Where
-Infinity
0

Trending

Last week
Last month
Last year

Vendor Risk Score

See how joomla compares to other vendors in security performance

View Risk Score →

Software

joomla
452
joomla joomla\!
297
joomla joomla
89
joomla!
35
joomla bsq sitestats
5
joomla joomla core
4
joomla rs gallery2
4
joomla convert forms
3
joomla joomla! core
3
joomla akobook
2
joomla com beamospetition
2
joomla explorer
2
joomla jd-wiki
2
joomla! com astatspro
2
joomla! com downloads
2
joomla! com quiz
2
joomla! jscalendar
2
joomla acajoom
1
joomla be it easypartner component
1
joomla bibtex
1
joomla car manager
1
joomla clantools
1
joomla classifieds component
1
joomla colophon
1
joomla com casino
1
joomla com cbe
1
joomla com classifieds
1
joomla com comprofiler component
1
joomla com datsogallery
1
joomla com eventing
1
joomla com events
1
joomla com filebase component
1
joomla com gsticketsystem
1
joomla com hotproperties
1
joomla com libros
1
joomla com marketplace
1
joomla com mosmedia
1
joomla com neogallery
1
joomla com newsfeeds
1
joomla com newsletter
1
joomla com pcchess
1
joomla com pccookbook
1
joomla com profile
1
joomla com scheduling component
1
joomla com school
1
joomla com search component
1
joomla com sef
1
joomla com waticketsystem
1
joomla com weblinks
1
joomla com_hdwplayer
1

Joomla jCart for OpenCartJoomla jCart for OpenCart 2.3.0.2 Cross-Site Request Forgery

Risk 53
Severity
6.9
First published (updated )
CVE-2018-25336

Joomla EkRishtaJoomla! EkRishta 2.10 Persistent XSS and SQL Injection

Risk 57
Severity
8.8
First published (updated )
CVE-2018-25330

Joomla J2 JOBSJoomla J2 JOBS 1.3.0 Authenticated SQL Injection via sortby

Risk 49
Severity
7.1
First published (updated )
CVE-2020-37226

Joomla com_hdwplayerJoomla com_hdwplayer 4.2 SQL Injection via search.php

Risk 57
Severity
8.8
First published (updated )
CVE-2020-37218

Joomla Joomla\!Joomla! Core - [20260302] - SQL injection in com_content articles webservice endpoint

Risk 79
Severity
6.9
First published (updated )
CVE-2026-21630
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Joomla Joomla\!Joomla! Core - [20260305] - Arbitrary file deletion in com_joomlaupdate

Risk 72
Severity
8.6
First published (updated )
CVE-2026-23898

Joomla Joomla\!Joomla! Core - [20260301] - ACL hardening in com_ajax

Risk 51
Severity
6.3
First published (updated )
CVE-2026-21629

Joomla Joomla\!Joomla! Core - [20260306] - Improper access check in webservice endpoints

Risk 79
Severity
8.6
First published (updated )
CVE-2026-23899

Joomla Joomla\!Joomla! Core - [20260303] - XSS vector in com_associations comparison view

Risk 54
Severity
5.9
First published (updated )
CVE-2026-21631

Joomla Joomla\!Joomla! Core - [20260304] - XSS vectors in various article title outputs

Risk 54
Severity
5.9
First published (updated )
CVE-2026-21632
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

StackIdeas EasyDiscussExtension - stackideas.com - Persistent XSS in EasyDiscuss component 1.0.0-5.0.15 for Joomla

Risk 56
Severity
9.4
EPSS
0.05%
First published (updated )
CVE-2026-21623

Joomla Joomla\!Joomla! Core - [20260101] - Inadequate content filtering for data URLs

Risk 38
Severity
6.1
First published (updated )
CVE-2025-63082

Joomla Joomla\!Joomla! Core - [20260102] - XSS vector in the pagebreak plugin

Risk 38
Severity
6.1
First published (updated )
CVE-2025-63083

Joomla mod_vvisit_counterSQL injection in the mod_vvisit_counter module

Risk 84
Severity
9.3
First published (updated )
CVE-2025-40636

Joomla CoreJoomla! Core - [20250902] User-Enumeration in passkey authentication method

Risk 27
Severity
5.3
First published (updated )
CVE-2025-54477
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Joomla Quantum ManagerExtension - norrnext.com - Stored XSS vulnerability in Quantum Manager component 1.0.0-3.2.0 for Joomla

Risk 72
Severity
8.5
First published (updated )
CVE-2025-54300

Joomla Quantum ManagerExtension - norrnext.com - Stored XSS vulnerability in Quantum Manager component 1.0.0-3.2.0 for Joomla

Risk 72
Severity
8.5
First published (updated )
CVE-2025-54301

Joomla CommentBox componentExtension - firecoders.com - Stored XSS vulnerability in CommentBox component 1.0.0-1.1.0 for Joomla

Risk 80
Severity
9.4
First published (updated )
CVE-2025-54298

Joomla CCommentExtension - compojoom.com - Stored XSS vulnerability in CComment component 5.0.0-6.1.14 for Joomla

Risk 48
Severity
7
First published (updated )
CVE-2025-54297

Joomla ProFilesExtension - mooj.org - Stored XSS vulnerability in ProFiles component 1.0-1.5.0 for Joomla

Risk 48
Severity
7
First published (updated )
CVE-2025-54296
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Joomla JS JobsExtension - joomsky.com - SQL injection in JS jobs component version 1.1.5 - 1.4.1 for Joomla

Risk 95
Severity
8.7
Exploited
First published (updated )
CVE-2025-49484

Joomla RSBlog!Extension - rsjoomla.com - Stored XSS vulnerability RSBlog! component 1.11.6-1.14.5 for Joomla

Risk 34
Severity
5.3
First published (updated )
CVE-2025-50126

Joomla RSDirectory!Extension - rsjoomla.com - Stored XSS vulnerability in RSDirectory! component 1.16.3-1.17.7 for Joomla

Risk 31
Severity
5.1
First published (updated )
CVE-2025-50058

Joomla Articles CalendarExtension - joomcar.net - SQL injection in Articles Calendar 1.0.0 - 1.0.1.0007 for Joomla

Risk 86
Severity
9.8
First published (updated )
CVE-2025-26855

Joomla Articles Good SearchExtension - joomcar.net - SQL injection in Articles Good Search 1.0.0 - 1.2.4.0011 for Joomla

Risk 86
Severity
9.8
First published (updated )
CVE-2025-26854
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

composer/joomla/database[20250401] - Joomla Framework - SQL injection vulnerability in quoteNameStr method of Database package

Risk 86
Severity
9.8
First published (updated )
CVE-2025-25226

composer/joomla/joomla-cms[20250402] - Joomla Core - MFA Authentication Bypass

Risk 43
Severity
7.5
First published (updated )
CVE-2025-25227

Joomla Convert FormsExtension - tassos.gr - SQL injection in Convert Forms component version 1.0.0-1.0.0 - 4.4.9 for Joomla

Risk 16
Severity
2.7
First published (updated )
CVE-2025-22212

Joomla JS JobsExtension - joomsky.com - SQL injection in JS jobs component version 1.1.5 - 1.4.3 for Joomla

Risk 36
Severity
4.7
First published (updated )
CVE-2025-22209

Admiror GalleryExtension - admiror-design-studio.com - Path traversal in the Admiror Gallery 4.x component for Joomla

Risk 43
Severity
7.5
First published (updated )
CVE-2025-22205
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2026 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203