Joomla 5.1.3 and Joomla 4.4.7 Released

Joomla 5.1.3 and Joomla 4.4.7 Released

The Joomla! Project is pleased to announce the release of Joomla 5.1.3 and 4.4.7. This is a security and bug fix release for the 5.x and 4.x series of Joomla.

This release continues Joomla's high standards in accessible web design, highlighting Joomla's values of inclusiveness, simplicity and security into an even more powerful open-source web platform..

Security Fixes
  • [20240805] - Core - XSS vectors in Outputfilter::strip* methods
  • [20240804] - Core - Improper ACL for backend profile view
  • [20240803] - Core - XSS in HTML Mail Templates
  • [20240802] - Core - Cache Poisoning in Pagination
  • [20240801] - Core - Inadequate validation of internal URLs

Please note: the security fixes include two behaviour changes that might affect existing sites. For more information see the 5.1.3 release FAQ page.

Bug fixes and Improvements with 5.1.3

  • Update TinyMCE to version 6.8.4 (#43808)
  • Fix attachment handling in Mail class (#43828)
  • Delete Schema.org data after deleting an item (#43839)
  • Remove testing channel from CLI (#43764)
  • Fix frontend language multilingual without compatibility plugin (#43791)
  • Remove unneeded variables (#43763)
  • ModalSelect: Fix missing token (#43745)
  • Fix secure flag for session cookies (#43882)
  • Fix encoding in popup links (#43874)
  • Fix header translation for modal select fields (#43878)
  • Fix Javascript error for radio buttons in sublayout (#43804)
  • Fix relative URLs in private messages (#43897)
The full list on GitHub is here: https://github.com/joomla/joomla-cms/milestone/130?closed=1

What's shipped with 4.4.7?
  • Bugfixes
The full list on GitHub is here:https://github.com/joomla/joomla-cms/milestone/129?closed=1

Click or press here for full release information.

It's extremely important to keep your Joomla installation, and extensions up to date to minimise the risk of your site being compromised, you should also check that you are not using vulnerable extensions by visiting Joomla! Vulnerable Extensions List.

Many site owners are totally unaware of the status of their Joomla websites, databases, and hosting environments, the potential risks of being compromised, and the implications of private personal data held. Also many site owners are paying extortionate hosting fees for below standard services running on out of date and insecure hosting environments. 



We offer a wide range of services at Joomla Fixers, including remote on-demand and scheduled Joomla Website Support, Website Design, Website Development, Website Maintenance, Website Marketing, and Website Hosting. Our services cater to both end users and web design studios worldwide.

With over 15 years of experience in overseeing, fixing, constructing, managing, and enhancing Joomla websites since 2005, we are able to operate highly effectively thanks to our Joomla Website Support System.

Joomla Fixers-Joomla Website Support and Maintenance Specialists
Realvision Internet Limited
124 City Road
London, EC1V 2NX
United Kingdom


Terms and Conditions
Privacy Policy
Cookie Policy
Privacy-respecting analytics by Matomo

Secure Payments Powered by Stripe