CVE-2026-48908: JoomShaper SP Page Builder Unrestricted Upload of File with Dangerous Type Vulnerability

Summary

JoomShaper SP Page Builder has a critical vulnerability allowing unauthenticated users to upload arbitrary files, including PHP code. This could lead to the execution of malicious code on affected systems.

IFF Assessment

FOE

The vulnerability allows for the execution of arbitrary code, which is a significant threat to system integrity and data security.

Severity

9.8 Critical

This vulnerability allows for unauthenticated remote code execution through file upload of dangerous types (PHP), enabling an attacker to take full control of the affected system. This indicates a high CVSS score due to its critical impact and ease of exploitation.

CISA KEV: Listed as actively exploited. Federal patch due: July 10, 2026. Known ransomware use: Unknown.

Defender Context

This vulnerability in a popular website builder component presents a direct risk to organizations using it, as unauthenticated attackers can gain code execution. Defenders should prioritize patching or applying mitigations as per vendor instructions and CISA guidance to prevent compromise and potential ransomware deployment.

Read Full Story →