{"id":76959,"date":"2017-11-02T05:06:16","date_gmt":"2017-11-02T05:06:16","guid":{"rendered":"https:\/\/wordpress.org\/plugins\/wp-dropzone\/"},"modified":"2025-11-14T20:49:21","modified_gmt":"2025-11-14T20:49:21","slug":"wp-dropzone","status":"closed","type":"plugin","link":"https:\/\/pt.wordpress.org\/plugins\/wp-dropzone\/","author":16915488,"comment_status":"closed","ping_status":"closed","template":"","meta":{"_crdt_document":"","version":"1.1.1","stable_tag":"1.1.1","tested":"6.8.5","requires":"6.0","requires_php":"7.0","requires_plugins":null,"header_name":"WP Dropzone","header_author":"Nazmul Sabuz","header_description":"Upload files into WordPress media library from front-end.","assets_banners_color":"","last_updated":"2025-11-14 20:49:21","external_support_url":"","external_repository_url":"","donate_link":"","header_plugin_uri":"https:\/\/wordpress.org\/plugins\/wp-dropzone\/","header_author_uri":"https:\/\/profiles.wordpress.org\/nazsabuz\/","rating":4.3,"author_block_rating":0,"active_installs":100,"downloads":3451,"num_ratings":4,"support_threads":0,"support_threads_resolved":0,"author_block_count":0,"sections":["description","installation","faq","changelog"],"tags":{"1.0.4":{"tag":"1.0.4","author":"ximdevs","date":"2017-12-10 16:43:55"},"1.0.5":{"tag":"1.0.5","author":"nazsabuz","date":"2021-11-14 15:46:58"},"1.0.6":{"tag":"1.0.6","author":"nazsabuz","date":"2021-11-17 20:09:19"},"1.1.0":{"tag":"1.1.0","author":"nazsabuz","date":"2025-09-21 05:48:04"},"1.1.1":{"tag":"1.1.1","author":"nazsabuz","date":"2025-11-14 20:49:21"}},"upgrade_notice":{"1.1.1":"<p><strong>SECURITY UPDATE<\/strong> - Critical security fix for authenticated arbitrary file upload vulnerability (CVE-2025-12775). All users should update immediately. This update adds capability checks, file validation, and improved security measures.<\/p>","1.1.0":"<p>Major update with FSE theme support, improved security, and translation support.<\/p>","1.0.6":"<p>Security update: Guest uploads removed. Please reactivate the plugin after upgrading.<\/p>"},"ratings":{"1":0,"2":"1","3":0,"4":0,"5":"3"},"assets_icons":{"icon-256x256.png":{"filename":"icon-256x256.png","revision":3365330,"resolution":"256x256","location":"assets","locale":""}},"assets_banners":[],"assets_blueprints":{},"all_blocks":[],"tagged_versions":["1.0.4","1.0.5","1.0.6","1.1.0","1.1.1"],"block_files":[],"assets_screenshots":[],"screenshots":{"1":"Default dropzone interface","2":"Custom styled upload area","3":"File preview with thumbnails","4":"Upload progress indication","5":"Admin settings and options"},"jetpack_post_was_ever_published":false},"plugin_section":[],"plugin_tags":[148638,5887,1722,84,3191],"plugin_category":[50],"plugin_contributors":[169042],"plugin_business_model":[],"class_list":["post-76959","plugin","type-plugin","status-closed","hentry","plugin_tags-dropzone","plugin_tags-file-upload","plugin_tags-image-upload","plugin_tags-media","plugin_tags-media-upload","plugin_category-media","plugin_contributors-nazsabuz","plugin_committers-nazsabuz","plugin_support_reps-nazsabuz"],"banners":[],"icons":{"svg":false,"icon":"https:\/\/s.w.org\/plugins\/geopattern-icon\/wp-dropzone.svg","icon_2x":false,"generated":true},"screenshots":[],"raw_content":"<!--section=description-->\n<p>WP Dropzone integrates the powerful Dropzone.js library with WordPress, allowing you to upload files directly into the WordPress media library from any post, page, or front-end location. The plugin provides a modern, user-friendly drag-and-drop interface with extensive customization options and advanced features for file management.