CVE-2026-58149 PUBLISHED

Joomla Extension - joomdonation.com - User enumeration in Events Booking < 5.8.0

Assigner: Joomla
Reserved: 29.06.2026 Published: 17.07.2026 Updated: 17.07.2026

The Joomla extension Events Booking is vulnerable to an unauthenticated user enumeration that allows to retrieve account usernames and email addresses.

Product Status

Vendor joomdonation.com
Product Events Booking extension for Joomla
Versions Default: unaffected
  • Version 1.0-5.8.0 is affected

Credits

  • Phil Taylor finder

References

Impacts

  • CAPEC-575 Account Footprinting