Where
-Infinity
0

Trending

Last week
Last month
Last year

Vendor Risk Score

See how joomla compares to other vendors in security performance

View Risk Score →

Software

joomla
452
joomla joomla\!
317
joomla joomla
89
joomla!
35
joomla joomla core
17
joomla bsq sitestats
5
joomla joomla! core
5
joomla rs gallery2
4
joomla convert forms
3
joomla akobook
2
joomla com beamospetition
2
joomla ekrishta
2
joomla explorer
2
joomla jd-wiki
2
joomla joomla framework
2
joomla! com astatspro
2
joomla! com downloads
2
joomla! com quiz
2
joomla! jscalendar
2
joomla acajoom
1
joomla be it easypartner component
1
joomla bibtex
1
joomla car manager
1
joomla clantools
1
joomla classifieds component
1
joomla colophon
1
joomla com casino
1
joomla com cbe
1
joomla com classifieds
1
joomla com comprofiler component
1
joomla com datsogallery
1
joomla com eventing
1
joomla com events
1
joomla com filebase component
1
joomla com gsticketsystem
1
joomla com hotproperties
1
joomla com libros
1
joomla com marketplace
1
joomla com mosmedia
1
joomla com neogallery
1
joomla com newsfeeds
1
joomla com newsletter
1
joomla com pcchess
1
joomla com pccookbook
1
joomla com profile
1
joomla com scheduling component
1
joomla com school
1
joomla com search component
1
joomla com sef
1
joomla com waticketsystem
1

Joomla com_jsjobsJoomla com_jsjobs 1.2.6 Arbitrary File Deletion

Risk 40
Severity
7.1
First published (updated )
CVE-2019-25740

Joomla Joomla\!Joomla! Core - [20260506] - Authenticated blind SQLi in com_finder

Risk 86
Severity
6.9
First published (updated )
CVE-2026-35221

Joomla Joomla\!Joomla! Framework - [20260519] - Inadequate content filtering within the checkAttribute filter code.

Risk 49
Severity
6.9
First published (updated )
CVE-2026-48903

Joomla Joomla\!Joomla! Core - [20260511] - MFA Authentication Bypass

Risk 43
Severity
8.2
First published (updated )
CVE-2026-48896

Joomla Joomla! CoreJoomla! Core - [20260505] - CSRF in user activation endpoint

Risk 21
Severity
4.6
First published (updated )
CVE-2026-35220
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Joomla Joomla\!Joomla! Core - [20260509] - LFI in HTMLView layout parameter

Risk 86
Severity
7.5
First published (updated )
CVE-2026-40383

Joomla Joomla\!Joomla! Core - [20260507] - Authenticated blind SQLi in com_tags

Risk 86
Severity
6.9
First published (updated )
CVE-2026-35222

Joomla Joomla\!Joomla! Core - [20260510] - Path traversal in com_media webservice endpoint

Risk 43
Severity
5.9
First published (updated )
CVE-2026-40384

Joomla Joomla\!Joomla! Framework - [20260520] - Inadequate content filtering within the cleanAttributes filter code.

Risk 49
Severity
6.9
First published (updated )
CVE-2026-48905

Joomla Joomla\!Joomla! Core - [20260512] - MFA Authentication Bypass

Risk 43
Severity
8.2
First published (updated )
CVE-2026-48897
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Joomla Joomla\!Joomla! Core - [20260502] - XSS in com_associations

Risk 49
Severity
6.9
First published (updated )
CVE-2026-25901

Joomla Joomla\!Joomla! Core - [20260515] - Incorrect Access Control in sample data plugins

Risk 86
Severity
5.3
First published (updated )
CVE-2026-48899

Joomla Joomla\!Joomla! Core - [20260516] - Incorrect Access Control in com_scheduler

Risk 66
Severity
6.4
First published (updated )
CVE-2026-48900

Joomla Joomla\!Joomla! Core - [20260518] - Transport encryption downgrade for password and username reset links

Risk 86
Severity
9.8
First published (updated )
CVE-2026-48902

Joomla Joomla\!Joomla! Core - [20260508] - Improper access check in com_config webservice endpoints

Risk 86
Severity
8.6
First published (updated )
CVE-2026-35223
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Joomla Joomla\!Joomla! Core - [20260501] - XSS in feed modules

Risk 49
Severity
6.9
First published (updated )
CVE-2026-25900

Joomla Joomla\!Joomla! Core - [20260514] - Privilege escalation through com_users webservice endpoints

Risk 86
Severity
8.2
First published (updated )
CVE-2026-48904

Joomla Joomla\!Joomla! Core - [20260504] - XSS in readmore links

Risk 49
Severity
6.9
First published (updated )
CVE-2026-30895

Joomla Joomla\!Joomla! Core - [20260513] - Privilege escalation through com_users batch task

Risk 86
Severity
8.2
First published (updated )
CVE-2026-48898

Joomla Joomla\!Joomla! Core - [20260503] - XSS in com_contenthistory

Risk 49
Severity
6.9
First published (updated )
CVE-2026-30894
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Joomla Joomla\!Joomla! Core - [20260517] - Incorrect Cache Key Construction for InputFilter objects

Risk 43
Severity
7.5
First published (updated )
CVE-2026-48901

Joomla Joomla Responsive PortfolioJoomla Responsive Portfolio 1.6.1 SQL Injection via filter parameters

Risk 49
Severity
7.1
First published (updated )
CVE-2018-25381

Joomla EkRishtaJoomla! Component EkRishta 2.10 SQL Injection via username

Risk 57
Severity
8.8
First published (updated )
CVE-2018-25351

Joomla Joomla Component Ek RishtaJoomla! Component Ek Rishta 2.10 SQL Injection via user_detail

Risk 57
Severity
8.8
First published (updated )
CVE-2018-25348

Joomla EkRishtaJoomla! EkRishta 2.10 Persistent XSS and SQL Injection

Risk 57
Severity
8.8
First published (updated )
CVE-2018-25330
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Joomla J2 JOBSJoomla J2 JOBS 1.3.0 Authenticated SQL Injection via sortby

Risk 49
Severity
7.1
First published (updated )
CVE-2020-37226

Joomla com_hdwplayerJoomla com_hdwplayer 4.2 SQL Injection via search.php

Risk 57
Severity
8.8
First published (updated )
CVE-2020-37218

Joomla Joomla\!Joomla! Core - [20260302] - SQL injection in com_content articles webservice endpoint

Risk 79
Severity
6.9
First published (updated )
CVE-2026-21630

Joomla Joomla\!Joomla! Core - [20260305] - Arbitrary file deletion in com_joomlaupdate

Risk 72
Severity
8.6
First published (updated )
CVE-2026-23898

Joomla Joomla\!Joomla! Core - [20260301] - ACL hardening in com_ajax

Risk 51
Severity
6.3
First published (updated )
CVE-2026-21629
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2026 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203