Widgetfactorylimited - Jce CVE

Filtered by vendor Widgetfactorylimited Subscribe

Filtered by product Jce

Total 2 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2026-48907	1 Widgetfactorylimited	1 Jce	2026-06-17	N/A	9.8 CRITICAL
A vulnerability in the JCE editor extension for Joomla allows the creation of new editor profiles for unauthenticated users, ultimately resulting in PHP code upload and execution.
CVE-2015-7339	1 Widgetfactorylimited	1 Jce	2026-06-17	6.5 MEDIUM	8.8 HIGH
JCE Joomla Component 2.5.0 to 2.5.2 allows arbitrary file upload via a .php file extension for an image file to the /com_jce/editor/libraries/classes/browser.php script.

Vulnerabilities (CVE)