diff --git a/lib/API/JSON/Endpoint.php b/lib/API/JSON/Endpoint.php
index 1f1a234eb6..2fc784c3e4 100644
--- a/lib/API/JSON/Endpoint.php
+++ b/lib/API/JSON/Endpoint.php
@@ -43,12 +43,11 @@ abstract class Endpoint {
   }
 
   public function isMethodAllowed($name, $type) {
+    // Block GET requests on POST endpoints, but allow POST requests on GET endpoints (some plugins
+    // change REQUEST_METHOD to POST on GET requests, which caused them to be blocked)
     if ($type === self::TYPE_GET && !in_array($name, static::$get_methods)) {
       return false;
     }
-    if ($type === self::TYPE_POST && in_array($name, static::$get_methods)) {
-      return false;
-    }
     return true;
   }
 }