Joomla

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has ordered federal agencies to patch a maximum-severity flaw in the Widget Factory Joomla Content Editor (JCE) plugin that is being actively exploited in the wild. Tracked as CVE-2026-48907, this vulnerability can be exploited by threat actors without privileges to achieve code execution via low-complexity attacks targeting Joomla […]