Primary

Context

Joomla! CMS Privilege Escalation Vulnerability in com_users Batch Task

Vulnerability

Patched

A vulnerability allowing privilege escalation has been identified in Joomla! CMS versions 4.0.0 prior to 5.4.5 and 6.0.0 prior to 6.1.0. This issue arises from an improper access check in the com_users component, which allows unauthorized users to perform actions related to the installation of sample data.

Impact

Exploitation of this vulnerability could lead to unauthorized users gaining elevated privileges, allowing them to perform actions or access resources that should be restricted.

Remediation

Users are advised to upgrade to Joomla! CMS version 5.4.6 or 6.1.1.

Added: May 26, 2026, 10:57 PM

Updated: May 26, 2026, 10:57 PM

Vulnerability Rating

Custom Algorithm

spread

7.6

impact

1.3

exploitability

5.4

remediation

7.7

relevance

9.6

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

7.6

impact

1.3

exploitability

5.4

remediation

7.7

relevance

9.6

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Joomla! CMS Privilege Escalation Vulnerability in com_users Batch Task

Vulnerability

Impact

Remediation

Affected Products

Joomla

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating