Skip to main content

Page Builder CK CVE-2026-56290

| EUVDEUVD-2026-40121 CRITICAL
Improper Access Control (CWE-284)
2026-06-29 Joomla GHSA-gxrr-wfg5-xqqf
10.0
CVSS 4.0 · Vendor: Joomla
Share

Severity by source

Vendor (Joomla) PRIMARY
10.0 CRITICAL
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:A/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:X/V:X/RE:X/U:Red
vuln.today AI
10.0 CRITICAL

Unauthenticated network upload (PR:N/UI:N/AC:L) yielding code execution that escapes the app to the host justifies S:C with full C/I/A impact.

3.1 AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
4.0 AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H

Primary rating from Vendor (Joomla).

CVSS VectorVendor: Joomla

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:A/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:X/V:X/RE:X/U:Red
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
X

Lifecycle Timeline

3
Added to CISA KEV
Jul 07, 2026 - 17:16 CISA
Analysis Generated
Jun 29, 2026 - 15:20 vuln.today
CVE Published
Jun 29, 2026 - 14:31 cve.org
CRITICAL 10.0

DescriptionCVE.org

The Joomla extension Page Builder CK is vulnerable to an unauthenticated arbitrary file upload that allows uploading executable files and leads to full RCE.

AnalysisAI

Unauthenticated arbitrary file upload in the Joomlack Page Builder CK extension for Joomla allows remote attackers to upload executable (PHP) files and achieve full remote code execution on the host. Any Joomla site running this extension is exposed to complete compromise without credentials. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Scan for Joomla sites with Page Builder CK
Delivery
POST PHP webshell to unauthenticated upload endpoint
Exploit
Bypass access control, write file to webroot
Execution
Request uploaded shell URL
Persist
Server executes attacker PHP as web user
Impact
Full remote code execution

Vulnerability AssessmentAI

Exploitation The target Joomla site must have the Joomlack Page Builder CK extension installed and its file-upload/handling endpoint reachable over the network. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment Every signal points to top-tier priority. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker scanning for Joomla sites running Page Builder CK sends a crafted HTTP POST to the extension's unauthenticated upload endpoint, submitting a PHP webshell accepted as an uploadable file. Because no authentication or extension filtering blocks it, the file lands in the webroot; the attacker then requests its URL and the server executes it, yielding remote code execution. …
Remediation No vendor-released patch version is identified in the available data; the only reference is the vendor site https://www.joomlack.fr/, which should be checked for an updated Page Builder CK release and applied immediately once available. … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

Within 24 hours: Identify all Joomla instances using the Joomlack Page Builder CK extension; immediately disable and uninstall the extension across all systems. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

CVE-2026-56290 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy