CVE-2026-48941 | getk2 K2 Extension 1.0-2.26 on Joomla Query Parameter /media/k2/galleries JFolder::delete authorization

Inserito da Angelo Barbosa | Giu 25, 2026 | CVE

A vulnerability, which was classified as critical, has been found in getk2 K2 Extension 1.0-2.26 on Joomla. The impacted element is the function JFolder::delete of the file /media/k2/galleries of the component Query Parameter Handler. Performing a manipulation results in missing authorization.

This vulnerability is identified as CVE-2026-48941. The attack can be initiated remotely. There is not any exploit available.

CVE-2026-48941 | getk2 K2 Extension 1.0-2.26 on Joomla Query Parameter /media/k2/galleries JFolder::delete authorization

Post correlati

CVE-2022-2413 | simonpedge Slide Anything Plugin up to 2.3.46 on WordPress cross site scripting

CVE-2024-7060 | GitLab Community Edition/Enterprise Edition up to 17.0.4/17.1.2/17.2.0 Resultant Export information disclosure (Issue 437894)

CVE-2024-28109 | veraPDF-library up to 1.24.1 XSL Transform xml injection

CVE-2025-55810 | Alaga Home Security WiFi Camera 3K S-CW2503C-H 1.4.2 Local Privilege Escalation