Log in

Login to your account

Username *
Password *
Remember Me
Joomla 3.8.13 is now available. This is a security release for the 3.x series of Joomla which addresses 5 security vulnerabilities....
 
Home /Security Announcements / [20181001] - Core - Hardening com_contact contact form Joomla! CMS Joomla! Framework Resources Mailing Lists...
 
Home /Security Announcements / [20181002] - Core - Inadequate default access level for com_joomlaupdate Joomla! CMS Joomla! Framework...
 
Home /Security Announcements / [20181003] - Core - Access level Violation in com_tags Joomla! CMS Joomla! Framework Resources Mailing Lists...
 
Home /Security Announcements / [20181004] - Core - ACL Violation in com_users for the admin verification Joomla! CMS Joomla! Framework...
 
Home /Security Announcements / [20181005] - Core - CSRF hardening in com_installer Joomla! CMS Joomla! Framework Resources Mailing Lists...
 
Today we’re happy to introduce Photos, an image-centric theme with a clean layout and a design that showcases your favorite snapshots.
 
At Automattic, our mission is to make it easier for people to speak their mind and connect with communities across (and beyond) the web — every WordPress.com website, and every blog post you publish with the tools we build, is part of a broader conversation. With the midterm elections coming up in the U.S. in November, we’re thrilled to announce th...
 
A CMS-powered website has all the ingredients for an IT security nightmare: it is publicly accessible, it’s running on powerful machines with great connectivity and the underlying system is used countless times around the globe, making it an attractive target for attackers. The Joomla Security Strike Team (JSST) is working hard to make sure...
 
A great note-taking app can help with all kinds of daily routines like taking class notes, writing a shopping list, or jotting down ideas for your next great blog post.
 
The WordPress.com Business plan combines fully managed hosting with the freedom to grow and scale your site without limits. Today we’re adding Jetpack Search to WordPress.com Business so you can enjoy powerful and fast on-site search functionality as part of your plan.
 
Joomla 3.8.12 is now available. This is a security release for the 3.x series of Joomla which addresses 3 security vulnerabilities and contains over 20 bug fixes and improvements....
 
Home /Security Announcements / [20180801] - Core - Hardening the InputFilter for PHAR stubs Joomla! CMS Joomla! Framework Resources Mailing Lists...
 
Home /Security Announcements / [20180802] - Core - Stored XSS vulnerability in the frontend profile Joomla! CMS Joomla! Framework...
 
Home /Security Announcements / [20180803] - Core - ACL Violation in custom fields Joomla! CMS Joomla! Framework Resources Mailing Lists...
 
13 years ago, we set out with a vision – to develop a CMS that stood firm on its Open Source values. Instantly, the community was behind us – with more than a thousand people joining our project within just one day. Fast forward 13 years and you could say that we’ve come a long way. 14 versions in (major/minor), Joomla! now...
 
Since the introduction of the Simple Payment Button, we’ve been looking for more ways to streamline payments on WordPress.com and Jetpack-enabled sites. Today, we’re introducing a new variant of the Simple Payment Button, available to WordPress.com Premium and Business plan subscribers and to Jetpack sites on Premium and Professional...
 
As many site creators know, it’s daunting to find images to represent the message you’re trying to put out into the world — especially if you don’t have the equipment or time to make your own.
 
Joomla 3.8.11 is now available. This is a bug fix release for the 3.x series of Joomla including over 35 bug fixes and improvements....
 
It’s no secret that we’re big fans of podcasts — their beautiful storytelling and engaging news delivery add a whole new dimension to the media landscape — and podcasters. We happily support podcast creators, from sponsoring events like Podcast Movement to supporting embeds from services like RadioPublic.
 
We wanted to update you about an upcoming change Facebook is introducing to their platform, and which affects how you may share posts from your WordPress.com website to your Facebook account.
 
Joomla 3.8.10 is now available. This is a bug fix release addressing one bug introduced into 3.8.9 which affects Windows servers....
 
Joomla 3.8.9 is now available. This is a security release which addresses 2 security vulnerabilities and contains over 50 bug fixes and improvements....
 
Home /Security Announcements / [20180601] - Core - Local File Inclusion with PHP 5.3 Joomla! CMS Joomla! Framework Resources Mailing Lists...
 
