Tag: PHP code execution

Cyber Products

Joomla Content Editor (JCE): Vulnerable Extension

The Joomla Content Editor (JCE) by Widget Factory is a popular extension for Joomla CMS. Versions 1.0.0 through 2.9.99.4 contain a critical…

CVE-2026-48907 JCE Joomla Content Editor Joomla Content Editor (JCE)

June 25, 2026

Critical CVEs

CVE-2026-48907: Joomla JCE Improper Access Control Vulnerability

CVE-2026-48907 is a maximum-severity vulnerability (CVSS 10.0) in Widget Factory's Joomla Content Editor (JCE) extension. It allows unauthenticated users to upload and…

CISA CVE-2026-48907 improper access control JCE

June 16, 2026