If you have used function wp_handle_sideload() in any of your plugin/theme then you need to pass the mimes
types too.
Because WordPress 5.0.1 Security Released. In which the uploaded files are validated with the real MIME type.
E.g. If you have set the application/xml
MIME type though filter upload_mimes
to upload the XML file and if the real MIME type of uploaded file is text/xml
then the file was not uploaded. And it shows the below message.
Sorry, this file type is not permitted for security reasons.
To fix this you need to set the mimes
for function wp_handle_sideload().
Check below code for reference.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
$overrides = array( | |
… | |
… | |
'mimes' => array( | |
'xml' => 'text/xml', // Download XML file. | |
), | |
); | |
wp_handle_sideload( $file_args, $overrides ); |
For more details visit:
Backwards Compatibility Breaks in 5.0.1
WordPress 5.0.1 Security Release