Home /Security Announcements / [20180602] - Core - XSS vulnerability in language switcher module Joomla! CMS Joomla! Framework Resources Mailing Lists...
 
Today we’re announcing that Atavist, a multimedia publishing platform and award-winning magazine, will be joining WordPress.com parent company Automattic.
 
Maybe you’re reading a blog post while sipping your morning tea when you suddenly realize it’s getting late, or you’re browsing on the bus — but you just got to your stop.
 

Update on Joomla 4

Following the release of Joomla 4.0 Alpha 3, the Joomla 4 Working Group has published below a status update on the anticipated release of Joomla 4....
 
The Joomla Project and CloudAccess.net are equally excited to announce the launch of launch.joomla.org, the brand new platform to launch a free Joomla website and test upcoming releases to support the project by helping make our CMS the best it can be....
 
We’re happy to announce the addition of a frequently requested feature in the WordPress mobile apps: plugin management! With the 9.1 update for the iOS and Android apps, WordPress.com Business plan sites with plugins and self-hosted WordPress sites with Jetpack can now manage their plugins right in the app.
 
Joomla 3.8.5 is now available. This is a bug fix release for the 3.x series of Joomla fixing regressions which were reported after the 3.8.4 release....
 
Today, we’re introducing Conversations: a tool in the Reader that makes it easier for you to monitor and participate in the discussions you care about the most.
 
Joomla 3.8.4 is now available. This is a security release for the 3.x series of Joomla addressing four security vulnerabilities and including over 100 bug fixes and improvements....
 
Home /Security Announcements / [20180101] - Core - XSS vulnerability in module chromes Joomla! CMS Joomla! Framework Resources Mailing Lists...
 
Home /Security Announcements / [20180102] - Core - XSS vulnerability in com_fields Joomla! CMS Joomla! Framework Resources Mailing Lists...
 
Home /Security Announcements / [20180103] - Core - XSS vulnerability in Uri class Joomla! CMS Joomla! Framework Resources Mailing Lists...
 
Home /Security Announcements / [20180104] - Core - SQLi vulnerability in Hathor postinstall message Joomla! CMS Joomla! Framework...
 
Some years go by slowly — not because they’re busier, but maybe there’s just more out there in the world to stop and notice. We hope the WordPress.com and Jetpack community offered you some of those moments this year.
 
There are many fine achievements to reflect on as we look back on 2017. Most importantly the Joomla Project wants to say a massive "thank you" to all our volunteers. As an open source project, Joomla can only achieve what it does with the valuable contributions of our extensive global community of hard-working volunteers. On behalf of the Joomla...
 
New York - December 15, 2017The FCC (Federal Communications Commission) vote on Thursday December 14, 2017 to repeal Net Neutrality, while unfortunately expected, is tremendously disappointing to all believers of an open and free internet.Open Source Matters, Inc. and the Joomla Community believe wholeheartedly in content creation and...
 
Have you given the WordPress mobile apps a try lately? We’ve been working hard to make sure our iOS and Android apps are simple to use and have the features you need to blog right from your phone or tablet. Here are a few recent additions and updates that make blogging on the go easier:
 
Joomla 3.8.3 is now available. This is a bug fix release for the 3.x series of Joomla which includes over 60 bug fixes and improvements....
 
Who is A2 Hosting? It’s likely that you’re already familiar with A2 Hosting. Not only are they an active Joomla! Community member and have sponsored Joomla! and our community, they have been hosting Joomla! sites since their launch back in 2003....
 
Today we’re excited to announce two new premium themes: Small Business and Photo Blog.
 
With the prospect of Joomla 4 next year we would like to raise awareness on the must of upgrading to PHP 7. Joomla 4 will require PHP 7 to run, as stated in this announcement. Most hosts already offer PHP 7 in their packages and it should be fairly easy to change your PHP version. (Hint: before you do, make sure you backup) If not, contact your...
 
As part of our commitment to privacy and transparency, we’re updating our Privacy Policy. We want to give you more information about how we collect and use personal information — in a more organized and readable format.
 
The Joomla Project is pleased to announce the availability of Joomla 4.0 Alpha 1for download....
 
Home /Security Announcements / [20171101] - Core - LDAP Information Disclosure Joomla! CMS Joomla! Framework Resources Mailing Lists...
 
