WP Upload Restriction Security & Risk Analysis
wordpress.org/plugins/wp-upload-restrictionThis plugin allows you to control upload of files based on file types and sizes.
Is WP Upload Restriction Safe to Use in 2026?
Generally Safe
Score 99/100WP Upload Restriction has a strong security track record. Known vulnerabilities have been patched promptly. It's a solid choice for most WordPress installations.
The "wp-upload-restriction" v2.3.0 plugin exhibits a mixed security posture. On the positive side, the code analysis reveals a strong adherence to secure coding practices, with no dangerous functions, all SQL queries using prepared statements, and a significant percentage of output being properly escaped. The presence of nonce and capability checks on all identified AJAX entry points is also commendable. However, the plugin's vulnerability history presents a notable concern. With three past medium-severity CVEs, specifically related to Cross-Site Scripting, Missing Authorization, and Improper Access Control, it indicates a pattern of past security weaknesses that users should be aware of. While there are no currently unpatched vulnerabilities, the historical prevalence of these types of issues suggests that vigilance is still necessary. The lack of critical or high-severity past vulnerabilities and the current secure coding practices are strengths, but the historical context warrants caution.
Key Concerns
- Past medium severity CVEs
- Past CVEs indicate common vulnerability types
- 78% output escaping (implies 22% not)
WP Upload Restriction Security Vulnerabilities
CVEs by Year
Severity Breakdown
3 total CVEs
WP Upload Restriction <= 2.2.4 – Authenticated (Subscriber+) Stored Cross-Site Scripting
WP Upload Restriction <= 2.2.4 - Missing Authorization Checks
WP Upload Restriction <= 2.2.4 - Missing Authorization Checks
WP Upload Restriction Release Timeline
WP Upload Restriction Code Analysis
Output Escaping
WP Upload Restriction Attack Surface
AJAX Handlers 4
WordPress Hooks 8
Maintenance & Trust
WP Upload Restriction Maintenance & Trust
Maintenance Signals
Community Trust
WP Upload Restriction Alternatives
EasyMedia – Increase Media Upload File Size | Role-Based Upload Limit | Increase Execution Time
wp-maximum-upload-file-size
EasyMedia - Increase the maximum upload file size limit to any value. Increase upload limit - upload large files effortlessly.
Add From Server
add-from-server
Add From Server is designed to help ease the pain of bad web hosts, allowing you to upload files via FTP or SSH and later import them into WordPress.
WP Extra File Types
wp-extra-file-types
Plugin to let you extend the list of allowed file types supported by the Wordpress Media Library
Easy SVG Support
easy-svg
This Plugin allows you to upload SVG Files into your Media library.
Media Sync
media-sync
Simple plugin to scan "uploads" directory and bring those files into Media Library.
WP Upload Restriction Developer Profile
2 plugins · 3K total installs
How We Detect WP Upload Restriction
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
/wp-content/plugins/wp-upload-restriction/css/wp-upload-restrictions-styles.css/wp-content/plugins/wp-upload-restriction/js/wp-upload-restriction.js/wp-content/plugins/wp-upload-restriction/js/wp-upload-restriction.jswp-upload-restriction/css/wp-upload-restrictions-styles.css?ver=wp-upload-restriction/js/wp-upload-restriction.js?ver=HTML / DOM Fingerprints
wp-upload-restrictiondata-rowwp_upload_restriction_ajax_object