Your dream vibe-coded app might be a security nightmare.
CVE-2026-48907 in the Joomla JCE plugin lets unauthenticated attackers drop PHP web shells with a single crafted request.
Some results have been hidden because they may be inaccessible to you
Show inaccessible results