How to fix the security vulnerability affecting 1 in every 10 Joomla sites
Yesterday we were informed of a very serious security vulnerability in eXtplorer — a popular file management utility for Joomla. Unlike the recent security issues in the Joomla core, this vulnerability is in an extension.
After some research, we now know that on up to 1 in every 10 Joomla websites may be subject to this vulnerability. Thankfully, there are a two easy ways to fix the issue.
Standard Joomla sites
- Login to site and look for eXtplorer in the Components menu
- CRITICAL STEP – If you find it, Uninstall immediately
- If you still require this extension, install version 2.1.5 or later
- If removing and installing are not options for you, there are some alternate patches available also.
Watchful-enhanced Joomla sites
Sites that use Watchful can save a tonne of time identifying the affected sites. Simply use the search tool in the Watchful Dashboard to identify any sites that have eXtplorer.
Once you have identified the sites with extplorer, use the
Back link in the dashboard to login and remove or update the extension.
One more easy security tip
Additional reading from your Watchful team that can make your Joomla Site safer