FYI: Resolved this… Turns out it had to do with the front-end login form. The live site was on SSL and my dev site was not.
As such, $user_signon = wp_signon( $info, false );
was at the root of the problem. The false
value was saying that the cookie mustn’t be secure, which because the site WAS on SSL, was not storing the cookie correctly and thus not allowing the upload to happen.