CVE-2026-48941 | getk2 K2 Extension 1.0-2.26 on Joomla Query Parameter /media/k2/galleries JFolder::delete authorization

A vulnerability, which was classified as critical, has been found in getk2 K2 Extension 1.0-2.26 on Joomla. The impacted element is the function JFolder::delete of the file /media/k2/galleries of the component Query Parameter Handler. Performing a manipulation results in missing authorization.

This vulnerability is identified as CVE-2026-48941. The attack can be initiated remotely. There is not any exploit available.VulDB Recent EntriesRead More