CSRF Vulnerability in Events Booking Extension for Joomla by JoomlaDonation
CVE-2026-60025
Currently unrated
What is CVE-2026-60025?
The Events Booking extension for Joomla, prior to version 5.8.0, contains a security flaw in its frontend file upload functionality due to insufficient CSRF protection. This vulnerability may allow an attacker to exploit the system by tricking users into uploading malicious files, potentially compromising sensitive data and security integrity of the Joomla site.
Affected Version(s)
Events Booking extension for Joomla 1.0-5.8.0
