THREATOPS
THREAT OPSCVEs › CVE-2026-48908

CVE-2026-48908 — JoomShaper SP Page Builder Unrestricted Upload of File with Dangerous Type Vulnerability

CISA KEVExploited: confirmedJoomShaper

JoomShaper SP Page Builder contains an unrestricted upload of file with dangerous type vulnerability that allows unauthenticated users to upload arbitrary files, ultimately resulting in the upload and execution of PHP code.

Vulnerability details

Related reporting