THREAT OPS › CVEs › CVE-2026-48907
CVE-2026-48907 — Widget Factory Joomla Content Editor Improper Access Control Vulnerability
Widget Factory Joomla Content Editor contains an improper access control vulnerability which could allow for upload and execution of PHP code via the creation of new editor profiles for unauthenticated users.
Vulnerability details
- Affected productsJoomla Content Editor
- KEV remediation due2026-06-19