<\/p>\n\n<h3>Key Features<\/h3>\n\n<ul>\n<li><strong>Drag &amp; Drop Interface<\/strong> - Modern, intuitive file upload experience<\/li>\n<li><strong>Customizable Styling<\/strong> - Full control over appearance with CSS customization<\/li>\n<li><strong>File Validation<\/strong> - Built-in file type and size validation<\/li>\n<li><strong>Image Processing<\/strong> - Automatic image resizing, cropping, and quality optimization<\/li>\n<li><strong>Thumbnail Generation<\/strong> - Customizable thumbnail previews<\/li>\n<li><strong>Security Features<\/strong> - Nonce verification and user permission checks<\/li>\n<li><strong>Action Hooks<\/strong> - WordPress hooks for customization and integration<\/li>\n<li><strong>Translation Ready<\/strong> - Full internationalization support<\/li>\n<li><strong>Performance Optimized<\/strong> - Assets loaded only when needed<\/li>\n<\/ul>\n\n<h3>Shortcode Usage<\/h3>\n\n<p>Insert the dropzone anywhere in your posts, pages, or templates with the shortcode:<\/p>\n\n<pre><code>[wp-dropzone]\n<\/code><\/pre>\n\n<p>Or in PHP templates:<\/p>\n\n<pre><code>&lt;?php echo do_shortcode( '[wp-dropzone]' ); ?&gt;\n<\/code><\/pre>\n\n<h3>Shortcode Attributes<\/h3>\n\n<p>The following attributes can be used with the <code>[wp-dropzone]<\/code> shortcode:<\/p>\n\n<ul>\n<li><p><code>id<\/code> - Unique identifier for the dropzone instance (Default: Auto-generated)\nExample: <code>[wp-dropzone id=\"myUploader\"]<\/code><\/p><\/li>\n<li><p><code>title<\/code> - Title displayed above the dropzone (Default: Empty)\nExample: <code>[wp-dropzone title=\"Drop Files Here\"]<\/code><\/p><\/li>\n<li><p><code>desc<\/code> - Description text for the dropzone (Default: Empty)\nExample: <code>[wp-dropzone desc=\"Upload your files here\"]<\/code><\/p><\/li>\n<li><p><code>accepted-files<\/code> - Allowed file types (Default: All files)\nExample: <code>[wp-dropzone accepted-files=\"image\/*\"]<\/code><\/p><\/li>\n<li><p><code>max-files<\/code> - Maximum number of files (Default: Unlimited)\nExample: <code>[wp-dropzone max-files=\"3\"]<\/code><\/p><\/li>\n<li><p><code>auto-process<\/code> - Auto-upload files when dropped (Default: true)\nExample: <code>[wp-dropzone auto-process=\"false\"]<\/code><\/p><\/li>\n<li><p><code>clickable<\/code> - Make dropzone clickable (Default: true)\nExample: <code>[wp-dropzone clickable=\"false\"]<\/code><\/p><\/li>\n<li><p><code>remove-links<\/code> - Show remove file buttons (Default: false)\nExample: <code>[wp-dropzone remove-links=\"true\"]<\/code><\/p><\/li>\n<li><p><code>upload-button-text<\/code> - Text for manual upload button (Default: \"Upload Files\")\nExample: <code>[wp-dropzone upload-button-text=\"Upload Selected Files\"]<\/code><\/p><\/li>\n<li><p><code>resize-width<\/code> - Resize images to specified width (Default: Original)\nExample: <code>[wp-dropzone resize-width=\"800\"]<\/code><\/p><\/li>\n<li><p><code>resize-height<\/code> - Resize images to specified height (Default: Original)\nExample: <code>[wp-dropzone resize-height=\"600\"]<\/code><\/p><\/li>\n<li><p><code>resize-quality<\/code> - Image quality (0.1-1.0) (Default: 0.8)\nExample: <code>[wp-dropzone resize-quality=\"0.9\"]<\/code><\/p><\/li>\n<li><p><code>resize-method<\/code> - Resize method: contain\/crop (Default: contain)\nExample: <code>[wp-dropzone resize-method=\"crop\"]<\/code><\/p><\/li>\n<li><p><code>thumbnail-width<\/code> - Thumbnail width in pixels (Default: 120)\nExample: <code>[wp-dropzone thumbnail-width=\"150\"]<\/code><\/p><\/li>\n<li><p><code>thumbnail-height<\/code> - Thumbnail height in pixels (Default: 120)\nExample: <code>[wp-dropzone thumbnail-height=\"150\"]<\/code><\/p><\/li>\n<li><p><code>thumbnail-method<\/code> - Thumbnail method: contain\/crop (Default: crop)\nExample: <code>[wp-dropzone thumbnail-method=\"contain\"]<\/code><\/p><\/li>\n<\/ul>\n\n<h3>Styling Options<\/h3>\n\n<p>The following styling attributes can be used to customize the dropzone appearance:<\/p>\n\n<ul>\n<li><p><code>border-width<\/code> - Border width\nExample: <code>[wp-dropzone border-width=\"3px\"]<\/code><\/p><\/li>\n<li><p><code>border-style<\/code> - Border style (solid, dashed, etc.)\nExample: <code>[wp-dropzone border-style=\"dashed\"]<\/code><\/p><\/li>\n<li><p><code>border-color<\/code> - Border color (hex code)\nExample: <code>[wp-dropzone border-color=\"#007cba\"]<\/code><\/p><\/li>\n<li><p><code>background<\/code> - Background color (hex code)\nExample: <code>[wp-dropzone background=\"#f0f0f1\"]<\/code><\/p><\/li>\n<li><p><code>margin-bottom<\/code> - Bottom margin\nExample: <code>[wp-dropzone margin-bottom=\"20px\"]<\/code><\/p><\/li>\n<\/ul>\n\n<h3>Advanced Features<\/h3>\n\n<h4>Action Hooks<\/h4>\n\n<p>The plugin provides several action hooks for customization:<\/p>\n\n<pre><code>\/\/ Before file upload\ndo_action( 'wp_dropzone_before_upload_file', $file );\n\n\/\/ After file upload\ndo_action( 'wp_dropzone_after_upload_file', $file );\n\n\/\/ After media library insertion\ndo_action( 'wp_dropzone_after_insert_attachment', $attachment_id );\n<\/code><\/pre>\n\n<h4>JavaScript Integration<\/h4>\n\n<p>Access dropzone instance and events:<\/p>\n\n<pre><code>\/\/ Get dropzone instance\nvar dropzone = Dropzone.forElement(\"#wp-dz-yourID\");\n\n\/\/ Add event listeners\ndropzone.on(\"success\", function(file, response) {\n    console.log(\"File uploaded:\", response);\n});\n<\/code><\/pre>\n\n<h3>Examples<\/h3>\n\n<h4>Basic Image Upload<\/h4>\n\n<pre><code>[wp-dropzone accepted-files=\"image\/*\" max-files=\"5\" title=\"Upload Images\"]\n<\/code><\/pre>\n\n<h4>Document Upload with Restrictions<\/h4>\n\n<pre><code>[wp-dropzone accepted-files=\".pdf,.doc,.docx\" title=\"Upload Documents\" desc=\"PDF, DOC, DOCX files only\"]\n<\/code><\/pre>\n\n<h4>Styled Upload Area<\/h4>\n\n<pre><code>[wp-dropzone title=\"Drop Files Here\" desc=\"Drag and drop files or click to browse\" border-style=\"dashed\" border-color=\"#007cba\" background=\"#f8f9fa\"]\n<\/code><\/pre>\n\n<h4>Manual Upload Button<\/h4>\n\n<pre><code>[wp-dropzone auto-process=\"false\" upload-button-text=\"Upload Selected Files\" title=\"Select Files\"]\n<\/code><\/pre>\n\n<!--section=installation-->\n<ol>\n<li>Upload the <code>wp-dropzone<\/code> folder to your <code>\/wp-content\/plugins\/<\/code> directory<\/li>\n<li>Activate the plugin through the 'Plugins' menu in WordPress<\/li>\n<li>Use the <code>[wp-dropzone]<\/code> shortcode in your posts, pages, or templates<\/li>\n<\/ol>\n\n<h3>Requirements<\/h3>\n\n<ul>\n<li>WordPress 6.0 or higher<\/li>\n<li>PHP 7.0 or higher<\/li>\n<li>Modern web browser with JavaScript enabled<\/li>\n<\/ul>\n\n<!--section=faq-->\n<dl>\n<dt id='do%20i%20need%20to%20be%20logged%20in%20to%20upload%20files%3F'><h3>Do I need to be logged in to upload files?<\/h3><\/dt>\n<dd><p>Yes, only logged-in users can upload files for security reasons. Guest users will see a login prompt when they try to upload files.<\/p><\/dd>\n<dt id='what%20file%20types%20are%20supported%3F'><h3>What file types are supported?<\/h3><\/dt>\n<dd><p>All file types are supported by default. You can restrict file types using the <code>accepted-files<\/code> attribute. For example: <code>accepted-files=\"image\/*\"<\/code> for images only, or <code>accepted-files=\".pdf,.doc,.docx\"<\/code> for specific document types.<\/p><\/dd>\n<dt id='can%20i%20customize%20the%20appearance%20and%20styling%3F'><h3>Can I customize the appearance and styling?<\/h3><\/dt>\n<dd><p>Yes, you can customize the dropzone appearance using shortcode attributes like <code>border-color<\/code>, <code>background<\/code>, <code>border-style<\/code>, etc. For advanced styling, you can add custom CSS targeting the <code>.wp-dropzone<\/code> class.<\/p><\/dd>\n<dt id='can%20i%20resize%20images%20automatically%3F'><h3>Can I resize images automatically?<\/h3><\/dt>\n<dd><p>Yes, use the <code>resize-width<\/code>, <code>resize-height<\/code>, <code>resize-quality<\/code>, and <code>resize-method<\/code> attributes to automatically resize uploaded images. This helps optimize storage and loading times.