Yesterday we were informed of a very serious security vulnerability in eXtplorer — a popular file management utility for Joomla. Unlike the recent security issues in the Joomla core, this vulnerability is in an extension.

After some research, we now know that on up to 1 in every 10 Joomla websites may be subject to this issue. Thankfully, there are a two easy ways to fix the security vulnerability.

Standard Joomla sites

1. Login to site and look for eXtplorer in the Components menu
2. CRITICAL STEP – If you find it, Uninstall immediately
3. If you still require this extension, install version 2.1.5 or later
4. If removing and installing are not options for you, there are some alternate patches available also.

Watchful-enhanced Joomla sites

Sites that use Watchful can save a tonne of time identifying the affected sites. Simply use the search tool in the Watchful Dashboard to identify any sites that have eXtplorer.

Once you have identified the sites with extplorer, use the Back link in the dashboard to login and remove or update the extension to fix the security vulnerability.

One more easy security tip

Additional reading from your Watchful team that can make your Joomla Site safer

• Monitor critical files for unauthorized changes