If you have used function wp_handle_sideload() in any of your plugin/theme then you need to pass the
mimes types too.
Because WordPress 5.0.1 Security Released. In which the uploaded files are validated with the real MIME type.
E.g. If you have set the
application/xml MIME type though filter
upload_mimes to upload the XML file and if the real MIME type of uploaded file is
text/xml then the file was not uploaded. And it shows the below message.
Sorry, this file type is not permitted for security reasons.
To fix this you need to set the
mimes for function wp_handle_sideload().
Check below code for reference.
For more details visit: