This plugin hasn’t been tested with the latest 3 major releases of WordPress. It may no longer be maintained or supported and may have compatibility issues when used with more recent versions of WordPress.

Unsafe Mimetypes


Unsafe Mimetypes allows users to define extra media types not allowed by the standard WordPress installation. Users will often encounter the message ‘Sorry, this file type is not permitted for security reasons.’

This plugin allows the site admin to upload and distribute files other than the basic set WordPress allows by default. This plugin allows the user to define a list of extensions they wish to allow. Administrators can choose to allow only Administrators or all Media Uploaders to be able to add the defined types to the library.

Note: This plugin does not permit the user to change the maximum upload size, which may be needed for large multimedia files.


Currently, the interface offers English and Spanish versions. Spanish translation by Mariana.


  • This is the error message you will see from the media manager when trying to upload many non-standard filetypes.
  • This is the admin interface where you can define a list of file extensions you wish to add to the whitelist. If you trust your editors you can also choose to grant the same permissions to them also.
  • If you want, you can allow your editor permission to upload the default types, while allowing your admins greater power by ticking the ‘allow default types’ box, and giving the extra permissions to admin only.


  1. unpack the zip file to your /wp-content/plugins/ directory
  2. Activate the plugin through the ‘Plugins’ menu in WordPress


Once I’ve added a filetype to the whitelist, can I then use the WordPress media manager to include uploaded files in my Post/Page?

Yes. This is the expected usage. The author uses it to distribute .wav and .flac audio files, as part of a post.

Is is safe to allow users to upload `php` files?

Never do this unless you’re using it to upload your own php files, you’re admin, and you know the risks involved.


There are no reviews for this plugin.

Contributors & Developers

“Unsafe Mimetypes” is open source software. The following people have contributed to this plugin.


Translate “Unsafe Mimetypes” into your language.

Interested in development?

Browse the code, check out the SVN repository, or subscribe to the development log by RSS.



  • Fixed a deployment issue


  • Fixed a versioning issue #4
  • Tested and supported with WP4.1
  • Fixed development URL:


  • refixed sickiness issue, when creating new installations.
  • corrected issue with translation.
  • improved settings update logic


  • fixed stickiness of admin/editor permissions in admin interface (report:jswagner)
  • added option to allow the builtin allowed types (all uploaders)(report:jswagner)
  • small cleanups in readme.txt
  • added extra screenshot.


  • First public release.