WP-Safety

Easy File Upload & Approval – A Simple File Submission & Review System Security & Risk Analysis

wordpress.org/plugins/easy-file-upload-approval

Easily manage drag & drop file uploads with review and approval. Perfect for job forms, contests, print shops, and teachers.

20 active installs v1.0.0 PHP + WP 6.0+ Updated Feb 20, 2026
approvaldrag-and-dropfile-managementfile-uploaduploader
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Easy File Upload & Approval – A Simple File Submission & Review System Safe to Use in 2026?

Generally Safe

Score 100/100

Easy File Upload & Approval – A Simple File Submission & Review System has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1mo ago
Risk Assessment

The "easy-file-upload-approval" plugin v1.0.0 exhibits a mixed security posture. It demonstrates good practices in most areas, with a high percentage of prepared SQL statements and properly escaped outputs. The plugin also includes a reasonable number of nonce and capability checks, and has no recorded historical vulnerabilities, suggesting a generally well-maintained codebase. However, the presence of two unprotected AJAX handlers represents a significant concern, as these can be directly invoked by unauthenticated users, potentially leading to unauthorized actions. Furthermore, the taint analysis revealed two flows with unsanitized paths, which, although not classified as critical or high severity in the provided data, warrant careful investigation as they could be vectors for path traversal or similar attacks if exploited.

Key Concerns

  • Unprotected AJAX handlers
  • Flows with unsanitized paths
Vulnerabilities
None known

Easy File Upload & Approval – A Simple File Submission & Review System Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

Easy File Upload & Approval – A Simple File Submission & Review System Code Analysis

Dangerous Functions
0
Raw SQL Queries
4
28 prepared
Unescaped Output
4
373 escaped
Nonce Checks
15
Capability Checks
5
File Operations
3
External Requests
1
Bundled Libraries
0

SQL Query Safety

88% prepared32 total queries

Output Escaping

99% escaped377 total outputs
Data Flows
2 unsanitized

Data Flow Analysis

3 flows2 with unsanitized paths
process_bulk_action (includes\admin\class-easyfua-submissions-files.php:453)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
2 unprotected

Easy File Upload & Approval – A Simple File Submission & Review System Attack Surface

Entry Points8
Unprotected2

AJAX Handlers 7

authwp_ajax_easyfua_reject_filesadmin\class-easyfua-admin.php:82
authwp_ajax_easyfua_uploadincludes\front-end\class-easyfua-file-handler.php:39
noprivwp_ajax_easyfua_uploadincludes\front-end\class-easyfua-file-handler.php:40
authwp_ajax_easyfua_deleteincludes\front-end\class-easyfua-file-handler.php:43
noprivwp_ajax_easyfua_deleteincludes\front-end\class-easyfua-file-handler.php:44
authwp_ajax_easyfua_rest_noncepublic\class-easyfua-frontend.php:74
noprivwp_ajax_easyfua_rest_noncepublic\class-easyfua-frontend.php:75

Shortcodes 1

[easyfua_upload] public\class-easyfua-frontend.php:64
WordPress Hooks 19
actionadmin_enqueue_scriptsadmin\class-easyfua-admin.php:64
actionadmin_menuadmin\class-easyfua-admin.php:65
actionadmin_initadmin\class-easyfua-admin.php:66
actionadmin_initadmin\class-easyfua-admin.php:73
filterrobots_txtadmin\class-easyfua-admin.php:85
actionplugins_loadedeasy-file-upload-approval.php:62
actioneasyfua_all_files_reviewedincludes\email\class-easyfua-email-manager.php:54
actioneasyfua_after_post_submittedincludes\email\class-easyfua-email-manager.php:57
actioneasyfua_after_post_submittedincludes\email\class-easyfua-email-manager.php:58
filtereasyfua_user_reviewed_subjectincludes\email\class-easyfua-email-manager.php:152
actionrest_api_initincludes\front-end\class-easyfua-file-handler.php:47
filterupload_dirincludes\front-end\class-easyfua-file-handler.php:65
actionwp_enqueue_scriptspublic\class-easyfua-frontend.php:59
filterthe_contentpublic\class-easyfua-frontend.php:60
filterupload_mimespublic\class-easyfua-frontend.php:61
actioninitpublic\class-easyfua-frontend.php:67
actionenqueue_block_editor_assetspublic\class-easyfua-frontend.php:68
actioneasyfua_delete_temp_filespublic\class-easyfua-frontend.php:71
filtereasyfua_submission_errorspublic\class-easyfua-frontend.php:78

