Detections
Analytics

Joomla! Extension 'JCE' < 2.9.99.5 Remote Code Execution

critical Nessus Plugin ID 321523

Synopsis

The remote Joomla! application has an extension installed that is affected by a remote code execution vulnerability.

Description

The version of the JCE (Joomla Content Editor) extension for the Joomla! application running on the remote host is prior to 2.9.99.5. It is, therefore, affected by an improper access control vulnerability. The extension allows the creation of new editor profiles for unauthenticated users, ultimately resulting in the upload and execution of arbitrary PHP code.

Note that Nessus has not tested for this issue but has instead relied only on the extension's self-reported version number.

Solution

Upgrade the JCE (Joomla Content Editor) extension to version 2.9.99.5 or later through the administrative dashboard.

See Also

http://www.nessus.org/u?3201ef28

https://extensions.joomla.org/extension/jce/

Plugin Details

Severity: Critical

ID: 321523

File Name: joomla_extension_jce_2_9_99_5.nasl

Version: 1.1

Type: Remote

Family: CGI abuses

Published: 6/18/2026

Updated: 6/18/2026

Configuration: Enable thorough checks (optional)

Supported Sensors: Nessus

Enable CGI Scanning: true

Risk Information

VPR

Risk Factor: Critical

Score: 9.0

CVSS v2

Risk Factor: Critical

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS Score Source: CVE-2026-48907

CVSS v3

Risk Factor: Critical

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS v4

Risk Factor: Critical

Base Score: 10

Threat Score: 10

Threat Vector: CVSS:4.0/E:A

Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H

Vulnerability Information

CPE: cpe:/a:joomla:joomla%5c%21

Required KB Items: installed_sw/Joomla!, www/PHP

Exploit Available: true

Exploit Ease: Exploits are available

Vulnerability Publication Date: 6/6/2026

CISA Known Exploited Vulnerability Due Dates: 6/16/2026

Reference Information

CVE: CVE-2026-48907