Date: March 5, 2024, 2024
Stability: Stable
Compatibility: PHP 7, 8.0, 8.1 or 8.2
System Requirements: Joomla 4, Joomla 5, Visforms Base Package 4.4.2 or higher
New Feature
Bug fixes
- Fix: Installation problem due to missing images/visforms directory
Improvements
Security release
A security vulnerability in the Visforms Subscription can potentially be used for SQL injection in a few special cases. We recommend an immediate update to Visforms Basic Package 4.4.2 and Visforms Subscription 4.4.2
Details
- Extension: Visforms Subscription for Joomla 3 and 4
- Probability: Very low
- Impact: Critical
- Severity: High
- Versions: 3.4.6 - 4.4.1
- Exploit type: SQL injection
Affected installations
- Visforms Subscription Package 3.4.6 - 4.4.1
Solution
- Upgrade to Visforms Basic Package and Visforms Subscription Package 4.4.2