Security vulnerabilities during media replacement

  • Hi,

    I replaced the media using the plugin and then clicked ‘Upload’.

    Cloudflare blocked code execution and returned an Adobe ColdFusion - Dangerous File Upload error for this URL https://mysite.com/wp-admin/upload.php?_wpnonce=6f2c866315&action=media_replace_upload&attachment_id=15561&page=enable-media-replace/enable-media-replace.php , making media replacing impossible.

    View post on imgur.com

    Can you please secure the code when replacing the media so that Cloudflare doesn’t block code execution?

Viewing 1 replies (of 1 total)
  • Plugin Author Pedro

    (@petredobrescu)

    Hello @tomaszraczek,

    Can you please tell us what kind of security settings you have enabled for the website in discussion? Are you able to upload files in the Media Library? What type of file were you trying to replace, is it an image or another file type? Unless any file upload is protected I’m not aware of a reason why the usage of our plugin would get blocked.

    It would also help to know the list of the active plugins on the site, so if you could send us the site information (from Tools -> Site Health -> Info -> Copy site info to clipboard), that would get us closer to reproducing this situation in our test environments.

    Thanks, I look forward to getting more information!

Viewing 1 replies (of 1 total)
  • The topic ‘Security vulnerabilities during media replacement’ is closed to new replies.