Primary

Context

Joomla! CMS Privilege Escalation Vulnerability in com_users Batch Task

Vulnerability

Patched

A privilege escalation vulnerability has been identified in Joomla! CMS versions 4.0.0 prior to 5.4.5 and 6.0.0 prior to 6.1.0. The issue arises from an improper access check that allows users to escalate privileges through the com_users batch task.

Impact

Exploitation of this vulnerability allows for unauthorized privilege escalation, potentially leading to elevated rights or access within the Joomla! application.

Remediation

Users can upgrade to Joomla! CMS version 5.4.6 or 6.1.1 to address this vulnerability.

Added: May 26, 2026, 10:58 PM

Updated: May 26, 2026, 10:58 PM

Vulnerability Rating

Custom Algorithm

spread

7.6

impact

5.0

exploitability

5.4

remediation

7.7

relevance

9.6

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

7.6

impact

5.0

exploitability

5.4

remediation

7.7

relevance

9.6

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Joomla! CMS Privilege Escalation Vulnerability in com_users Batch Task

Vulnerability

Impact

Remediation

Affected Products

Joomla

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating