CVE Details

CVE-2026-56290 Joomlack Page Builder Improper Access Control Vulnerability
Published: 2026-07-07 CVSS: 10 CRITICAL Product: Joomlack Page Builder Due Date: 2026-07-10

Joomlack Page Builder contains an improper access control vulnerability that could allow for remote code execution via unauthenticated arbitrary file upload.

GitHub PoC

Warning: GitHub PoC repositories are unverified. Some may be fake or contain malware. Use caution and review code before running anything.
  • shinthink/pbck-exploit • ⭐ 2 • 2026-07-04 • Conf: 95.0%
  • 📤 Mass exploitation framework for CVE-2026-56290 — Page Builder CK Joomla unauthenticated file upload to RCE
  • sagsooz/PageBuilderCK-CVE-2026-56290-Exploit • ⭐ 1 • 2026-07-03 • Conf: 95.0%
  • Page Builder CK for Joomla - Unauthenticated SSRF / Remote File Write leading to PHP execution Exploiter

FIRST EPSS

EPSS estimates the probability of exploitation in the next 30 days. Higher values indicate higher likelihood of real-world exploitation.

Timeline

CVE Stalker KEV MITRE GitHub FIRST (EPSS)

MITRE

CVSS

  • Score: 10
  • Severity: CRITICAL
  • Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:A/AU:Y/U:Red

