
🛡️ **CISA WARNS OF ACTIVELY EXPLOITED JOOMLA EXTENSION RCE VULNERABILITIES**
Published Monday, July 13, 2026 at 01:35 PM PT BLUF: CISA has confirmed active exploitation of remote code execution flaws in Joomla extensions. Organizations running affected Joomla installations must patch immediately. Federal agencies have been directed to prioritize remediation. DETAILS: CISA added multiple Joomla extension vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, confirming active in-the-wild exploitation Affected extensions include Joomlack Page Builder and JoomShaper SP Page Builder; specific CVE identifiers and CVSS scores not provided in available reporting Vulnerabilities allow unauthenticated remote code execution on vulnerable Joomla installations Exploitation is occurring in active attacks; threat actors are leveraging these flaws against live targets Federal agencies received mandatory patching directives with urgent timelines per CISA protocol IMPACT: ...