Skip to main content

Joomlack Fr Page Builder Ck Extension For Joomla

1 CVEs product

Monthly

CVE-2026-56290 CRITICAL POC KEV THREAT NEWS Emergency

Unauthenticated arbitrary file upload in the Joomlack Page Builder CK extension for Joomla allows remote attackers to upload executable (PHP) files and achieve full remote code execution on the host. Any Joomla site running this extension is exposed to complete compromise without credentials. No public exploit identified at time of analysis, though the CVSS 4.0 threat metric (E:A) supplied by the scoring source signals observed exploitation activity, and the maximum 10.0 score plus AU:Y (automatable) indicate this is highly attractive for mass scanning.

Authentication Bypass File Upload Joomlack Fr Page Builder Ck Extension For Joomla
NVD VulDB GitHub Exploit-DB
CVSS 4.0
10.0
EPSS
0.2%
Threat
5.0
EPSS 0% 5.0 CVSS 10.0
CRITICAL POC KEV THREAT Emergency

Unauthenticated arbitrary file upload in the Joomlack Page Builder CK extension for Joomla allows remote attackers to upload executable (PHP) files and achieve full remote code execution on the host. Any Joomla site running this extension is exposed to complete compromise without credentials. No public exploit identified at time of analysis, though the CVSS 4.0 threat metric (E:A) supplied by the scoring source signals observed exploitation activity, and the maximum 10.0 score plus AU:Y (automatable) indicate this is highly attractive for mass scanning.

Authentication Bypass File Upload Joomlack Fr Page Builder Ck Extension For Joomla
NVD VulDB GitHub Exploit-DB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy