Filter
AND

Versions

3.0.0
38
2.5.0
37
1.5.1
24
1.5.2
24
1.5.3
24
1.5.4
23
1.5.5
23
1.5.6
23
1.5.8
21
1.5.0
20
1.5.7
20
1.5.9
20
1.5.10
19
2.5.3
19
2.5.1
18
3.2.0
18
2.5.2
17
1.5.11
16
2.5.4
16
3.2.1
16
3.2.2
16
2.5.5
15
2.5.6
15
3.0.1
15
3.4.0
15
3.4.1
15
4.0.0
15
1.5.12
14
1.5.13
14
3.0.2
14
3.2.3
14
3.2.4
14
3.3.0
14
3.3.1
14
3.3.2
14
3.3.3
14
1.5.14
13
3.3.4
13
3.4.3
13
1.6.0
12
3.4.0-alpha
12
3.4.0-beta1
12
3.4.0-beta2
12
3.4.0-beta3
12
3.4.0-rc1
12
3.4.4
12
1.5.15
11
1.5.16
11
1.5.17
11
2.5.7
11
3.4.1-rc1
11
3.4.1-rc2
11
3.4.2-rc1
11
3.6.0
11
1.0.7
10
1.5.15-rc
10
1.5.18
10
1.5.19
10
1.5.20
10
2.5.8
10
2.5.9
10
3.0.3
10
3.3.5
10
3.4.2
10
3.4.5
10
3.6.5
10
1.5.21
9
1.5.22
9
1.6-alpha
9
1.6-alpha2
9
1.6-beta1
9
1.6-beta10
9
1.6-beta11
9
1.6-beta12
9
1.6-beta13
9
1.6-beta14
9
1.6-beta15
9
1.6-beta2
9
1.6-beta3
9
1.6-beta4
9
1.6-beta5
9
1.6-beta6
9
1.6-beta7
9
1.6-beta8
9
1.6-beta9
9
1.6-rc1
9
1.6.1
9
1.7.0
9
3.1.0
9
3.4.6
9
3.4.7
9
3.4.8
9
3.4.8-rc
9
3.5.0
9
3.5.0-beta
9
3.5.0-beta2
9
3.5.0-beta3
9
3.5.0-beta4
9
3.5.0-beta5
9
3.5.0-rc
9
3.5.0-rc2
9
3.5.0-rc3
9
3.5.0-rc4
9
3.5.1
9
3.5.1-rc
9
3.6.0-alpha
9
3.6.0-beta1
9
3.6.0-beta2
9
3.6.0-rc
9
3.6.0-rc2
9
3.6.1
9
3.6.1-rc1
9
3.6.1-rc2
9
3.6.2
9
3.6.3
9
3.6.3-rc1
9
3.6.3-rc2
9
3.6.3-rc3
9
3.6.4
9
1.0.3
8
1.0.9
8
1.5
8
1.7.2
8
1.7.3
8
3.1.2
8
3.1.3
8
3.1.4
8
3.1.5
8
1.0
7
1.0.1
7
1.0.10
7
1.0.2
7
1.0.5
7
1.5.23
7
1.6.3
7
1.7.1
7
3.1.1
7
3.1.6
7
3.7.0
7
1.0.4
6
1.5.0_beta
6
1.6.4
6
1.6.5
6
1.6.6
6
3.9.0
6
3.9.19
6
1.0.8
5
1.5.0_beta2
5
1.5.0_rc1
5
2.5.14
5
2.5.15
5
2.5.16
5
2.5.17
5
3.9.2
5
5.0.0
5
1.0.0
4
1.0.11
4
1.5.0-beta
4
1.5.24
4
1.7.4
4
2.5.10
4
2.5.11
4
2.5.12
4
2.5.13
4
2.5.18
4
2.5.19
4
2.5.20
4
2.5.21
4
2.5.22
4
2.5.23
4
2.5.24
4
2.5.25
4
3.0.4
4
4.1.0
4
1.0.12
3
1.0.13
3
1.0.6
3
1.03
3
1.5.0-beta1
3
1.5.0-beta2
3
1.5.0-rc1
3
1.5.0_beta1
3
1.5.25
3
1.5rc4
3
2.5.26
3
2.5.27
3
2.5.28
3
3.10.6
3
3.7.1
3
3.7.2
3
3.9.23
3
3.9.26
3
3.9.27
3
1.5.26
2
3.7.3
2
3.8.8
2
3.9.22
2
3.9.25
2
4.2.0
2
4.2.3
2
1.0.14
1
1.0.15
1
1.5-rc1
1
1.5-rc2
1
1.5-rc3
1
1.6.2
1
1.7.5
1
3.0.0-alpha1
1
3.0.0-alpha2
1
3.0.0-beta1
1
3.10.15
1
3.2.5
1
3.2.6
1
3.2.7
1
3.3.6
1
3.7.4
1
3.7.5
1
3.8.0
1
3.8.1
1
3.8.13
1
3.9.6
1
4.2.4
1
4.2.6
1
4.2.7
1
4.4.5
1
5.1.1
1

Joomla[20240701] - Core - XSS in accessible media selection field

medium
6.1
First published (updated )
CVE-2024-21729

Joomla[20240702] - Core - Self-XSS in fancyselect list field layout

medium
5.4
First published (updated )
CVE-2024-21730

Joomla[20240704] - Core - XSS in Wrapper extensions

medium
6.1
First published (updated )
CVE-2024-26279

Joomla[20240705] - Core - XSS in com_fields default field value

medium
6.1
First published (updated )
CVE-2024-26278

Joomla[20240703] - Core - XSS in StringHelper::truncate method

medium
6.1
First published (updated )
CVE-2024-21731

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Joomla[20230501] - Core - Open Redirect and XSS within the mfa select

medium
6.1
First published (updated )
CVE-2023-23754

Joomla[20230201] - Core - Improper access check in webservice endpoints

medium
5.3
Exploited
First published (updated )
CVE-2023-23752

Joomla[20230102] - Core - Missing ACL checks for com_actionlogs

medium
4.3
First published (updated )
CVE-2023-23751

Joomla[20230101] - Core - CSRF within post-installation messages

medium
6.3
First published (updated )
CVE-2023-23750

Joomla[20221101] - Core - RXSS through reflection of user input in com_media

medium
6.1
First published (updated )
CVE-2022-27914

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Joomla[20221002] - Core - RXSS through reflection of user input in headings

medium
6.1
First published (updated )
CVE-2022-27913

Joomla[20221001] - Core - Debug Mode leaks full request payloads including passwords

medium
5.3
First published (updated )
CVE-2022-27912

Joomla[20220801] - Core - Multiple Full Path Disclosures because of missing '_JEXEC or die check'

medium
5.3
First published (updated )
CVE-2022-27911

Joomla[20220309] - Core - XSS attack vector through SVG

medium
6.1
First published (updated )
CVE-2022-23801

Joomla[20220306] - Core - Inadequate validation of internal URLs

medium
6.1
First published (updated )
CVE-2022-23798

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Joomla[20220304] - Core - Missing input validation within com_fields class inputs

medium
6.1
First published (updated )
CVE-2022-23796

composer/joomla/filter[20220308] - Core - Inadequate content filtering within the filter code

medium
6.1
First published (updated )
CVE-2022-23800

composer/joomla/filesystem[20220302] - Core - Path Disclosure within filesystem error messages

medium
5.3
First published (updated )
CVE-2022-23794

Joomla[20210705] - Core - XSS in com_media imagelist

medium
6.1
First published (updated )
CVE-2021-26039

Joomla[20210703] - Core - Lack of enforced session termination

medium
5.3
First published (updated )
CVE-2021-26037

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Joomla[20210701] - Core - XSS in JForm Rules field

medium
6.1
First published (updated )
CVE-2021-26035

Joomla[20210503] - Core - CSRF in data download endpoints

medium
6.5
First published (updated )
CVE-2021-26034

Joomla[20210501] - Core - Adding HTML to the executable block list of MediaHelper::canUpload

medium
6.1
First published (updated )
CVE-2021-26032

Joomla[20210502] - Core - CSRF in AJAX reordering endpoint

medium
6.5
First published (updated )
CVE-2021-26033

Joomla[20210402] - Core - Inadequate filters on module layout settings

medium
5.3
First published (updated )
CVE-2021-26031

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Joomla[20210401] - Core - Escape xss in logo parameter error pages

medium
6.1
First published (updated )
CVE-2021-26030

composer/joomla/archive[20210308] - Core - Path Traversal within joomla/archive zip class

medium
5.5
First published (updated )
CVE-2021-26028

Joomla[20210307] - Core - ACL violation within com_content frontend editing

medium
5.3
First published (updated )
CVE-2021-26027

Joomla[20210309] - Core - Inadequate filtering of form contents could allow to overwrite the author field

medium
5.3
First published (updated )
CVE-2021-26029

Joomla[20210303] - Core - XSS within alert messages showed to users

medium
6.1
First published (updated )
CVE-2021-23129

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203