Hi Guys,

There's a high priority security issue occurred on the third-party PHPMailer that distributed with Joomla! versions up to 3.6.5. All PHPMailer library versions are vulnerable to a remote code execution vulnerability.

As Joomla 3.4.6 released to patch a critical vulnerability that affects all versions from 1.5 to 3.4, you need to update you Joomla website immediately. This article will show you how to check whether your site is affected or not.

You're highly recommended to update your site with Joomla 3.4.6. This Joomla release addresses a critical security vulnerability and 4 low level security vulnerabilities that affects all versions from 1.5 to 3.4 without any other changes compared to Joomla 3.4.5.

After a new security issue - a possible XSS which affects the array keys in the URL, found by the company Qualys.com, VirtueMart team has immediately fixed it in the new VirtueMart version 3.0.12. In this new version, the team also addressed some smaller bugs and glitches in advanced functions. Besides, the missing backward compatibility for some cases was added too.

Fortinet’s FortiGuard Labs has discovered a persistent XSS attack that is recorded with CVE number “CVE-2015-3619”. This kind of attack can be executed with almost nil interaction by the admin. In certain circumstances it was possible to use a double encode combination of first_name, last_name and company to create a working javascript, which gets activated if an admin hoovers over the combined name of the order.

VirtueMart 3.0.8 has been released as a necessity to deal with some security problems that are arisen from previous versions. Besides fixing bugs, VirtueMart teams also added some features on this new version. Now, let's take closer look on VirtueMart 3.0.8.

As released at the end of September, 2014, Joomla! 2.5.25 & 3.3.4 came out to fixed some security issues which were represented as medium priority. However, for a short time of using, these 2 Joomla versions have been meet with other serious security issues. Therefore, Joomla! 2.5.26 and 3.3.5 have been released soon.

As informed by the security firm sucuri.net, HikaShop 2.3.2 caught a security issue that arose in the activation of the user registration process. The issue has been scrapped in HikaShop 2.3.3 immediately.

Continuing with the release for the 2.5 and 3.x series of Joomla and addressing with generated issues, Joomla! 2.5.25 & 3.3.4 have been released. The 2 new Joomla versions significantly deal with the security issue that you must seriously consider to update your Joomla version for safety.

Recommendation: If you are using VirturMart version lower than 2.6.10, you should update it as soon as possible!

VirtueMart version 2.6.10 VirtueMart version 2.9.9B

[SmartAddons] With new update of API from Paypal and security fixes, a new release of VirtueMart were available for download: VirtueMart 2.0.22b. Besides, a lot of new features are implemented, mainly not completed, but worth to give it a try for testing.
Updating immediately is highly recommended for any security release.

[SmartAddons] New releases of Joomla! were available last day: J! 2.5.14 and 3.1.5. These are mainly by a security fix for a critical bug. This bug allows someone to bypass filters then upload malicious things without privilege. We can find more about it here.
Updating immediately is highly recommended for any security releases. So let us be quick.