Back to Live Pulse
Critical
Jce
Improper Access Control

CVE-2026-48907

Description

A vulnerability in the JCE editor extension for Joomla allows the creation of new editor profiles for unauthenticated users, ultimately resulting in PHP code upload and execution.

Proof of Concept (POC) Links

Explore how this vulnerability can be reproduced or exploited.