CRITICAL
joomlacontenteditor.net
CVE published 2026-06-05
CVE-2026-48907
A vulnerability in the JCE editor extension for Joomla allows the creation of new editor profiles for unauthenticated users, ultimately resulting in PHP code upload and execution. This vulnerability has a CVSS score of 10 and is considered CRITICAL.