Home /Security Announcements / [20171102] - Core - 2-factor-authentication bypass Joomla! CMS Joomla! Framework Resources Mailing Lists...
 
Home /Security Announcements / [20171103] - Core - Information Disclosure Joomla! CMS Joomla! Framework Resources Mailing Lists...
 
We’ve given one of our favorite features a boost! You can now manage your profile photo, or avatar, right on WordPress.com. This avatar, powered by a service called Gravatar, is the image that represents you online — a thumbnail that appears next to your name when you interact on blogs and websites. With this recently refined feature,...
 
Sometimes it’s the extra touches that make all the difference; on your website, that’s the photos and video that give your content life.
 
Today we’re happy to introduce Radcliffe 2, a refreshed version of a tried-and-true WordPress theme. We’ve optimized it for speed, and added new features specifically with small-business websites in mind.
 
Google Photos is one of the most popular ways of storing and sharing photos online. WordPress.com is one of the most popular ways to blog. Wouldn’t it be great if they played well together — if you could use photos you’ve uploaded to Google on your site?
 
Home /Security Announcements / [20170901] - Core - Information Disclosure Joomla! CMS Joomla! Framework Resources Mailing Lists...
 
Home /Security Announcements / [20170902] - Core - LDAP Information Disclosure Joomla! CMS Joomla! Framework Resources Mailing Lists...
 
Version 8.1 of the WordPress for Android app is now available, with some great enhancements to publishing: background media uploading.
 
Home /Security Announcements / [20170704] - Core - Installer: Lack of Ownership Verification Joomla! CMS Joomla! Framework Resources Mailing Lists...
 
Hi everyone, it’s been a busy few weeks in the world of WordPress, WordPress.com, and Automattic, so I thought I’d share a roundup with all of you! Here’s a rundown:
 
This new VirtueMart 3 Version is completing the vm3.0 series. There won't be any new vm3.0.x updates other than if we have a security issue. Some of our developers are still developing on Joomla 2.5 to ensure the backward compatibility. But from now on, any new version will be developed on the most recent Joomla or WordPress releases. We won't...
 
The Worldwide WordPress 5k (#WWWP5k) is back and better than ever!
 
Automatticians, the people who build WordPress.com, participate in events and projects around the world every day. Periodically, they report back on the exciting things they do when not in front of a computer.
 
We’re excited to announce a newly launched Customizer panel called Content Options.
 
 
The Data Team at Automattic is pleased to announce a new blog for everyone who loves data! Data for Breakfast will feature posts about our data stack, trends in WordPress.com usage, and whatever currently tickles our data fancy. We’re data scientists and engineers with a passion for our craft, and we’re starting this blog to...
 
Thousands of bloggers have used Blogging U’s step-by-step email courses to get started, grow as writers, create beautiful websites, learn the ins and outs of WordPress.com, push their photography skills, and more.
 
If you’ve been looking for the perfect address for your blog, it’s about to get even easier. Millions of new .blog domain names (like yourname.blog) will be availablethis November — and starting today, you can apply to secure your own domain name.
 
Your Instagram account is a great way to share your life, products, and services online. With all that great content, why not showcase your Instagram account on your website or blog? Learn three ways WordPress.com makes it easy and discover other sites that are doing it well.
 
Today we’re launching a feature that will show instant notifications for new comments and likes — even when you are not actively using WordPress.com. Browser notifications give you a real-time sense of your readers’ reactions, allowing you to stay more engaged with your audience. Notifications will show up in Chrome or Firefox in...
 
Joomla! 3.6.2 is now available. This is a bug fix release for the 3.x series of Joomla. This release fixes some bugs in email cloaking and sessions from Joomla! 3.6.1.
 
During the latest release of Joomla! 3.6.1 an issue emerged because of a security fix. 3.6.1 introduced a CSRF token check to the Joomla! Update component as an extra level of security to fix a Medium Level security issue. 3.6.0 down to 2.5.4 (every Joomla! release with the update...
 
Joomla! 3.6.1 is now available. This is a security release for the 3.x series of Joomla. This release fixes several low level security issues. We strongly encourage you update your sites.
 
Mark Dexter & Louis Landry...
 
Mark Dexter & Louis Landry...
 
Mark Dexter & Louis Landry...
 