<\/p><\/dd>\n<dt id='how%20do%20i%20show%20thumbnails%20for%20uploaded%20files%3F'><h3>How do I show thumbnails for uploaded files?<\/h3><\/dt>\n<dd><p>Thumbnails are generated automatically for images. You can customize thumbnail size using <code>thumbnail-width<\/code>, <code>thumbnail-height<\/code>, and <code>thumbnail-method<\/code> attributes.<\/p><\/dd>\n<dt id='can%20i%20integrate%20with%20custom%20forms%3F'><h3>Can I integrate with custom forms?<\/h3><\/dt>\n<dd><p>Yes, you can use the <code>dom-id<\/code> attribute to copy uploaded file URLs to form fields. The plugin will automatically populate hidden input fields with the uploaded file URLs.<\/p><\/dd>\n<dt id='how%20do%20i%20handle%20multiple%20files%3F'><h3>How do I handle multiple files?<\/h3><\/dt>\n<dd><p>Use the <code>max-files<\/code> attribute to limit the number of files. For example: <code>max-files=\"5\"<\/code> allows up to 5 files. Users can upload multiple files at once by dragging multiple files or using Ctrl\/Cmd+click.<\/p><\/dd>\n<dt id='can%20i%20disable%20automatic%20upload%3F'><h3>Can I disable automatic upload?<\/h3><\/dt>\n<dd><p>Yes, set <code>auto-process=\"false\"<\/code> to require users to click an upload button. Customize the button text with <code>upload-button-text<\/code> attribute.<\/p><\/dd>\n<dt id='how%20do%20i%20handle%20upload%20errors%3F'><h3>How do I handle upload errors?<\/h3><\/dt>\n<dd><p>The plugin provides user-friendly error messages for common issues like file size limits, unsupported file types, and upload failures. Check browser console for detailed error information.<\/p><\/dd>\n<dt id='can%20i%20use%20this%20in%20gutenberg%20blocks%20or%20page%20builders%3F'><h3>Can I use this in Gutenberg blocks or page builders?<\/h3><\/dt>\n<dd><p>Yes, you can use the shortcode in any WordPress editor that supports shortcodes, including Gutenberg blocks, Elementor, Beaver Builder, and other page builders.<\/p><\/dd>\n<dt id='is%20there%20a%20way%20to%20track%20uploads%20or%20integrate%20with%20other%20plugins%3F'><h3>Is there a way to track uploads or integrate with other plugins?<\/h3><\/dt>\n<dd><p>Yes, the plugin provides action hooks like <code>wp_dropzone_after_upload_file<\/code> and <code>wp_dropzone_after_insert_attachment<\/code> that you can use to integrate with other plugins or add custom functionality.<\/p><\/dd>\n<dt id='what%20happens%20to%20uploaded%20files%3F'><h3>What happens to uploaded files?<\/h3><\/dt>\n<dd><p>Files are uploaded directly to the WordPress media library and become available in your Media section. They maintain their original filenames and are organized by upload date.<\/p><\/dd>\n<dt id='can%20i%20restrict%20uploads%20to%20specific%20user%20roles%3F'><h3>Can I restrict uploads to specific user roles?<\/h3><\/dt>\n<dd><p>Currently, any logged-in user can upload files. For role-based restrictions, you can use the plugin's action hooks to add custom permission checks in your theme or custom plugin.<\/p><\/dd>\n<dt id='does%20the%20plugin%20work%20with%20multisite%20installations%3F'><h3>Does the plugin work with multisite installations?<\/h3><\/dt>\n<dd><p>Yes, the plugin works with WordPress multisite installations. Each site will have its own media library and upload settings.<\/p><\/dd>\n<dt id='how%20do%20i%20troubleshoot%20upload%20issues%3F'><h3>How do I troubleshoot upload issues?<\/h3><\/dt>\n<dd><p>Check your server's PHP upload limits (upload_max_filesize, post_max_size), ensure JavaScript is enabled, verify file permissions on wp-content\/uploads directory, and check browser console for JavaScript errors.<\/p><\/dd>\n\n<\/dl>\n\n<!