CVE-2026-56290

UNKNOWN 0.0

Joomla Extension - joomlack.fr - Unauthenticated file upload in Page Builder CK extension < 3.6.0

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

The Joomla extension Page Builder CK is vulnerable to an unauthenticated arbitrary file upload that allows uploading executable files and leads to full RCE.

CWE	CWE-284
Vendor	joomlack.fr
Product	joomlack.fr page builder ck extension for joomla
Published	Jun 29, 2026
Last Updated	Jun 29, 2026

Stay Ahead of the Next One

Get instant alerts for joomlack.fr joomlack.fr page builder ck extension for joomla

Be the first to know when new unknown vulnerabilities affecting joomlack.fr joomlack.fr page builder ck extension for joomla are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

joomlack.fr / JoomlaCK.fr Page Builder CK extension for Joomla

1.0-3.6.0

References

NVD ↗ CVE.org ↗ EPSS Data ↗

joomlack.fr: https://www.joomlack.fr/

Credits

Phil Taylor