CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Widgetfactorylimited: >> Jce Security Vulnerabilities

CVE-2026-48907

Known exploited

A vulnerability in the JCE editor extension for Joomla allows the creation of new editor profiles for unauthenticated users, ultimately resulting in PHP code upload and execution.

CVSS Score

10.0

EPSS Score

0.069

Published

2026-06-05

CVE-2015-7339

JCE Joomla Component 2.5.0 to 2.5.2 allows arbitrary file upload via a .php file extension for an image file to the /com_jce/editor/libraries/classes/browser.php script.

CVSS Score

8.8

EPSS Score

0.011

Published

2020-03-09

Page 1

Vulnerabilities

Vulnerable Software

Widgetfactorylimited: >> Jce Security Vulnerabilities

Products

Pricing

Contact Us