Joomla 6 Notice

We will be closed for company holidays from December 20th to January 12th.

We are pleased to announce that as of October 14, 2025, all of our Joomla extensions are compatible with Joomla 6.

For all who are still updateing from Joomla 3 to Joomla 4: Joomla 4 Migration instructions are available here:

There is a separate Documentation for Visforms for Joomla 4 and for Visforms for Joomla 5 and 6!

Details: Published: 19 April 2023

Security Annoucement - SQL Injection

Project: Visforms für Joomla 3
Extension: com_visforms
Impact: Critical
Severity: High
Probability: Unkonwn
Versions: 3.8.0 - 3.14.10
Exploit type: SQL Injection
Reported Date: 2023-04-16
Fixed Date: 2023-04-19
CVE Number: CVE-2023-23753

Description

An improper use of input filter allows SQL-Injection.

Affected Installs

com_visforms versions 3.8.0 - 3.14.10.
Visforms Base Package 3.0.0 - 3.0.4 (Since version 3.14.6 com_visforms is part of the Visforms Base Package)

Solution

Upgrade to Visforms Base Package 3.0.5

Contact: This email address is being protected from spambots. You need JavaScript enabled to view it.

Reported By: David Álvarez Robles from AliSEC Soluciones S.L.