User Enumeration in Joomla Events Booking Extension
CVE-2026-58149

Currently unrated

Key Information:

Vendor
CVE Published:
17 July 2026

What is CVE-2026-58149?

The Joomla Events Booking extension is susceptible to a vulnerability that enables unauthenticated users to enumerate accounts, allowing the retrieval of usernames and associated email addresses. This flaw poses significant risks to user privacy and can facilitate targeted attacks, as malicious entities may exploit this information for further infiltration into systems. Website administrators using this extension should be aware of this vulnerability and take necessary actions to mitigate the associated risks.

Affected Version(s)

Events Booking extension for Joomla 1.0-5.8.0

References

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Phil Taylor
.