COOEY // HUBcompliance · community · intelligence

Exposures › CVE-2026-48908

CVE-2026-48908

Severity
high · on CISA KEV actively exploited
Source
CISA-KEV · kev
Published
2026-07-07
Reference
https://nvd.nist.gov/vuln/detail/CVE-2026-48908
⚡ RCE ⌖ exploited in the wild shame 85/100 rceexploited-in-wildsupply-chain

JoomShaper SP Page Builder allows unauthenticated users to upload and execute arbitrary PHP files.

This vulnerability enables remote code execution via file upload, posing a severe risk to any DIB organization using the product for FedRAMP or NIST 800-171 compliance. Immediate removal of the product from production environments and a full security audit of all deployed instances are required to prevent unauthorized access to sensitive data.

Shame score — An unauthenticated RCE vulnerability in a widely used SaaS product represents a critical failure in input validation and security controls.

Players implicated

JoomShaper · vendorSP Page Builder · product

Description

JoomShaper SP Page Builder contains an unrestricted upload of file with dangerous type vulnerability that allows unauthenticated users to upload arbitrary files, ultimately resulting in the upload and execution of PHP code.

Affected FedRAMP products 0 in the catalog

No correlated FedRAMP products.