Automatticians, the people who build WordPress.com, participate in events and projects around the world every day. Periodically, they report back on the exciting things they do in the community. This week, we share our experience at the Podcast Movement 2016 conference.
 

Joomla! 3.6 is Here

The Joomla! Project and the Production Leadership Team are proud to announce the release of Joomla! 3.6 as the latest in the 3.x series. Joomla! 3.6 introduces more than 400 improvements, including many features which make administration of Joomla! Web sites easier and more feature-rich, as well as many UX (user experience) improvements.
 
The Joomla! Project is pleased to announce the availability of Joomla! CMS 3.6 Release Candidate 2. Community members are asked to download and install the package in order to provide quality assurance for the forthcoming 3.6 release.
 
The Joomla! Project is pleased to announce the availability of Joomla! CMS 3.6 Release Candidate. Community members are asked to download and install the package in order to provide quality assurance for the forthcoming 3.6 release.
 
The Joomla! Project is pleased to announce the availability of Joomla! CMS 3.6 Beta 2. Community members are asked to download and install the package in order to provide quality assurance for the forthcoming 3.6 release.
 
The Joomla! Project is pleased to announce the availability of Joomla! CMS 3.6 Beta 1. Community members are asked to download and install the package in order to provide quality assurance for the forthcoming 3.6 release.
 
We are excited to announce the release of two different versions. The 3.0.14 is the direct succesor and is without VirtueMart Frame VMF. The new 3.1.0 is with new VirtueMart Frame VMF. Both versions include the addition of several notable new features.
 
Mark Dexter & Louis Landry...
 
Mark Dexter & Louis Landry...
 
The Joomla! team released today a new version with some security hardenings and fixing a critical security leak in all joomla versions.
 
Mark Dexter & Louis Landry...
 
Mark Dexter & Louis Landry...
 
Mark Dexter & Louis Landry...
 
Mark Dexter & Louis Landry...
 
Mark Dexter & Louis Landry...
 
The company Qualys.com found a new issue, a possible XSS. It misuses the array keys in the URL. Most servers prevent such an URL by default, but nevertheless we've added another protection. We also found and fixed some smaller bugs and glitches in advanced functions and last but not least we added missing backward compatibility for...
 
Mark Dexter & Louis Landry...
 
The last stable version vm3.0.8 was 5 months ago. Development has continued during this time, we just spent additional time testing and checking to deliver a more stable version.
 
You still have until the end of this week to secure your first Christmas present!
 
Lack of CSRF checks potentially enabled uploading malicious code.
 
Inadequate checking of the return value allowed to redirect to an external page.
 
Joomla 3.4.3 is now available. This is a maintenance release for the Joomla 3 series. We strongly encourage you update your sites.
 
As we mentioned in the last news, VirtueMart is audited by different security companies. We are very happy that they found the persistent XSS attack before we released vm3.0.8, so the version vm3.0.8 already contains the fix.
 
Security release VM 3.0.8
Finally after some interim versions, here is the release of VirtueMart 3.0.8.
 
New York, NY, - March 30th, 2015 Joomla!, one of the world’s most popular open source content management systems (CMS), is proud to announce its partnership with Glip—the business messaging app with built-in productivity tools. The partnership will enable Joomla! to streamline com...
 
The Joomla! Project and the Production Leadership Team are proud to announce the release of Joomla! 3.4.1. This is a maintenance release for the 3.x series of Joomla! and addresses issues introduced in 3.4.0 with installing certain extensions and content languages access.
 
Maybe you’re working on a 365 project, with a photo for each day of the year. With a couple months under your belt, you might be looking for a new theme to showcase your work. Let’s check out four themes where the typography and color palettes step aside so that your photos get your visitors’ full attention.
 
We’re excited to offer two Blogging U. courses this March: Blogging 101 and Photography 101. Read on to learn more about each course, see how Blogging U. works, and register!
 
Happy Theme Thursday, all! Let’s dive right into a new free theme:
 
WordPress for iOS version 4.8 comes with exciting editor and navigation enhancements.
 
Over at The Daily Post, our first poetry-focused Blogging U. course, Writing 201: Poetry, has just entered its second week. It’s been a blast, with hundreds of poets sharing their work, experimenting with new forms, and commenting on their peers’ poems.
 

