diff --git a/lib/pleroma/web/api_spec/operations/pleroma_account_operation.ex b/lib/pleroma/web/api_spec/operations/pleroma_account_operation.ex
index 90922c064..97836b2eb 100644
--- a/lib/pleroma/web/api_spec/operations/pleroma_account_operation.ex
+++ b/lib/pleroma/web/api_spec/operations/pleroma_account_operation.ex
@@ -4,7 +4,6 @@
 
 defmodule Pleroma.Web.ApiSpec.PleromaAccountOperation do
   alias OpenApiSpex.Operation
-  alias OpenApiSpex.Schema
   alias Pleroma.Web.ApiSpec.Schemas.AccountRelationship
   alias Pleroma.Web.ApiSpec.Schemas.ApiError
   alias Pleroma.Web.ApiSpec.Schemas.FlakeID
@@ -40,48 +39,6 @@ defmodule Pleroma.Web.ApiSpec.PleromaAccountOperation do
     }
   end
 
-  def update_avatar_operation do
-    %Operation{
-      tags: ["Accounts"],
-      summary: "Set/clear user avatar image",
-      operationId: "PleromaAPI.AccountController.update_avatar",
-      requestBody:
-        request_body("Parameters", update_avatar_or_background_request(), required: true),
-      security: [%{"oAuth" => ["write:accounts"]}],
-      responses: %{
-        200 => update_response(),
-        403 => Operation.response("Forbidden", "application/json", ApiError)
-      }
-    }
-  end
-
-  def update_banner_operation do
-    %Operation{
-      tags: ["Accounts"],
-      summary: "Set/clear user banner image",
-      operationId: "PleromaAPI.AccountController.update_banner",
-      requestBody: request_body("Parameters", update_banner_request(), required: true),
-      security: [%{"oAuth" => ["write:accounts"]}],
-      responses: %{
-        200 => update_response()
-      }
-    }
-  end
-
-  def update_background_operation do
-    %Operation{
-      tags: ["Accounts"],
-      summary: "Set/clear user background image",
-      operationId: "PleromaAPI.AccountController.update_background",
-      security: [%{"oAuth" => ["write:accounts"]}],
-      requestBody:
-        request_body("Parameters", update_avatar_or_background_request(), required: true),
-      responses: %{
-        200 => update_response()
-      }
-    }
-  end
-
   def favourites_operation do
     %Operation{
       tags: ["Accounts"],
@@ -136,52 +93,4 @@ defmodule Pleroma.Web.ApiSpec.PleromaAccountOperation do
       required: true
     )
   end
-
-  defp update_avatar_or_background_request do
-    %Schema{
-      title: "PleromaAccountUpdateAvatarOrBackgroundRequest",
-      type: :object,
-      properties: %{
-        img: %Schema{
-          nullable: true,
-          type: :string,
-          format: :binary,
-          description: "Image encoded using `multipart/form-data` or an empty string to clear"
-        }
-      }
-    }
-  end
-
-  defp update_banner_request do
-    %Schema{
-      title: "PleromaAccountUpdateBannerRequest",
-      type: :object,
-      properties: %{
-        banner: %Schema{
-          type: :string,
-          nullable: true,
-          format: :binary,
-          description: "Image encoded using `multipart/form-data` or an empty string to clear"
-        }
-      }
-    }
-  end
-
-  defp update_response do
-    Operation.response("PleromaAccountUpdateResponse", "application/json", %Schema{
-      type: :object,
-      properties: %{
-        url: %Schema{
-          type: :string,
-          format: :uri,
-          nullable: true,
-          description: "Image URL"
-        }
-      },
-      example: %{
-        "url" =>
-          "https://cofe.party/media/9d0add56-bcb6-4c0f-8225-cbbd0b6dd773/13eadb6972c9ccd3f4ffa3b8196f0e0d38b4d2f27594457c52e52946c054cd9a.gif"
-      }
-    })
-  end
 end
diff --git a/lib/pleroma/web/pleroma_api/controllers/account_controller.ex b/lib/pleroma/web/pleroma_api/controllers/account_controller.ex
index f3554d919..563edded7 100644
--- a/lib/pleroma/web/pleroma_api/controllers/account_controller.ex
+++ b/lib/pleroma/web/pleroma_api/controllers/account_controller.ex
@@ -8,7 +8,6 @@ defmodule Pleroma.Web.PleromaAPI.AccountController do
   import Pleroma.Web.ControllerHelper,
     only: [json_response: 3, add_link_headers: 2, assign_account_by_id: 2]
 
-  alias Ecto.Changeset
   alias Pleroma.Plugs.EnsurePublicOrAuthenticatedPlug
   alias Pleroma.Plugs.OAuthScopesPlug
   alias Pleroma.Plugs.RateLimiter
@@ -37,17 +36,6 @@ defmodule Pleroma.Web.PleromaAPI.AccountController do
 
   plug(
     OAuthScopesPlug,
-    %{scopes: ["write:accounts"]}
-    # Note: the following actions are not permission-secured in Mastodon:
-    when action in [
-           :update_avatar,
-           :update_banner,
-           :update_background
-         ]
-  )
-
-  plug(
-    OAuthScopesPlug,
     %{scopes: ["read:favourites"], fallback: :proceed_unauthenticated} when action == :favourites
   )
 
@@ -68,56 +56,6 @@ defmodule Pleroma.Web.PleromaAPI.AccountController do
     end
   end
 
-  @doc "PATCH /api/v1/pleroma/accounts/update_avatar"
-  def update_avatar(%{assigns: %{user: user}, body_params: %{img: ""}} = conn, _) do
-    {:ok, _user} =
-      user
-      |> Changeset.change(%{avatar: nil})
-      |> User.update_and_set_cache()
-
-    json(conn, %{url: nil})
-  end
-
-  def update_avatar(%{assigns: %{user: user}, body_params: params} = conn, _params) do
-    {:ok, %{data: data}} = ActivityPub.upload(params, type: :avatar)
-    {:ok, _user} = user |> Changeset.change(%{avatar: data}) |> User.update_and_set_cache()
-    %{"url" => [%{"href" => href} | _]} = data
-
-    json(conn, %{url: href})
-  end
-
-  @doc "PATCH /api/v1/pleroma/accounts/update_banner"
-  def update_banner(%{assigns: %{user: user}, body_params: %{banner: ""}} = conn, _) do
-    with {:ok, _user} <- User.update_banner(user, %{}) do
-      json(conn, %{url: nil})
-    end
-  end
-
-  def update_banner(%{assigns: %{user: user}, body_params: params} = conn, _) do
-    with {:ok, object} <- ActivityPub.upload(%{img: params[:banner]}, type: :banner),
-         {:ok, _user} <- User.update_banner(user, object.data) do
-      %{"url" => [%{"href" => href} | _]} = object.data
-
-      json(conn, %{url: href})
-    end
-  end
-
-  @doc "PATCH /api/v1/pleroma/accounts/update_background"
-  def update_background(%{assigns: %{user: user}, body_params: %{img: ""}} = conn, _) do
-    with {:ok, _user} <- User.update_background(user, %{}) do
-      json(conn, %{url: nil})
-    end
-  end
-
-  def update_background(%{assigns: %{user: user}, body_params: params} = conn, _) do
-    with {:ok, object} <- ActivityPub.upload(params, type: :background),
-         {:ok, _user} <- User.update_background(user, object.data) do
-      %{"url" => [%{"href" => href} | _]} = object.data
-
-      json(conn, %{url: href})
-    end
-  end
-
   @doc "GET /api/v1/pleroma/accounts/:id/favourites"
   def favourites(%{assigns: %{account: %{hide_favorites: true}}} = conn, _params) do
     render_error(conn, :forbidden, "Can't get favorites")
diff --git a/lib/pleroma/web/router.ex b/lib/pleroma/web/router.ex
index 9e457848e..74e940f8e 100644
--- a/lib/pleroma/web/router.ex
+++ b/lib/pleroma/web/router.ex
@@ -328,10 +328,6 @@ defmodule Pleroma.Web.Router do
       delete("/statuses/:id/reactions/:emoji", EmojiReactionController, :delete)
       post("/notifications/read", NotificationController, :mark_as_read)
 
-      patch("/accounts/update_avatar", AccountController, :update_avatar)
-      patch("/accounts/update_banner", AccountController, :update_banner)
-      patch("/accounts/update_background", AccountController, :update_background)
-
       get("/mascot", MascotController, :show)
       put("/mascot", MascotController, :update)
 
diff --git a/test/web/pleroma_api/controllers/account_controller_test.exs b/test/web/pleroma_api/controllers/account_controller_test.exs
index 103997c31..07909d48b 100644
--- a/test/web/pleroma_api/controllers/account_controller_test.exs
+++ b/test/web/pleroma_api/controllers/account_controller_test.exs
@@ -13,8 +13,6 @@ defmodule Pleroma.Web.PleromaAPI.AccountControllerTest do
   import Pleroma.Factory
   import Swoosh.TestAssertions
 
