diff --git a/core/Controllers/UserController.php b/core/Controllers/UserController.php
index 15c3ee4b8f815eb11501e70e336dea08198d74fe..0e0a68277949309bff3062862ca2aeab4a2b3a5e 100644
--- a/core/Controllers/UserController.php
+++ b/core/Controllers/UserController.php
@@ -129,7 +129,9 @@ class UserController
         }
         $ext = strtoupper(substr($data['name'], strrpos($data['name'], '.') + 1));
 
-        if (empty($extensionTypes[$ext]) || $extensionTypes[$ext] != $data['type']) {
+        $mimeType = explode('/', $data['type']);
+
+        if (empty($extensionTypes[$ext]) || $extensionTypes[$ext] != $data['type'] || $mimeType[0] != 'image') {
             return $response->withJson(['errors' => _WRONG_FILE_TYPE]);
         } elseif ($data['size'] > 2000000){
             return $response->withJson(['errors' => _MAX_SIZE_UPLOAD_REACHED . ' (2 MB)']);