--section=changelog-->\n<h4>1.1.1<\/h4>\n\n<ul>\n<li><strong>SECURITY FIX<\/strong> - Fixed authenticated arbitrary file upload vulnerability (CVE-2025-12775)<\/li>\n<li>Added: Capability check requiring <code>upload_files<\/code> permission for all file uploads<\/li>\n<li>Added: File type validation before writing chunks to disk<\/li>\n<li>Added: Dangerous file extension blacklist to prevent execution of malicious files<\/li>\n<li>Added: Temporary file cleanup on success and error<\/li>\n<li>Improved: Chunked upload security by using system temp directory instead of uploads directory<\/li>\n<li>Improved: File validation now occurs before any disk writes<\/li>\n<li>Improved: Error handling in JavaScript to correctly display WordPress <code>wp_send_json_error<\/code> responses in Dropzone UI<\/li>\n<li>Improved: PHP backend now sends proper HTTP error status codes (400, 403) for upload failures<\/li>\n<li>Improved: Dropzone area is now disabled for users without upload permissions<\/li>\n<\/ul>\n\n<h4>1.1.0<\/h4>\n\n<ul>\n<li>Added: FSE theme support<\/li>\n<li>Added: Improved error handling and user feedback<\/li>\n<li>Added: Enhanced security with nonce verification<\/li>\n<li>Added: Translation support and POT file<\/li>\n<li>Improved: Code structure and documentation<\/li>\n<li>Improved: Performance optimizations<\/li>\n<li>Updated: WordPress compatibility to 6.8<\/li>\n<li>Fixed: Minor bugs and typos<\/li>\n<\/ul>\n\n<h4>1.0.7<\/h4>\n\n<ul>\n<li>Added: Action hooks for before\/after upload events<\/li>\n<\/ul>\n\n<h4>1.0.6<\/h4>\n\n<ul>\n<li>Security Fix: Removed guest upload feature<\/li>\n<li>Updated: Dropzone library to latest version<\/li>\n<li>Warning: Plugin reactivation required after upgrade<\/li>\n<\/ul>\n\n<h4>1.0.5<\/h4>\n\n<ul>\n<li>Added: WordPress 4.9.x compatibility<\/li>\n<li>Improved: Code structure and organization<\/li>\n<\/ul>\n\n<h4>1.0.4<\/h4>\n\n<ul>\n<li>Improved: Overall code structure<\/li>\n<\/ul>\n\n<h4>1.0.3<\/h4>\n\n<ul>\n<li>Added: Thumbnail resize functionality<\/li>\n<\/ul>\n\n<h4>1.0.2<\/h4>\n\n<ul>\n<li>Added: Custom ID support<\/li>\n<li>Added: Native Dropzone events support<\/li>\n<li>Improved: Asset loading and performance<\/li>\n<\/ul>\n\n<h4>1.0.1<\/h4>\n\n<ul>\n<li>Added: Image resize and crop options<\/li>\n<li>Added: Image quality control<\/li>\n<\/ul>\n\n<h4>1.0.0<\/h4>\n\n<ul>\n<li>Initial release with basic functionality<\/li>\n<\/ul>","raw_excerpt":"Upload files into WordPress media library from front-end with drag-and-drop functionality and customizable options.","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/pt.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin\/76959","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/pt.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin"}],"about":[{"href":"https:\/\/pt.wordpress.org\/plugins\/wp-json\/wp\/v2\/types\/plugin"}],"replies":[{"embeddable":true,"href":"https:\/\/pt.wordpress.org\/plugins\/wp-json\/wp\/v2\/comments?post=76959"}],"author":[{"embeddable":true,"href":"https:\/\/pt.wordpress.org\/plugins\/wp-json\/wporg\/v1\/users\/nazsabuz"}],"wp:attachment":[{"href":"https:\/\/pt.wordpress.org\/plugins\/wp-json\/wp\/v2\/media?parent=76959"}],"wp:term":[{"taxonomy":"plugin_section","embeddable":true,"href":"https:\/\/pt.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_section?post=76959"},{"taxonomy":"plugin_tags","embeddable":true,"href":"https:\/\/pt.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_tags?post=76959"},{"taxonomy":"plugin_category","embeddable":true,"href":"https:\/\/pt.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_category?post=76959"},{"taxonomy":"plugin_contributors","embeddable":true,"href":"https:\/\/pt.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_contributors?post=76959"},{"taxonomy":"plugin_business_model","embeddable":true,"href":"https:\/\/pt.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_business_model?post=76959"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}