Critical Vulnerabilities in Joomla Extensions SP Page Builder and Page Builder CK Under Active Exploitation
The Cyber Security Agency of Singapore (CSA) has issued an alert regarding critical vulnerabilities (CVE-2026-48908 and CVE-2026-56290) in Joomla's SP Page Builder and Page Builder CK extensions. These flaws, with a CVSS score of 9.8, are under active exploitation, allowing unauthenticated attackers to upload malicious files and achieve remote code execution, potentially leading to complete website takeover. Users are advised to update immediately.
Want more?
Open NewsSnap.ai for the full app experience, including audio, personalization, and more news tools.