CISA Warns of Actively Exploited Joomla JCE Flaw Allowing PHP Code Execution



June 17, 2026 at 11:20AM

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a maximum-severity security flaw impacting Widget Factory Joomla Content Editor (JCE) to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The vulnerability, tracked as CVE-2026-48907 (CVSS score: 10.0), is a case of improper access control that could facilitate arbitrary

from The Hacker News https://ift.tt/bik2wKU

Genrerating Link.... 15 seconds.

Your Link is Ready.

Share this post