CVE-2026-60024

Summary

The Joomla extension Events Booking prior version 5.8.0 did by default allow unauthenticated users to upload media assets.

Affected Software

VendorProductVersion RangeStatus
joomdonation.comEvents Booking extension for Joomla1.0-5.8.0affected

Weaknesses

  • CWE-1188: CWE-1188: Initialization of a Resource with an Insecure Default

References