AI Sec Watch: A Security Intelligence Platform for AI Systems

Luu, T.J.

🔥 This vulnerability is being actively exploited in the wild (CISA Known Exploited Vulnerabilities catalog)

CVE-2026-48907: Widget Factory Joomla Content Editor Improper Access Control Vulnerability

infovulnerability🔥 Actively Exploited

security

Source: CISA Known Exploited VulnerabilitiesJune 15, 2026CVE-2026-48907

Summary

Widget Factory Joomla Content Editor has an improper access control vulnerability (a security flaw where the software fails to properly restrict who can do what) that allows unauthenticated users (people without login credentials) to upload and execute PHP code (a server-side programming language) by creating new editor profiles. This vulnerability is currently being exploited in active attacks.

Solution / Mitigation

The source states to "Apply mitigations in accordance with vendor instructions" and references the Joomla Content Editor website for a security update and patch at https://www.joomlacontenteditor.net/news/jce-security-update-and-a-free-patch-for-older-sites and https://www.joomlacontenteditor.net/support/changelog/editor. If mitigations are unavailable, organizations should follow CISA BOD 26-04 guidance for cloud services or discontinue use of the product. The deadline for applying these mitigations is 2026-06-19.

Vulnerability Details

EPSS (30-day exploit probability)

EPSS: 0.8%

Patch Available

Yes

Exploit Maturity

🔥 Actively Exploited

Disclosure Date

June 15, 2026

Classification

Attack SophisticationModerate

Taxonomy References

CWE (Weakness Type)

CWE-284

Monthly digest — independent AI security research

Original source: https://nvd.nist.gov/vuln/detail/CVE-2026-48907

First tracked: June 16, 2026 at 08:00 PM

Classified by LLM (prompt v3) · confidence: 95%