[wp-trac] [WordPress Trac] #24728: Provide option to disable / remove swfupload

WordPress Trac noreply at wordpress.org
Thu Jul 11 17:51:12 UTC 2013

#24728: Provide option to disable / remove swfupload
 Reporter:  msaffitz     |      Owner:
     Type:  enhancement  |     Status:  new
 Priority:  normal       |  Milestone:  Awaiting Review
Component:  General      |    Version:
 Severity:  normal       |   Keywords:
 This suggestion is in response to the vulnerability discussed here:

 Given swfupload is deprecated, it'd be nice to provide an option to
 disable and/or remove it from an install to reduce potential attack
 surface.  Ideally this could be done in such a way that plugins could
 detect whether swfupload were available or not, but I'm not sure how
 feasible that is or even if it would be ideal, since the work to implement
 detection would be better spent just upgrading to plupload.

Ticket URL: <http://core.trac.wordpress.org/ticket/24728>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software

More information about the wp-trac mailing list