diff --git a/wp-admin/media-upload.php b/wp-admin/media-upload.php
index 0a4fb8bacd..6246176b88 100644
--- a/wp-admin/media-upload.php
+++ b/wp-admin/media-upload.php
@@ -37,6 +37,9 @@ if ( isset($action) && $action == 'edit' && !$ID )
 if ( isset($_GET['inline']) ) {
 	$errors = array();
 
+	if ( ! empty( $_REQUEST['post_id'] ) && ! current_user_can( 'edit_post' , $_REQUEST['post_id'] ) )
+		wp_die( __( 'Cheatin’ uh?' ) );
+
 	if ( isset($_POST['html-upload']) && !empty($_FILES) ) {
 		check_admin_referer('media-form');
 		// Upload File button was clicked
@@ -59,6 +62,9 @@ if ( isset($_GET['inline']) ) {
 		exit;
 	}
 
+	if ( isset( $_REQUEST['post_id'] ) )
+		wp_die( __( 'Cheatin’ uh?' ) );
+
 	$title = __('Upload New Media');
 	$parent_file = 'upload.php';
 	get_current_screen()->add_help_tab( array(
@@ -116,6 +122,8 @@ if ( isset($_GET['inline']) ) {
 	include('./admin-footer.php');
 
 } else {
+	if ( ! empty( $_REQUEST['post_id'] ) && ! current_user_can( 'edit_post' , $_REQUEST['post_id'] ) )
+		wp_die( __( 'Cheatin’ uh?' ) );
 
 	// upload type: image, video, file, ..?
 	if ( isset($_GET['type']) )