Disable File Extension Check
Good day. I recently had the opportunity to play with the latest version of H5P in WordPress and appreciate all the improvements that have been done. The current version is much improved over the previous version I had the opportunity to play with.
As a system admin for a Multi-Network / Multi-Site system there is one function that serioulsy concerns me that i have to see if there is a work around or whether this can be addressed.
Since this a shared code base with hundreds of users, I can network activate the plugin so everyone has it, but when they access it, site admins still have the capability to bypass files extension checks while uploading content. In a shared environment, i find this a REAL security issue.
Is there any way we can update the plugin so that when it is installed and activated in a Multi-Network or Multi-Site environment, that bypass is only available to super admins vice all site admins??
I appreciate any input.