joomla! 5.2.5 and joomla! 4.4.12 released

Joomla is a popular open-source content management system (CMS) used to create and manage websites and web applications. Its high flexibility, extensibility through plugins and templates, and extensive community make Joomla an attractive choice for a wide range of users, including small businesses and large organizations.

Security is a constant concern in the web world, and Joomla is no exception. For this reason, the Joomla development team is constantly investigating and fixing potential security vulnerabilities in the core system and related plugins.

Joomla security updates are of particular importance. These updates include bug fixes, security patches, and system performance improvements that, together, protect the website from hacker attacks, malware, and other cyber threats.

Ignoring security updates can have irreparable consequences, including :

• Website hacker penetration: Hackers can exploit known vulnerabilities to infiltrate your website and steal user information, destroy site content, or use the website for malicious purposes.
• Website reputation loss: If your website is hacked, users’ trust in you and your business will be severely damaged.
• Search engine penalties: If your website is infected with malware, search engines such as Google may penalize your website and reduce its ranking in search results.

Therefore, regularly updating Joomla and its extensions is an essential measure to maintain the security and optimal performance of your website. Joomla has greatly simplified the update process, and using the administration panel, you can easily find out about new updates and install them.

In short, Joomla is a powerful CMS that, with regular security updates, can be a secure and reliable platform for creating and managing websites.

As I explained, on March 11, 2025, the Joomla Project announced the release of Joomla 5.2.5 and Joomla 4.4.12. These are security and bug fixes for the Joomla 5.x and 4.x series. These releases deliver Joomla's high standards in web design, highlighting Joomla's values ​​of inclusiveness, simplicity, and security in a more powerful open source web platform.

Security Issues Addressed in Joomla 5.2.4 and Joomla 4.4.11

• Core - Uploading Malicious Files via Media Manager

This update addresses a security issue that allows users with the "Edit" permission on the Media Manager component to upload malicious files, which leads to a vulnerability. By default, this permission is assigned to all backend user groups and default users with "Editor" or higher.

Uploading malicious files via Joomla Media Manager can cause serious and widespread damage to a website, compromising its security and performance. These damages can be divided into several main categories:

1. Website compromise and control: Malicious files, especially PHP scripts, can gain access to the web server and give the attacker complete control of the site. This control can lead to changing site content, deleting information, loading malware, or even using the server for other attacks.
2. Data corruption: Malicious files can target the Joomla database and corrupt or steal sensitive user information, website settings, and valuable content.
3. Malware propagation: A website infected with malware unwittingly transmits this malicious code to its visitors. This infects users' systems, steals their information, and damages the website's reputation.
4. SEO ranking reduction: Search engines like Google detect websites that contain malware and reduce their rankings. This leads to reduced inbound traffic and harm to online businesses.
5. Website performance disruption: Malicious files can consume server resources and cause the website to slow down or even become inaccessible.
6. Legal and Regulatory Issues: If the privacy of users is violated and their information is stolen, the website owner may face legal and regulatory issues.

Therefore, protecting Joomla Media Manager and preventing malicious files from being uploaded is of utmost importance. Using a strong password, updating joomla and extensions, restricting user access, scanning uploaded files, and using appropriate security extensions are some of the measures that can help reduce the risk of intrusion and protect the website.

Bugs fixed and improved in Joomla 5.2.5

• Fixed bug after installing set frontediting option from CLI
• com_contact: Send copy to Submitter no longer works
• Disable compatibility plugin for system tests
• Deprecated PHP: trim(): Sending null to token #1 ($string) is deprecated
• Set column alias for BannerTable, fix warning bug in Save As Copy
• Updated translations

and more ...

see more details for joomla 5.2.5 on the GitHub website Or click on the address of the original news source (Joomla) at the end of the post.

   Joomla 5 is the latest main version. No new features will be added in Joomla 4 and it will only receive security updates until October 14, 2025.

Continued at source ...

source + download : joomla 5.2.5 and joomla 4.4.12

Author : asal

Comments (0)

Rated 0 out of 5 based on 0 voters

There are no comments posted here yet

Leave your comments

1. Posting comment as a guest. COM_KOMENT_LOGIN_LINK

Username

Password

Login to my account →

Name (Required)

Email (Required)

Website

Background

Rate this post:

Reset Rating

0 Characters

Attachments (0 / 3)

Share Your Location

Type the text presented in the image below

Cancel Submit Comment