diff --git a/changelog b/changelog
index fe458eed593a..a714693b65b8 100644
--- a/changelog
+++ b/changelog
@@ -1,4 +1,7 @@
 Version 1.12.3+dev:
+ * Security fixes:
+   * Disallowed WML inclusion of .pbl files with a non-lowercase extension too
+     (bug #23504).
  * Language and i18n:
    * Updated translations:
 
diff --git a/players_changelog b/players_changelog
index 6c8a1a40e5b1..abffd1ae22eb 100644
--- a/players_changelog
+++ b/players_changelog
@@ -3,6 +3,9 @@ changes may be omitted). For a complete list of changes, see the main
 changelog: https://github.com/wesnoth/wesnoth/blob/1.12/changelog
 
 Version 1.12.3+dev:
+ * Security fixes:
+   * Disallowed WML inclusion of .pbl files with a non-lowercase extension too
+     (bug #23504).
  * Language and i18n:
    * Updated translations:
 
diff --git a/src/filesystem.cpp b/src/filesystem.cpp
index bc42ac38e509..0759465d4ca9 100644
--- a/src/filesystem.cpp
+++ b/src/filesystem.cpp
@@ -1025,7 +1025,7 @@ std::string get_wml_location(const std::string &filename, const std::string &cur
 		return result;
 	}
 
-	if (ends_with(filename, ".pbl")) {
+	if (looks_like_pbl(filename)) {
 		ERR_FS << "Illegal path '" << filename << "' (.pbl files are not allowed)." << std::endl;
 		return result;
 	}
diff --git a/src/filesystem_boost.cpp b/src/filesystem_boost.cpp
index 7d4b77449a49..c4f108899f10 100644
--- a/src/filesystem_boost.cpp
+++ b/src/filesystem_boost.cpp
@@ -979,7 +979,7 @@ static bool is_legal_file(const std::string &filename)
 		return false;
 	}
 
-	if (ends_with(filename, ".pbl")) {
+	if (looks_like_pbl(filename)) {
 		ERR_FS << "Illegal path '" << filename << "' (.pbl files are not allowed)." << std::endl;
 		return false;
 	}