Scheduled Events 1

easyfua_delete_temp_files
Maintenance & Trust

Easy File Upload & Approval – A Simple File Submission & Review System Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedFeb 20, 2026
PHP min version
Downloads251

Community Trust

Rating0/100
Number of ratings0
Active installs20
Alternatives

Easy File Upload & Approval – A Simple File Submission & Review System Alternatives

Drag and Drop Multiple File Upload for Contact Form 7

Drag and Drop Multiple File Upload for Contact Form 7

drag-and-drop-multiple-file-upload-contact-form-7

B
81

This simple plugin create Drag & Drop or choose Multiple File upload in your Confact Form 7 Forms.

60K 14 CVEs
MultiLine Files for Contact Form 7

MultiLine Files for Contact Form 7

multiline-files-for-contact-form-7

A
99

Upload unlimited files to Contact Form 7 with an intuitive interface, file management, and automatic ZIP compression for email delivery.

10K 1 CVE
Drag and Drop Multiple File Upload for WooCommerce

Drag and Drop Multiple File Upload for WooCommerce

drag-and-drop-multiple-file-upload-for-woocommerce

A
86

Drag and Drop Multiple File Uploader is a simple, straightforward WordPress plugin extension for WooCommerce.

5K 4 CVEs
Frontend File Manager Plugin

Frontend File Manager Plugin

nmedia-user-file-uploader

F
10

N-Media Frontend File Manager plugin enables WordPress site users to upload, manage, and share files directly from the frontend with secure storage an …

1K 3 unpatched
Contact Form By Mega Forms – Drag and Drop Form Builder

Contact Form By Mega Forms – Drag and Drop Form Builder

mega-forms

A
98

Contact form builder that allows you to create forms for any purpose. Drag & drop form fields to build modern, professional contact forms in minutes.

200 2 CVEs
Developer Profile

Easy File Upload & Approval – A Simple File Submission & Review System Developer Profile

Glen Don Mongaya

4 plugins · 65K total installs

71
trust score
Avg Security Score
88/100
Avg Patch Time
190 days
View full developer profile
Detection Fingerprints

How We Detect Easy File Upload & Approval – A Simple File Submission & Review System

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/easy-file-upload-approval/assets/css/admin.css/wp-content/plugins/easy-file-upload-approval/assets/css/frontend.css/wp-content/plugins/easy-file-upload-approval/assets/js/admin.js/wp-content/plugins/easy-file-upload-approval/assets/js/frontend.js/wp-content/plugins/easy-file-upload-approval/assets/js/vendors/dropzone.min.js/wp-content/plugins/easy-file-upload-approval/includes/file-manager/assets/css/file-manager.css/wp-content/plugins/easy-file-upload-approval/includes/file-manager/assets/js/file-manager.js
Script Paths
/wp-content/plugins/easy-file-upload-approval/assets/js/admin.js/wp-content/plugins/easy-file-upload-approval/assets/js/frontend.js/wp-content/plugins/easy-file-upload-approval/assets/js/vendors/dropzone.min.js/wp-content/plugins/easy-file-upload-approval/includes/file-manager/assets/js/file-manager.js
Version Parameters
easy-file-upload-approval/assets/css/admin.css?ver=easy-file-upload-approval/assets/css/frontend.css?ver=easy-file-upload-approval/assets/js/admin.js?ver=easy-file-upload-approval/assets/js/frontend.js?ver=easy-file-upload-approval/assets/js/vendors/dropzone.min.js?ver=easy-file-upload-approval/includes/file-manager/assets/css/file-manager.css?ver=easy-file-upload-approval/includes/file-manager/assets/js/file-manager.js?ver=

HTML / DOM Fingerprints

CSS Classes
easyfua-dropzoneeasyfua-frontend-uploadereasyfua-admin-submissionseasyfua-file-manager
HTML Comments
<!-- EASYFUA Admin Start --><!-- EASYFUA Frontend Uploader Start --><!-- EASYFUA File Manager Start -->
Data Attributes
data-easyfua-upload-urldata-easyfua-max-file-sizedata-easyfua-allowed-file-typesdata-easyfua-submission-id
JS Globals
easyfua_frontend_paramseasyfua_admin_params
Shortcode Output
[easy_file_upload]
FAQ

Frequently Asked Questions about Easy File Upload & Approval – A Simple File Submission & Review System