CVE-2026-1730

The CVE concerns the WordPress OS DataHub Maps plugin where a flaw in the file-type validation in OS_DataHub_Maps_Admin::add_file_and_ext enables authenticated users with Author-level access or higher to upload arbitrary files on versions up to 1.8.3. The vulnerability could allow arbitrary file ...

CVE-2026-1730 OS DataHub Maps <= 1.8.3 - Authenticated (Author+) Arbitrary File Upload

The OS DataHub Maps plugin for WordPress is vulnerable to arbitrary file uploads due to incorrect file type validation in the 'OSDataHubMapsAdmin::addfileandext' function in all versions up to, and including, 1.8.3. This makes it possible for authenticated attackers, with Author-level access and...

WordPress plugin OS DataHub Maps 代码问题漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There wa...

PT-2026-6055

Name of the Vulnerable Software and Affected Versions OS DataHub Maps plugin for WordPress versions through 1.8.3 Description The OS DataHub Maps plugin for WordPress has a flaw allowing arbitrary file uploads. This is due to insufficient file type validation within the OS DataHub Maps Admin::add...