
 * [10 years, 4 months ago](https://wordpress.org/support/topic/plugin-security-2/)
 * Hi,
 * We are having a new website built on the Magento platform, with a WordPress integration
   for the blog.
 * Our developers are installing the NextGen uploader plugin to allow our customers
   to upload their product shots.
 * My only concern is the security of this plugin. What file types are allowed to
   be uploaded?
    Can malicious programs be uploaded, maybe masked as an image file?
 * Can auditing process will we have over images that are uploaded?
 * In the worst case scenario, could malicious uploads bring down our whole website?
 * Thanks for your help.
 * [https://wordpress.org/plugins/nextgen-public-uploader/](https://wordpress.org/plugins/nextgen-public-uploader/)

Viewing 1 replies (of 1 total)

 *  Plugin Author [Michael Beckwith](https://wordpress.org/support/users/tw2113/)
 * (@tw2113)
 * The BenchPresser
 * [10 years, 4 months ago](https://wordpress.org/support/topic/plugin-security-2/#post-6920392)
 * As far as I’ve ever seen, we use the built-in WordPress functionality and NextGEN
   Gallery functionality to handle the uploads, so I have to believe WordPress core
   would handle the filtering and rejection of bad file types.

Viewing 1 replies (of 1 total)

The topic ‘Plugin Security’ is closed to new replies.

 * ![](https://s.w.org/plugins/geopattern-icon/nextgen-public-uploader_544d49.svg)
 * [NextGEN Public Uploader](https://wordpress.org/plugins/nextgen-public-uploader/)
 * [Frequently Asked Questions](https://wordpress.org/plugins/nextgen-public-uploader/#faq)
 * [Support Threads](https://wordpress.org/support/plugin/nextgen-public-uploader/)
 * [Active Topics](https://wordpress.org/support/plugin/nextgen-public-uploader/active/)
 * [Unresolved Topics](https://wordpress.org/support/plugin/nextgen-public-uploader/unresolved/)
 * [Reviews](https://wordpress.org/support/plugin/nextgen-public-uploader/reviews/)

 * 1 reply
 * 2 participants
 * Last reply from: [Michael Beckwith](https://wordpress.org/support/users/tw2113/)
 * Last activity: [10 years, 4 months ago](https://wordpress.org/support/topic/plugin-security-2/#post-6920392)
 * Status: resolved