SSVC

  • Exploitation: active
  • Automatable: yes
  • Technical Impact: total

References

Show Raw Data
Key Remaining Key Value
dataType CVE_RECORD
dataVersion 5.2
cveMetadata > cveId CVE-2026-56290
cveMetadata > assignerOrgId 6ff30186-7fb7-4ad9-be33-533e7b05e586
cveMetadata > state PUBLISHED
cveMetadata > assignerShortName Joomla
cveMetadata > dateReserved 2026-06-20T11:57:32.752Z
cveMetadata > datePublished 2026-06-29T14:31:37.952Z
cveMetadata > dateUpdated 2026-07-07T17:54:17.251Z
containers > cna > affected > 0 > defaultStatus unaffected
containers > cna > affected > 0 > product JoomlaCK.fr Page Builder CK extension for Joomla
containers > cna > affected > 0 > vendor joomlack.fr
containers > cna > affected > 0 > versions > 0 > status affected
containers > cna > affected > 0 > versions > 0 > version 1.0-3.6.0
containers > cna > credits > 0 > lang en
containers > cna > credits > 0 > type finder
containers > cna > credits > 0 > value Phil Taylor
containers > cna > descriptions > 0 > lang en
containers > cna > descriptions > 0 > supportingMedia > 0 > base64 False
containers > cna > descriptions > 0 > supportingMedia > 0 > type text/html
containers > cna > descriptions > 0 > supportingMedia > 0 > value The Joomla extension Page Builder CK is vulnerable to an unauthenticated arbitrary file upload that allows uploading executable files and leads to full RCE.
containers > cna > descriptions > 0 > value The Joomla extension Page Builder CK is vulnerable to an unauthenticated arbitrary file upload that allows uploading executable files and leads to full RCE.
containers > cna > impacts > 0 > capecId CAPEC-242
containers > cna > impacts > 0 > descriptions > 0 > lang en
containers > cna > impacts > 0 > descriptions > 0 > value CAPEC-242: Code Injection
containers > cna > metrics > 0 > cvssV4_0 > Automatable YES
containers > cna > metrics > 0 > cvssV4_0 > Recovery NOT_DEFINED
containers > cna > metrics > 0 > cvssV4_0 > Safety NOT_DEFINED
containers > cna > metrics > 0 > cvssV4_0 > attackComplexity LOW
containers > cna > metrics > 0 > cvssV4_0 > attackRequirements NONE
containers > cna > metrics > 0 > cvssV4_0 > attackVector NETWORK
containers > cna > metrics > 0 > cvssV4_0 > baseScore 10
containers > cna > metrics > 0 > cvssV4_0 > baseSeverity CRITICAL
containers > cna > metrics > 0 > cvssV4_0 > exploitMaturity ATTACKED
containers > cna > metrics > 0 > cvssV4_0 > privilegesRequired NONE
containers > cna > metrics > 0 > cvssV4_0 > providerUrgency RED
containers > cna > metrics > 0 > cvssV4_0 > subAvailabilityImpact HIGH
containers > cna > metrics > 0 > cvssV4_0 > subConfidentialityImpact HIGH
containers > cna > metrics > 0 > cvssV4_0 > subIntegrityImpact HIGH
containers > cna > metrics > 0 > cvssV4_0 > userInteraction NONE
containers > cna > metrics > 0 > cvssV4_0 > valueDensity NOT_DEFINED
containers > cna > metrics > 0 > cvssV4_0 > vectorString CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:A/AU:Y/U:Red
containers > cna > metrics > 0 > cvssV4_0 > version 4.0
containers > cna > metrics > 0 > cvssV4_0 > vulnAvailabilityImpact HIGH
containers > cna > metrics > 0 > cvssV4_0 > vulnConfidentialityImpact HIGH
containers > cna > metrics > 0 > cvssV4_0 > vulnIntegrityImpact HIGH
containers > cna > metrics > 0 > cvssV4_0 > vulnerabilityResponseEffort NOT_DEFINED
containers > cna > metrics > 0 > format CVSS
containers > cna > metrics > 0 > scenarios > 0 > lang en
containers > cna > metrics > 0 > scenarios > 0 > value GENERAL
containers > cna > problemTypes > 0 > descriptions > 0 > cweId CWE-434
containers > cna > problemTypes > 0 > descriptions > 0 > description CWE-434: Unrestricted Upload of File with Dangerous Type
containers > cna > problemTypes > 0 > descriptions > 0 > lang en
containers > cna > problemTypes > 0 > descriptions > 0 > type CWE
containers > cna > providerMetadata > orgId 6ff30186-7fb7-4ad9-be33-533e7b05e586
containers > cna > providerMetadata > shortName Joomla
containers > cna > providerMetadata > dateUpdated 2026-07-05T14:26:56.369Z
containers > cna > references > 0 > tags > 0 product
containers > cna > references > 0 > url https://www.joomlack.fr/
containers > cna > source > discovery UNKNOWN
containers > cna > title Joomla Extension - joomlack.fr - Unauthenticated file upload in Page Builder CK extension < 3.6.0
containers > cna > x_generator > engine Vulnogram 0.1.0-dev
containers > adp > 0 > metrics > 0 > other > type ssvc
containers > adp > 0 > metrics > 0 > other > content > id CVE-2026-56290
containers > adp > 0 > metrics > 0 > other > content > role CISA Coordinator
containers > adp > 0 > metrics > 0 > other > content > options > 0 > Exploitation active
containers > adp > 0 > metrics > 0 > other > content > options > 1 > Automatable yes
containers > adp > 0 > metrics > 0 > other > content > options > 2 > Technical Impact total
containers > adp > 0 > metrics > 0 > other > content > version 2.0.3
containers > adp > 0 > metrics > 0 > other > content > timestamp 2026-07-07T17:45:15.592601Z
containers > adp > 0 > references > 0 > url https://mysites.guru/blog/pagebuilderck-unauthenticated-file-upload-rce/
containers > adp > 0 > references > 0 > tags > 0 third-party-advisory
containers > adp > 0 > references > 1 > url https://forum.joomlack.fr/index.php/page-builder-ck/21627-nouvelle-version-de-pbck-et-joomla-3
containers > adp > 0 > references > 1 > tags > 0 patch
containers > adp > 0 > references > 2 > url https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-56290
containers > adp > 0 > references > 2 > tags > 0 government-resource
containers > adp > 0 > title CISA ADP Vulnrichment
containers > adp > 0 > providerMetadata > orgId 134c704f-9b21-4f2e-91b3-4a467353bcc0
containers > adp > 0 > providerMetadata > shortName CISA-ADP
containers > adp > 0 > providerMetadata > dateUpdated 2026-07-07T17:54:17.251Z