CVE Tools
Back to feed
SecurityWeek ·EN-US News source Exploited in the wildJoomla Content Editor (JCE) ProLiteSpeed cPanel user-end pluginJoomla Widget Factory JCE

Joomla, LiteSpeed Vulnerabilities Exploited in Attacks

By Ionut Arghire··2 min read
CVE Tools coverage

Attackers are exploiting security weaknesses in Joomla’s Content Editor (JCE) and the LiteSpeed cPanel plugin to gain code execution and escalate privileges. Joomla JCE Pro versions before 2.9.99.5 are affected by CVE-2026-48907, enabling unauthenticated abuse to upload arbitrary files and run PHP code; fixes were released in 2.9.99.5 and strengthened again in 2.9.99.6. Separately, LiteSpeed’s user-end cPanel plugin versions before 2.4.8 are impacted by CVE-2026-54420, where improper symlink handling can let attackers escalate to root on shared hosting running CloudLinux/CageFS; both issues have been added to CISA’s KEV catalog, underscoring the urgency to patch.