CVE Watchtower ← Back to CVE ListCVE-2026-48907NVDVulnerability SummaryA vulnerability in the JCE editor extension for Joomla allows the creation of new editor profiles for unauthenticated users, ultimately resulting in PHP code upload and execution.Severity LevelUNKNOWNPublished DateJun 5, 2026Last ModifiedJun 5, 2026Exploitation Status????EPSS Score (30-Day)Data PendingRoot Weakness (CWE)N/AExternal Referenceshttps://www.joomlacontenteditor.net/