Summary
Widget Factory Joomla Content Editor Improper Access Control Vulnerability. Widget Factory Joomla Content Editor contains an improper access control vulnerability which could allow for upload and execution of PHP code via the creation of new editor profiles for unauthenticated users.
References
Related vulnerabilities
All Known-exploited →- HIGHCVE-2026-54420
LiteSpeed cPanel Plugin UNIX Symbolic Link (Symlink) Following Vulnerability. LiteSpeed cPanel plugin contains a UNIX symbolic link (Symlink) following vulnerability that could allow a user with FTP or web shell access on a shared hosting server running CloudLinux/CageFS.
- HIGHCVE-2026-20262
Cisco Catalyst SD-WAN Manager Directory or Path Traversal Vulnerability. Cisco Catalyst SD-WAN Manager contains a directory or path traversal vulnerability that could allow an authenticated, remote attacker to create a file or overwrite any file on the filesystem of an affected system.
- CRITICALCVE-2026-35273
Oracle PeopleSoft Enterprise PeopleTools Missing Authentication for Critical Function Vulnerability. Oracle PeopleSoft Enterprise PeopleTools contains a missing authentication for critical function vulnerability which could allow an unauthenticated attacker to obtain takeover of PeopleSoft Enterprise PeopleTools.