This release includes important security improvements and coding standards updates. No manual action is required.<\/p>","1.0.4":"
This release includes security enhancements for file upload handling. No manual action is required.<\/p>","1.0.3":"
This is a major security release addressing multiple vulnerabilities. Please update immediately. No manual action is required.<\/p>"},"ratings":[],"assets_icons":{"icon-128x128.png":{"filename":"icon-128x128.png","revision":3509060,"resolution":"128x128","location":"assets","locale":"","width":128,"height":128}},"assets_banners":{"banner-772x250.png":{"filename":"banner-772x250.png","revision":3509060,"resolution":"772x250","location":"assets","locale":"","width":772,"height":250}},"assets_blueprints":{},"all_blocks":[],"tagged_versions":["1.0.0","1.0.1","1.0.2","1.0.3","1.0.4","1.0.5"],"block_files":[],"assets_screenshots":{"screenshot-1.png":{"filename":"screenshot-1.png","revision":3509060,"resolution":"1","location":"assets","locale":"","width":2560,"height":1162},"screenshot-2.png":{"filename":"screenshot-2.png","revision":3509060,"resolution":"2","location":"assets","locale":"","width":2560,"height":1194},"screenshot-3.png":{"filename":"screenshot-3.png","revision":3509060,"resolution":"3","location":"assets","locale":"","width":2560,"height":1195},"screenshot-4.png":{"filename":"screenshot-4.png","revision":3509060,"resolution":"4","location":"assets","locale":"","width":2544,"height":1165},"screenshot-5.png":{"filename":"screenshot-5.png","revision":3509060,"resolution":"5","location":"assets","locale":"","width":2560,"height":1156}},"screenshots":{"1":"Admin file explorer with folders, uploads, and toolbar actions (backend).","2":"Frontend file explorer embedded via shortcode (frontend view)."},"jetpack_post_was_ever_published":false},"plugin_section":[],"plugin_tags":[5440,8848,88,2250,233],"plugin_category":[],"plugin_contributors":[260466],"plugin_business_model":[],"class_list":["post-266069","plugin","type-plugin","status-publish","hentry","plugin_tags-downloads","plugin_tags-file-manager","plugin_tags-files","plugin_tags-frontend","plugin_tags-media-library","plugin_contributors-itsmeshafat","plugin_committers-itsmeshafat"],"banners":{"banner":"https:\/\/ps.w.org\/frontend-file-explorer\/assets\/banner-772x250.png?rev=3509060","banner_2x":false,"banner_rtl":false,"banner_2x_rtl":false},"icons":{"svg":false,"icon":"https:\/\/ps.w.org\/frontend-file-explorer\/assets\/icon-128x128.png?rev=3509060","icon_2x":false,"generated":false},"screenshots":[{"src":"https:\/\/ps.w.org\/frontend-file-explorer\/assets\/screenshot-1.png?rev=3509060","caption":"Admin file explorer with folders, uploads, and toolbar actions (backend)."},{"src":"https:\/\/ps.w.org\/frontend-file-explorer\/assets\/screenshot-2.png?rev=3509060","caption":"Frontend file explorer embedded via shortcode (frontend view)."},{"src":"https:\/\/ps.w.org\/frontend-file-explorer\/assets\/screenshot-3.png?rev=3509060","caption":""},{"src":"https:\/\/ps.w.org\/frontend-file-explorer\/assets\/screenshot-4.png?rev=3509060","caption":""},{"src":"https:\/\/ps.w.org\/frontend-file-explorer\/assets\/screenshot-5.png?rev=3509060","caption":""}],"raw_content":"\n
Frontend File Explorer is a modern, Windows Explorer\u2013inspired file manager for WordPress. It gives you a clean admin interface to organize and share files plus a responsive frontend explorer powered by a simple shortcode.<\/p>\n\n
Use it to create download areas for courses, client file portals, or resource libraries \u2014 without relying on heavy external file management tools.<\/p>\n\n
The plugin provides a seamless experience for both administrators and frontend users:<\/p>\n\n
wp-content\/uploads\/downloads<\/code> directory.<\/li>\n- Admin Management:<\/strong> Create folders, upload files, delete items, and download ZIPs directly from the admin dashboard.<\/li>\n
- Frontend Integration: Embed the explorer anywhere using the
[frontend_file_explorer]<\/code> shortcode.<\/li>\n- AJAX-Powered:<\/strong> Fast, smooth navigation and pagination without page reloads.<\/li>\n
- Translation Ready:<\/strong> Fully localized with the
frontend-file-explorer<\/code> text domain.<\/li>\n<\/ul>\n\nHow to use the Explorer:<\/strong><\/p>\n\n\nAdmin Interface:<\/strong> \nNavigate to File Upload<\/strong> in your WordPress admin sidebar. From this dedicated dashboard, administrators can create nested folders, upload bulk files (featuring multi-select and drag-and-drop), import existing Media Library assets, delete items, and download entire directories as ZIP archives.<\/p><\/li>\nFrontend Shortcode:<\/strong> \nEmbed the user-facing explorer interface on any Page, Post, or Custom Post Type using the following shortcode setup:<\/p>\n\n[frontend_file_explorer]\n<\/code><\/pre>\n\n(Renders the explorer starting at the root storage directory)<\/em><\/p>\n\nAdvanced Shortcode Usage:<\/strong>\nYou can explicitly define the starting folder path relative to the root uploads\/downloads<\/code> directory by using the folder<\/code> attribute:<\/p>\n\n[frontend_file_explorer folder=\"\/course-materials\"]\n[frontend_file_explorer folder=\"\/clients\/acme-corp\"]\n<\/code><\/pre>\n\n\n- Frontend Capabilities:<\/strong> Visitors browsing the frontend can view contents, click files to download them, and copy direct sharing links.<\/li>\n
- Security:<\/strong> Destructive or mutating actions (like file upload, folder creation, or deletion) remain strictly hidden and blocked from public visitors. They are only accessible to logged-in users who possess the WordPress
upload_files<\/code> capability.<\/li>\n<\/ul><\/li>\n<\/ul>\n\nWho is this plugin for?<\/strong><\/p>\n\n\n- Course creators who need a simple, branded downloads area.<\/li>\n
- Agencies and freelancers who share files with clients.<\/li>\n
- Site owners who want a lightweight, Explorer-like file manager in WordPress.<\/li>\n<\/ul>\n\n\n
Installation from within WordPress<\/h4>\n\n\n- Visit Plugins > Add New<\/strong>.<\/li>\n
- Search for Frontend File Explorer<\/strong>.<\/li>\n
- Install and activate the Frontend File Explorer plugin.<\/li>\n
- On activation, the plugin will create
wp-content\/uploads\/downloads<\/code>.<\/li>\n<\/ol>\n\nManual installation<\/h4>\n\n\n- Upload the plugin folder to the
\/wp-content\/plugins\/<\/code> directory.<\/li>\n- Visit Plugins<\/strong>.<\/li>\n
- Activate the Frontend File Explorer plugin.<\/li>\n<\/ol>\n\n\n
\nCan I point the explorer to a different base folder?<\/h3><\/dt>\nYes. You can override the constants in a custom mu-plugin before File Explorer loads, or use filters\/hooks (e.g. on wp_loaded<\/code>) to adjust the base path\/URL. This is an advanced customization and should be done carefully.<\/p><\/dd>\nDoes the plugin work in multisite?<\/h3><\/dt>\nYes. Each site manages its own uploads\/downloads<\/code> directory. You can network-activate the plugin for consistency across sites.<\/p><\/dd>\nAre file types restricted?<\/h3><\/dt>\nBy default, allowed file types are defined via options during activation. You can adjust the allowed extensions by updating the plugin options (e.g., file_explorer_allowed_file_types<\/code>).<\/p><\/dd>\nHow do I translate the UI?<\/h3><\/dt>\nThe plugin is fully localization-ready and uses the frontend-file-explorer<\/code> text domain. You can use tools like Loco Translate or Poedit to create translations and drop .mo<\/code> files in the languages\/<\/code> directory.<\/p><\/dd>\n\n<\/dl>\n\n\n1.0.5<\/h4>\n\n\n- Security:<\/strong> Added comprehensive array structure validation for
$_FILES<\/code> superglobal before accessing elements.<\/li>\n- Security:<\/strong> Moved
is_uploaded_file()<\/code> validation to immediately after accessing tmp_name for improved security.<\/li>\n- Security:<\/strong> Removed PHPCS ignore comment and implemented proper sanitization for file upload handling.<\/li>\n
- Standards:<\/strong> Replaced
