Joomla 3.9.4 is now available.
This is a security fix release for the 3.x series of Joomla which addresses 4 security vulnerabilities and contains 28 bug fixes and improvements.
What's in 3.9.4?
Joomla 3.9.4 includes 4 security vulnerabilities fixes and several bugs and improvements, including:
Security Issues Fixed
High Priority - Core - Missing ACL check in sample data plugins (affecting Joomla 3.8.0 through 3.9.3)
Low Priority - Core - XSS in com_config JSON handler (affecting Joomla 3.2.0 through 3.9.3)
Low Priority - Core - XSS in item_title layout (affecting Joomla 3.0.0 through 3.9.3)
Low Priority - Core - XSS in media form field (affecting Joomla 3.0.0 through 3.9.3)
Bug fixes and Improvements
User Terms and Privacy Consent plugins: Layouts for the label and message added
Featured articles: Page subheading added
Custom formfield layout paths simplified
Com_contact: Contact name field moved out of the Contact Information block
Custom module: Improvement of the frontend editing
Action Logs improvement: Cache and Purge/Export actions are now logged
You all know or should know by now that I highly encourage everyone running a website to keep all the software up to date!
If you are hosting with us, your site has been updated or in the queue for the update today!