Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
5.3
CVE-2026-48899: Privilege Escalation in Joomla com_users
CVE-2026-48899
BIT-joomla-2026-48899
Summary
A security issue affects the Joomla com_users component, allowing unauthorized users to gain elevated privileges. This could enable them to access sensitive information or perform actions they shouldn't be able to. Update Joomla to the latest version to fix this issue.
What to do
- Update joomla to version 6.1.1.
Affected software
| Ecosystem | Vendor | Product | Affected versions |
|---|---|---|---|
| – | joomla | joomla\! |
>= 4.0.0, < 5.4.6 >= 6.0.0, < 6.1.1 cpe:2.3:a:joomla:joomla\!:*:*:*:*:*:*:*:* |
| Bitnami | – | joomla |
>= 6.0.0, < 6.1.1 Fix: upgrade to 6.1.1
|
Original title
Joomla! Core - [20260515] - Incorrect Access Control in sample data plugins
Original description
An improper access check allows privilege escalation through the com_users batch task.
nvd CVSS4.0
5.3
Vulnerability type
CWE-284
Improper Access Control
Published: 27 May 2026 · Updated: 27 May 2026 · First seen: 26 May 2026