or content-type other than application/x-www-form-urlencoded, multipart/form-data or text/plain.
application/json is a content-type other than application/x-www-form-urlencoded, multipart/form-data or text/plain, and thus a request for it will fail unless the required CORS headers are present
There's a couple issues with your comment: first, the restriction you're talking about is related to preflighting, not to whether requests are allowed at all.
Additionally, you're thinking about the "wrong" Content-type header: the limitation you're mentioning about urlencoded and so on is a limitation on request headers, not response headers.
The CORS headers are required for the GP's described request to succeed, but not for the reasons you give.
application/json is a content-type other than application/x-www-form-urlencoded, multipart/form-data or text/plain, and thus a request for it will fail unless the required CORS headers are present