Critical Vulnerability in Joomla JCE Editor (CVE-2026-48907)

Webhosting > Redakční systémy > Joomla

Vulnerability Overview


A critical security vulnerability has been disclosed in the JCE Editor extension for the Joomla content management system. The vulnerability is tracked as CVE-2026-48907.

This vulnerability allows an attacker to upload and execute malicious code on a web server without authentication. Successful exploitation may result in complete website compromise, unauthorized file uploads, website defacement, data theft, or the use of the website for further malicious activities.

According to publicly available information, this vulnerability is being actively exploited in the wild.

Important: If your website uses Joomla with the JCE Editor extension and you are unsure which version is installed, we strongly recommend verifying the version and applying updates as soon as possible.


Who Is Affected?


The vulnerability affects Joomla installations running the JCE Editor extension in versions older than:
2.9.99.5
The vendor currently recommends updating to:
2.9.99.6 or later


How to Check Your JCE Editor Version


  1. Log in to the Joomla Administrator panel.
  2. Navigate to Components → JCE Editor.
  3. Check the installed version displayed in the administration interface.
If the installed version is lower than 2.9.99.5, immediate remediation is recommended.


How to Update JCE Editor


  1. Log in to the Joomla Administrator panel.
  2. Navigate to System → Extension Updates.
  3. Check for available updates.
  4. Update the JCE Editor extension to the latest available version.
  5. Verify that version 2.9.99.6 or later is installed after the update completes.


Recommended Post-Update Checks


Updating the extension does not automatically remove any malicious files or changes that may have been introduced before the update.
After updating, we recommend reviewing:
  • Joomla administrator accounts,
  • recently created or unknown files,
  • the tmp, cache, images, and media directories,
  • installed extensions and templates,
  • website content for any unauthorized modifications.
If you discover suspicious files or unexpected changes, contact your website administrator or Joomla service provider for further investigation.


No Access to Joomla Administration?


If your website is managed by a third-party developer, agency, please forward this advisory and request that they verify the installed JCE Editor version and apply the necessary updates.


Additional Security Recommendations


To maintain a secure website environment, we recommend regularly updating:
  • Joomla Core,
  • all installed extensions,
  • website templates,
  • the PHP version used by your hosting environment.
Regular updates significantly reduce the risk of website compromise and security incidents.
Article ID: 4740, , Modified: Yesterday at 10:11 AM

Was this article helpful?

Share this article