Fwd: JCE Pro 2.9.99.5 - Critical Security Update

[Dorothy Firsching]

---------- Forwarded message ---------
From: JCE - A Content Editor for Joomla <ma...@joomlacontenteditor.net>
Date: Wed, Jun 3, 2026 at 11:29 AM
Subject: JCE Pro 2.9.99.5 - Critical Security Update
To: <dfirs...@acm.org>

JCE Pro 2.9.99.5 - Security Update View online version

JCE Pro 2.9.99.5 - Critical Security Update This is a critical security release. All JCE Pro users should update immediately. A vulnerability has been identified that allowed unauthenticated users to upload editor profiles, which could be exploited to upload arbitrary files to the server. The issue has been fixed in this release. All versions of JCE Pro prior to 2.9.99.5 are affected. All JCE users should update to 2.9.99.5 as soon as possible via the Joomla Update Manager or the JCE Downloads area. Please Note: JCE Pro is compatible with Joomla 3.10.x, 4.2+, 5 and 6, and does not require the Backwards Compatibility plugin for Joomla 5 or Joomla 6. Download JCE Pro Other Issues Fixed Add missing <main> element to the HTML schema. The editor would fail to load with a javascript error if Validate HTML was No and Table -> Pad empty cells was No. Table cell contents would be removed if the cell contained a non-breaking space followed by an HTML element. Profiles Import would always report 0 profiles imported. Added support for custom filesystem paths, eg: local-foo/bar in converted Joomla Media Fields. Added support for <blockquote> tags inside <figure> tags. A Figure can now be applied to an existing blockquote using the Figure item in the Format list. Thank you to everyone who helped get theses releases ready by testing development versions and submitting bug reports. If you find any more issues please submit them on the forum or on github. Download and Installation The update should be available in the Extensions Update Manager on your site. Please make sure you set your key before updating. Alternatively, click the button below to access the Downloads area. Instructions for installing and updating JCE are available here. Download JCE Pro New Social Media Channnels A reminder that you can now follow us on Mastodon, Bluesky, Instagram, Threads, Facebook and Twitter / X

Need help? If you need help installing or using JCE Pro, or you have a question about Joomla, creating content or any other issue related to using the editor, please post in the Support Forum Copyright © 2026 Widget Factory (Pty) Ltd, All rights reserved. You are receiving this email because you either have an active JCE Pro Subscription or are subscribed to our mailing list. Our mailing address is: Widget Factory (Pty) Ltd The Foundry 74 Cardiff Street Cape Town 8005 South Africa Click here to unsubscribe