Date: January 31, 2024
Stability: Stable
Compatibility: PHP 7, 8.0, 8.1 or 8.2
System Requirements: Joomla 4, Joomla 5, Visforms Base Package 4.4.1 or higher
New Feature
Bugfixes
Improvements
Security Release
A security vulnerability in the Visforms Subscription can potentially be used for SQL injection in a few special cases.
We recommend an immediate update to Visforms Basic Package 4.4.1 and Visforms Subscription 4.4.1
Details:
- Extension: Visforms Subscription for Joomla 3 and 4
- Probability: Very low
- Impact: Critical
- Severity: High
- Versions: 3.4.6 - 4.4.0
- Exploit type: SQL injection
Affected installations
- Visforms Subscription Package 3.4.6 - 4.4.0
Solution
- Upgrade to Visforms Basic Package and Visforms Subscription Package 4.4.1