$_REQUEST<\/code> with $_POST<\/code> for AJAX POST requests per WordPress coding standards.<\/li>\n- Standards:<\/strong> Replaced PHP
basename()<\/code> with WordPress wp_basename()<\/code> for i18n compatibility with multibyte characters.<\/li>\n<\/ul>\n\n1.0.4<\/h4>\n\n\n- Security:<\/strong> Sanitized and validated all
$_FILES<\/code> upload fields individually (name, type, tmp_name, error, size).<\/li>\n- Security:<\/strong> Added
is_uploaded_file()<\/code> guard against path injection on file uploads.<\/li>\n- Standards:<\/strong> Fixed unordered placeholders in translatable strings per WordPress i18n guidelines.<\/li>\n<\/ul>\n\n
1.0.3<\/h4>\n\n\n- Security:<\/strong> Fixed unauthenticated file downloads, arbitrary PHP uploads, XSS via eval(), and server path disclosure.<\/li>\n
- Standards:<\/strong> Migrated all filesystem operations to WP_Filesystem API, bundled Material Icons locally, added proper nonce verification and capability checks to all AJAX endpoints.<\/li>\n
- Standards:<\/strong> Renamed classes to use WordPress underscore convention (Frontend_File_Explorer, Frontend_File_Explorer_Ajax).<\/li>\n
- Standards:<\/strong> Removed discouraged load_plugin_textdomain() call, added proper prefixing to all handles and identifiers.<\/li>\n<\/ul>\n\n
1.0.2<\/h4>\n\n\n- Fix:<\/strong> Resolved a critical bug causing the frontend explorer to execute filesystem deletion logic instead of listing directory contents.<\/li>\n
- Fix:<\/strong> Repaired the \"Download as ZIP\" mechanism to eliminate
ERR_INVALID_RESPONSE<\/code> failures by safely building ZipArchive temp files and explicitly managing PHP output buffers and Safari download headers.<\/li>\n- Feature:<\/strong> Fully integrated the missing backend endpoints required for the UI, enabling seamless frontend and backend folder creation, file uploads, and Media Library imports.<\/li>\n
- Security & Standards:<\/strong> Swept codebase for strict WordPress PHPCS warnings. Corrected all variable unslashing, resolved missing nonce verification checks, migrated deprecated filesystem functions to
WP_Filesystem<\/code>, and reinforced esc_html__<\/code> translation domain strings and translators comments.<\/li>\n<\/ul>\n\n1.0.1<\/h4>\n\n\n- Rename plugin to \"Frontend File Explorer\"<\/li>\n
- Align text domain and translation loading with slug
frontend-file-explorer<\/code><\/li>\n- Improve README and readme.txt descriptions and screenshots<\/li>\n<\/ul>","raw_excerpt":"A modern, Windows Explorer\u2013inspired file manager for WordPress with admin interface and frontend shortcode.","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/test.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin\/266069","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/test.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin"}],"about":[{"href":"https:\/\/test.wordpress.org\/plugins\/wp-json\/wp\/v2\/types\/plugin"}],"replies":[{"embeddable":true,"href":"https:\/\/test.wordpress.org\/plugins\/wp-json\/wp\/v2\/comments?post=266069"}],"author":[{"embeddable":true,"href":"https:\/\/test.wordpress.org\/plugins\/wp-json\/wporg\/v1\/users\/itsmeshafat"}],"wp:attachment":[{"href":"https:\/\/test.wordpress.org\/plugins\/wp-json\/wp\/v2\/media?parent=266069"}],"wp:term":[{"taxonomy":"plugin_section","embeddable":true,"href":"https:\/\/test.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_section?post=266069"},{"taxonomy":"plugin_tags","embeddable":true,"href":"https:\/\/test.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_tags?post=266069"},{"taxonomy":"plugin_category","embeddable":true,"href":"https:\/\/test.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_category?post=266069"},{"taxonomy":"plugin_contributors","embeddable":true,"href":"https:\/\/test.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_contributors?post=266069"},{"taxonomy":"plugin_business_model","embeddable":true,"href":"https:\/\/test.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_business_model?post=266069"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}