Attackers are exploiting critical vulnerabilities in two Joomla extensions, iCagenda and Balbooa Forms, to upload malicious code onto vulnerable websites, prompting CISA to add these bugs to its Known Exploited Vulnerabilities catalog. These flaws, which affect popular extensions used for event calendars and form building, can be used to compromise websites running the Joomla content management system. With over a million websites worldwide powered by Joomla, the potential impact of these vulnerabilities is significant. The fact that these bugs have a perfect 10 score in terms of exploitability underscores the urgency of the situation. Given the widespread use of Joomla and its extensions, practitioners should prioritize patching these vulnerabilities to prevent malicious code uploads, so what matters most is that website administrators take immediate action to secure their sites against these exploits1.
Baddies caught exploiting extensions bugs with perfect 10 scores on vulnerable Joomla websites
⚡ High Priority
Why This Matters
Joomla powers roughly 1.2 percent of all websites – around a million sites worldwide – with extensions developed by independent, third-party companies, doing much
References
- The Register. (2026, July 14). Baddies caught exploiting extensions bugs with perfect 10 scores on vulnerable Joomla websites. *The Register*. https://www.theregister.com/security/2026/07/14/baddies-caught-exploiting-extensions-bugs-with-perfect-10-scores-on-vulnerable-joomla-websites/5271001
Original Source
The Register
Read original →