-  @image "data:image/gif;base64,R0lGODlhEAAQAMQAAORHHOVSKudfOulrSOp3WOyDZu6QdvCchPGolfO0o/XBs/fNwfjZ0frl3/zy7////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACH5BAkAABAALAAAAAAQABAAAAVVICSOZGlCQAosJ6mu7fiyZeKqNKToQGDsM8hBADgUXoGAiqhSvp5QAnQKGIgUhwFUYLCVDFCrKUE1lBavAViFIDlTImbKC5Gm2hB0SlBCBMQiB0UjIQA7"
-
   describe "POST /api/v1/pleroma/accounts/confirmation_resend" do
     setup do
       {:ok, user} =
@@ -68,103 +66,6 @@ defmodule Pleroma.Web.PleromaAPI.AccountControllerTest do
     end
   end
 
-  describe "PATCH /api/v1/pleroma/accounts/update_avatar" do
-    setup do: oauth_access(["write:accounts"])
-
-    test "user avatar can be set", %{user: user, conn: conn} do
-      avatar_image = File.read!("test/fixtures/avatar_data_uri")
-
-      conn =
-        conn
-        |> put_req_header("content-type", "multipart/form-data")
-        |> patch("/api/v1/pleroma/accounts/update_avatar", %{img: avatar_image})
-
-      user = refresh_record(user)
-
-      assert %{
-               "name" => _,
-               "type" => _,
-               "url" => [
-                 %{
-                   "href" => _,
-                   "mediaType" => _,
-                   "type" => _
-                 }
-               ]
-             } = user.avatar
-
-      assert %{"url" => _} = json_response_and_validate_schema(conn, 200)
-    end
-
-    test "user avatar can be reset", %{user: user, conn: conn} do
-      conn =
-        conn
-        |> put_req_header("content-type", "multipart/form-data")
-        |> patch("/api/v1/pleroma/accounts/update_avatar", %{img: ""})
-
-      user = User.get_cached_by_id(user.id)
-
-      assert user.avatar == nil
-
-      assert %{"url" => nil} = json_response_and_validate_schema(conn, 200)
-    end
-  end
-
-  describe "PATCH /api/v1/pleroma/accounts/update_banner" do
-    setup do: oauth_access(["write:accounts"])
-
-    test "can set profile banner", %{user: user, conn: conn} do
-      conn =
-        conn
-        |> put_req_header("content-type", "multipart/form-data")
-        |> patch("/api/v1/pleroma/accounts/update_banner", %{"banner" => @image})
-
-      user = refresh_record(user)
-      assert user.banner["type"] == "Image"
-
-      assert %{"url" => _} = json_response_and_validate_schema(conn, 200)
-    end
-
-    test "can reset profile banner", %{user: user, conn: conn} do
-      conn =
-        conn
-        |> put_req_header("content-type", "multipart/form-data")
-        |> patch("/api/v1/pleroma/accounts/update_banner", %{"banner" => ""})
-
-      user = refresh_record(user)
-      assert user.banner == %{}
-
-      assert %{"url" => nil} = json_response_and_validate_schema(conn, 200)
-    end
-  end
-
-  describe "PATCH /api/v1/pleroma/accounts/update_background" do
-    setup do: oauth_access(["write:accounts"])
-
-    test "background image can be set", %{user: user, conn: conn} do
-      conn =
-        conn
-        |> put_req_header("content-type", "multipart/form-data")
-        |> patch("/api/v1/pleroma/accounts/update_background", %{"img" => @image})
-
-      user = refresh_record(user)
-      assert user.background["type"] == "Image"
-      # assert %{"url" => _} = json_response(conn, 200)
-      assert %{"url" => _} = json_response_and_validate_schema(conn, 200)
-    end
-
-    test "background image can be reset", %{user: user, conn: conn} do
-      conn =
-        conn
-        |> put_req_header("content-type", "multipart/form-data")
-        |> patch("/api/v1/pleroma/accounts/update_background", %{"img" => ""})
-
-      user = refresh_record(user)
-      assert user.background == %{}
-      assert %{"url" => nil} = json_response_and_validate_schema(conn, 200)
-    end
-  end
-
   describe "getting favorites timeline of specified user" do
     setup do
       [current_user, user] = insert_pair(:user, hide_favorites: false)