vel.joomla.org

Joomla! ® us Joomla Home What is Joomla? Benefits & Features Project & Leadership Trademark & Licensing The Joomla Foundation Support us Contribute Sponsor Partner Shop Download & Extend Downloads Extensions Languages Get a free site Get a domain Discover & Learn Documentation Training Certification Site Showcase Announcements Blogs Magazine Community & Support Community Portal Events User Groups Forum Service Providers Directory Volunteers Portal Vulnerable Extensions List Developer Resources Developer Network Security Centre Issue Tracker GitHub API Documentation Joomla! Framework JoomlaCode Joomla! Extensions Directory™ Download Launch Home Browse Extensions Top Rated Most Reviewed New Recently Updated Compatible with J4 Beta Search Community Meet the JED Team Blog JED Newsletter Terms of Service Help Joomla! Support Knowledgebase Sponsor Joomla! Vulnerable Extensions Vulnerable Extensions Resolved Extensions Abandoned Extensions Submit a Report Submit an Update JSON Feed Log in Register Home Vulnerable Extensions The Joomla! ® Vulnerable Extensions List Please check with the extension publisher in case of any questions over the security of their product. How to use this site All known vulnerable extensions are listed in the LIVE VEL section. In these cases no patch is available and you are recommended to uninstall the extension from your site. The resolved VEL section lists extensions for which a patch is available, you are recommended to update if your site uses any of these extensions. This list is compiled from found information and may not be an up to date accurate list We do NOT promise to test or validate these reports. We do NOT guarantee the quality or effectiveness of any updates reported to us or listed here. We do not list BETA products, or extensions for J1.0.x J1,5,x. or 2.5.x How to report a suspected Vulnerable Extension. Select the Vulnerability Reporting Link. Developers - How to get yourself RESOLVED on the VEL Please solve the issues and: To have your extension marked as resolved, please follow these steps: Contact the VEL team* with a notice of resolution , the latest version number and a link to the security release statement on your website. (Please read this article for further information on making a security release notice). Create a JED listing owner ticket to the JED with a notice and ask that your listing be republished. Include the full details of your new version number and security notice page If not JED listed. Inform us with a notice of resolution , the latest version number and a link to the security release statement on your website. * a developer must use the update form for notice of resolution Vulnerable Extensions publisher, 3.0.19, XSS (Cross Site Scripting) paGO Commerce, 2.5.9.0, SQL Injection Social Chat, 1.5 and Below, SQL Injection Iacopo Guarneri hwdplayer,4.2,SQL Injection Rapicode, Multiple Extensions, Back Door Google Map Landkarten,4.2.3,SQL Injection Fastball, SQL Injection File Download Tracker,3.0,SQL Injection SquadManagement,1.0.3,SQL Injection JMS Music,1.1.1,SQL Injection Resolved Extensions RealPin by Frumania, SQL, 1.5.04 JomSocial , 4.7.6, XSS (Cross Site Scripting) JCE Pro, 2.8.15, xss CMS2CMS Connector Extension, 2.0 , other js jobs, 1.3, SQL Injection xcloner,3.53,Other fabrik 3.9,Various Ordasoft CCK, 6.1.12 Various GMapFP 3.30,Other acymailing, 6.9.2,Other Joomla! on Twitter Joomla! on Facebook Joomla! on YouTube Joomla! on LinkedIn Joomla! on Pinterest Joomla! on Instagram Joomla! on GitHub Home Community Forum Extensions Services Docs Developer Shop Accessibility Statement Privacy Policy Cookie Policy Sponsor Joomla! with $5 Help Translate Report an Issue Log in © 2005 - 2021 Open Source Matters, Inc. All Rights Reserved. Joomla! Hosting by Rochen × We have detected that you are using an ad blocker. The Joomla! Project relies on revenue from these advertisements so please consider disabling the ad blocker for this domain....