diff --git a/tinymce/plugins/filemanager/upload.php b/tinymce/plugins/filemanager/upload.php
index 0ce1fdb..afad079 100644
--- a/tinymce/plugins/filemanager/upload.php
+++ b/tinymce/plugins/filemanager/upload.php
@@ -19,6 +19,12 @@
     $targetPath = dirname( __FILE__ ) . $ds. $storeFolder . $ds; 
     $targetPathThumb = dirname( __FILE__ ) . $ds. $storeFolderThumb . $ds; 
      
+    // Reject uploading of non-allowed file-endings	
+    $file_ending = strtolower(substr(strrchr($_FILES['file']['name'],'.'),1));
+    if(!in_array($file_ending, $ext)) {
+      die();
+    }
+	
     $targetFile =  $targetPath. $_FILES['file']['name']; 
     $targetFileThumb =  $targetPathThumb. $_FILES['file']['name']; 
     move_uploaded_file($tempFile,$targetFile);