Media Upload Vulnerability in Events Booking Plugin by Joomla
CVE-2026-60024

Currently unrated

Key Information:

Vendor
CVE Published:
17 July 2026

What is CVE-2026-60024?

The Events Booking plugin for Joomla, prior to version 5.8.0, has a significant security weakness that permits unauthenticated users to upload media assets. This vulnerability can lead to potential malicious use and compromise the integrity of websites utilizing this extension. Website administrators are advised to update to the latest version to mitigate the risk associated with unauthorized media uploads.

Affected Version(s)

Events Booking extension for Joomla 1.0-5.8.0

References

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Phil Taylor
.