Joomla! 3.4 is Here

Image Credit: Chiara Aliotta and Helvecio Da Silva
 
Several years ago, writer Ann Morgan noticed that she didn’t read much literature from countries outside of the United Kingdom and United States — and had yet to dive into stories from around the globe. From this realization, her blog, A Year of Reading the World, was born. You can read about Ann’s journey in her new book, Reading...
 
In VirtueMart 3.0.6 we fine tuned the completely redesigned Multi Variants which were introduced in our previous release. Let me give you a short introduction.
 
Hew is a personal-blogging theme with a distinct identity and a bright splash of colour. Share your thoughts and experiences with readers while connecting through prominently placed social media links.
 
The Joomla! Project is pleased to announce the availability of the Joomla! 3.4 Release Candidate. Community members are asked to download and install the package in order to provide quality assurance for the forthcoming 3.4 release.
 
A December 2014 addition to our library of themes, Radcliffe stands out with elegant yet modern fonts, large featured images, and clean navigation that gets out of the way and puts your content front and center.
 
In the digital age, it’s very easy to talk at each other through emails, texts, and tweets rather than with each other. Interviews enable us to rekindle the art of conversation. Here are seven interviews we’ve enjoyed reading recently from across all of WordPress.
 
Joomla! 3.4 is almost ready!
We have revised the launch timeline slightly to ensure we can get everything up to the quality levels we all would like, and to ensure thorough testing on as many environments as possible.
 
In the past, we’ve highlighted some of our favorite themes for longform enthusiasts and bloggers who just want to write. Today, let’s take a look at five free themes, launched in the past several months, that offer a distraction-free writing and reading experience.
 
The Joomla! Project is pleased to announce the availability of Joomla! 3.4 Beta 2. Community members are asked to download and install the package in order to provide quality assurance for the forthcoming 3.4 release.
 
It is with great excitement that I announce the opening of ticket sales for the Press Publish conference series we teased here earlier this month!
 
A bit earlier than expected, we have to release vm3.0.4 to close a vulnerability in the core. This is a real vulnerability, no exploit. The problem is a wrong error report setting, which can reveal the used server path for the real attack.
 
The Joomla! Project is pleased to announce the availability of Joomla! 3.4 Beta 1. Community members are asked to download and install the package in order to provide quality assurance for the forthcoming 3.4 release.
 
New York, NY, - January 20, 2015 - Joomla, one of the world’s most popular open source content management systems (CMS), announced today the launch of its new service: Joomla.com. Users can now create and build freely hosted Joomla websites. The project is run in partnership...
 
Joomla Community Magazine | December 2014...
 
Image credit: Helvecio
 
We are pleased to announce the release of VirtueMart 2.6.14 and VirtueMart 3.0.2.
 
Compatible with Joomla 2.5 and Joomla 3, the new generation of the eCommerce solution VirtueMart is now available with many new easing features. Built with the experience of more than 10 years VirtueMart 3 provides you with a powerful and comprehensive eCommerce solution. We give you a flavour of the work we have done to provide you with one of...
 
We are pleased to announce the release of VirtueMart 2.6.12
 
Inadequate checking allowed the potential for remote files to be executed.
 
Inadequate checking allowed the potential for a denial of service attack.
 
Inadequate escaping leads to XSS vulnerability in com_media.
 
Inadequate checking allowed unauthorised logins via LDAP...
 
If you are using a version lower than 2.6.10, you should update right away.
 
We are pleased to announce that Realex is now available through VirtueMart’s ecommerce solution.
 
We finally can announce that the VirtueMart 3 core is ready as Release Candidate 2.9.8. Now the remaining job is to test the core intensively on joomla 3.3 and to add missing backward compatibility for easy updating. As far we can see all API changes are done.
 
We are pleased to announce that Paybox is now available through VirtueMart’s ecommerce solution.
 
Inadequate escaping leads to SQL injection vulnerability.
 
Inadequate escaping leads to XSS vulnerability.
Joomla! CMS versions 2.5.18 and earlier...
 
Inadequate escaping leads to XSS vulnerability in com_contact.
 
Inadequate checking allowed unauthorised logins via GMail authentication.
 
Inadequate filtering leads to XSS vulnerability in com_contact.
 
Inadequate filtering leads to XSS vulnerability in com_contact.
 
Inadequate filtering leads to XSS vulnerability in com_contact, com_weblinks, com_newsfeeds.