This article describes the allowed file types of WordPress File Upload plugin.
After update of WordPress File Upload plugin to version 3.9.0, or newer, many users are getting an error “Upload failed! File not allowed.” which did not occur before.
This is caused by the new security policy of WordPress File Plugin, which affected the file types allowed to be uploaded. The change of policy occurred so that websites are better protected against hacking attempts, such as arbitrary file uploads.
According to the new policy, the default value *.* in Allowed File Extensions option of the plugin will not allow all file types to be uploaded, but only specific ones. As a best practice, administrators are strongly encouraged to define specific lists of allowed file types (whitelists) instead of leaving the generic *.* option.
However, even if administrators define a specific list of file extensions, it is not certain that all will be allowed. This is because the plugin keeps a list of forbidden file extensions (blacklist) and will check first if any of the specified extensions is in the blacklist and if yes it will reject them.
To find out if a specific file extension is allowed by default, or needs to be explicitly defined through Allowed File Extensions option or it is forbidden, type it in the textbox below and press Check button.