Fwd: JCE Pro 2.9.99.7 Released

[Bruce Scherzinger]

Yet another JCE update.

Bruce

-------- Forwarded Message --------

Subject:	JCE Pro 2.9.99.7 Released
Date:	Thu, 18 Jun 2026 13:03:17 +0000 (UTC)
From:	JCE - A Content Editor for Joomla <ma...@joomlacontenteditor.net>
To:	bruce.sc...@gmail.com

JCE Pro 2.9.99.7 Released View online version

JCE Pro 2.9.99.7 Released This release continues the security work of the previous versions and fixes the upload problems some sites saw after 2.9.99.6. Highlights: Fixes false positive PHP tag detection that was blocking legitimate image and file uploads after 2.9.99.6. Further hardening across the upload pipeline and profile import, continuing the defence in depth approach. JCE can now be installed on Joomla 3.9 and later. PHP 7.4 or later is still required. A new Permitted User Groups option is available in the Security tab in the Component parameters. (Components -> JCE Editor -> Control Panel, then click the Options button)Whitelist the groups eligible for profile assignment and import, and anything outside it is ignored. This guards against over-permissive groups slipping in, for example when importing a profile from another site, or another admin adding a group to a profile that should not be there. Empty and inactive by default, so existing sites are unaffected unless you configure it.  Configure a Permitted User Group whitelist for all Editor Profiles The underlying vulnerability, CVE-2026-48907, was patched in 2.9.99.5, with additional security hardening in 2.9.99.6, and this release builds on that work. If you have not yet updated, or you need to check a site for compromise, read JCE security update, and a free patch for older sites. Update fatigue is real. If you manage multiple sites you might consider services like BackupMonkey and MySites.guru, which assist in managing and updating multiple Joomla sites. The update is available via the Joomla Updater on your site, or in the JCE Downloads area. Please Note: JCE Pro is compatible with Joomla 3.10.x, 4.2+, 5 and 6, and does not require the Backwards Compatibility plugin for Joomla 5 or Joomla 6. Download JCE Pro Thank you to everyone who helped get theses releases ready by testing development versions and submitting bug reports. If you find any more issues please submit them on the forum or on github. Download and Installation The update should be available in the Extensions Update Manager on your site. Please make sure you set your key before updating. Alternatively, click the button below to access the Downloads area. Instructions for installing and updating JCE are available here. Download JCE Pro New Social Media Channnels A reminder that you can now follow us on Mastodon, Bluesky, Instagram, Threads, Facebook and Twitter / X

Need help? If you need help installing or using JCE Pro, or you have a question about Joomla, creating content or any other issue related to using the editor, please post in the Support Forum Copyright © 2026 Widget Factory (Pty) Ltd, All rights reserved. You are receiving this email because you either have an active JCE Pro Subscription or are subscribed to our mailing list. Our mailing address is: Widget Factory (Pty) Ltd The Foundry 74 Cardiff Street Cape Town 8005 South Africa Click here to unsubscribe

​