WordPress 4.9.9 File Type Not Permitted Workaround

WordPress 4.9.9 as well as 5.0.1 and ALL the “security patch releases” back to 3.7 now have a new CSV file management bug.   Any CSV file that is uploaded is rejected by WordPress due to a security violation.   

The Quick Fix

Add this to your wp-config.php file:

define(‘ALLOW_UNFILTERED_UPLOADS’, true);

Yes, this will effectively disable all those cool new “security features” in the latest release of WordPress but it also will get your CSV imports working again.   Just remember to take this out when WordPress 4.9.10 (or 5.0.2) comes out — assuming they deem this new “security feature” a bug and patch it accordingly.

File Type Is Not Permitted – WordPress 4.9.9 and 5.0.1

file type is not permitted

Recently updated to WordPress 4.9.9 or 5.0.1 and your CSV file imports for Store Locator Plus® stopped working? It is now fairly common to see a “file type is not permitted” error when uploading files. You can thank yet another “WordPress security feature” — also known as “backwards compatibility break”.  This “update” came with absolutely no warning to plugin developers.

WordPress 4.9.9 and 5.0.1 break Store Locator Plus® Imports and thousands of other plugins.

This does not affect our Store Locator Plus® SaaS users thanks to our fully managed software stack, so they can rest easy and continue to import locations.

WordPress Google API Key

If you are using the WordPress plugins for Store Locator Plus® you will need to manage your Google API keys on your own.   

Thankfully our MySLP SaaS service users don’t have to deal with this nonsense, a benefit of having us manage the locator software for them.  MySLP users login to their MySLP account, manage locations and map settings, and when they are ready copy the “generate Embed” code and past it into any page, post, or widget on their WordPress site — no plugins needed.

If you are using My Store Locator Plus® pat yourself on the back and take an extra 5 at coffee break today. You don’t need to read this article.