The U.S. Cybersecurity and Infrastructure Security Agency has added a maximum-severity remote code execution flaw in the Widget Factory **Joomla Content Editor (JCE)** plugin to its [Known Exploited V