I’ve just been having a similar problem where I was getting 403 errors from /wp-admin/admin-ajax.php with the wpGeoDirectory plugin when trying to upload CSV files.
I thought it could be to do with Bulletproof Security and found this page: https://www.ads-software.com/support/topic/plugin-bulletproof-security-google-analytics-plugin-by-joost-conflicts
Which states:
you just need to allow this action in the wp-admin .htaccess file. You can add this skip/bypass rule to BPS wp-admin Custom Code CUSTOM CODE WPADMIN PLUGIN FIXES: and save it so that it is saved permanently to your DB. Then activate BulletProof Mode for your wp-admin folder again.
# GAW admin-ajax.php skip/bypass rule<br />
RewriteCond %{REQUEST_URI} (admin-ajax\.php) [NC]<br />
RewriteRule . - [S=2]
This works for me, but I have no idea about security issues.
It also works now with Bulletproof Security re-enabled on my multisite installation (WordPress 4.0.1).
