| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-23900 | Extension - phoca.cz - Stored XSS vectors in Phoca Maps component 5.0.0 - 6.0.2 for Joomla | phoca.cz | phoca.cz - Phoca Maps for Joomla | 中危 | - | 2026-04-11 12:52:13 | Deep Dive |
| CVE-2026-34424 | Smart Slider 3 Pro 3.5.1.35 Supply Chain Attack Remote Access Toolkit | Nextendweb | Smart Slider 3 Pro for WordPress | Critical | 9.8 | 2026-04-09 22:59:38 | Deep Dive |
| CVE-2023-54364 | Joomla HikaShop 4.7.4 Reflected XSS via Product Filter | Hikashop | Joomla HikaShop | Medium | 6.1 | 2026-04-09 20:54:54 | Deep Dive |
| CVE-2023-54363 | Joomla Solidres 2.13.3 Reflected XSS via Multiple Parameters | Solidres | Joomla Solidres | Medium | 6.1 | 2026-04-09 20:54:53 | Deep Dive |
| CVE-2023-54361 | Joomla iProperty Real Estate 4.1.1 Reflected XSS via filter_keyword | Thethinkery | Joomla iProperty Real Estate | Medium | 6.1 | 2026-04-09 20:54:51 | Deep Dive |
| CVE-2023-54360 | Joomla JLex Review 6.0.1 Reflected XSS via review_id Parameter | Jlexart | Joomla JLex Review | Medium | 6.1 | 2026-04-09 20:54:50 | Deep Dive |
| CVE-2026-21630 | Joomla! Core - [20260302] - SQL injection in com_content articles webservice endpoint | Joomla! Project | Joomla! CMS | - | - | 2026-04-01 09:03:49 | Deep Dive |
| CVE-2026-23898 | Joomla! Core - [20260305] - Arbitrary file deletion in com_joomlaupdate | Joomla! Project | Joomla! CMS | - | - | 2026-04-01 09:03:40 | Deep Dive |
| CVE-2026-21629 | Joomla! Core - [20260301] - ACL hardening in com_ajax | Joomla! Project | Joomla! CMS | - | - | 2026-04-01 09:03:38 | Deep Dive |
| CVE-2026-23899 | Joomla! Core - [20260306] - Improper access check in webservice endpoints | Joomla! Project | Joomla! CMS | - | - | 2026-04-01 09:03:19 | Deep Dive |
| CVE-2026-21631 | Joomla! Core - [20260303] - XSS vector in com_associations comparison view | Joomla! Project | Joomla! CMS | - | - | 2026-04-01 09:03:17 | Deep Dive |
| CVE-2026-21632 | Joomla! Core - [20260304] - XSS vectors in various article title outputs | Joomla! Project | Joomla! CMS | - | - | 2026-04-01 09:03:11 | Deep Dive |
| CVE-2026-21626 | Extension - stackideas.com - Information disclosure in post custom fields in EasyDiscuss 1.0.0-5.0.15 for Joomla | Stackideas.com | EasyDiscuss extension for Joomla | - | - | 2026-02-06 07:49:43 | Deep Dive |
| CVE-2026-21625 | Extension - stackideas.com - Lack of mime type validation in EasyDiscuss component 1.0.0-5.0.15 for Joomla | Stackideas.com | EasyDiscuss extension for Joomla | 中危 | - | 2026-01-16 15:06:16 | Deep Dive |
| CVE-2026-21624 | Extension - stackideas.com - Persistent XSS in EasyDiscuss component 1.0.0-5.0.15 for Joomla | Stackideas.com | EasyDiscuss extension for Joomla | 中危 | - | 2026-01-16 15:05:37 | Deep Dive |
| CVE-2026-21623 | Extension - stackideas.com - Persistent XSS in EasyDiscuss component 1.0.0-5.0.15 for Joomla | Stackideas.com | EasyDiscuss extension for Joomla | 中危 | - | 2026-01-16 15:04:36 | Deep Dive |
| CVE-2025-63082 | Joomla! Core - [20260101] - Inadequate content filtering for data URLs | Joomla! Project | Joomla! CMS | 中危 | - | 2026-01-06 16:01:39 | Deep Dive |
| CVE-2025-63083 | Joomla! Core - [20260102] - XSS vector in the pagebreak plugin | Joomla! Project | Joomla! CMS | 中危 | - | 2026-01-06 16:01:15 | Deep Dive |
| CVE-2025-55758 | Extension - jdownloads.com - CSRF vectors in jDownloads component 1.0.0 - 4.0.47 for Joomla | jdownloads.com | JDownloads component for Joomla | - | - | 2025-10-28 10:02:54 | Deep Dive |
| CVE-2025-55757 | Extension - virtuemart.net - XSS in VirtueMart component 1.0.0 - 4.4.10 for Joomla | virtuemart.net | Virtuemart component for Joomla | 中危 | - | 2025-10-25 18:34:47 | Deep Dive |