#JUGL meetings are held on the 3rd Tuesday of each month


Official Joomla! Announcements

  • Project: Joomla!
  • SubProject: CMS
  • Impact: Moderate
  • Severity: Low
  • Versions: 3.0.0-3.9.14
  • Exploit type: CSRF
  • Reported Date: 2019-December-23
  • Fixed Date: 2020-January-28
  • CVE Number: CVE-2020-xxxxx


Missing token checks in the batch actions of various components causes CSRF vulnerabilities.

Affected Installs

Joomla! CMS versions 3.0.0 - 3.9.14


Upgrade to version 3.9.15


The JSST at the Joomla! Security Centre.

Reported By: Lee Thao from Viettel Cyber Security

Read more

Two Factor Authentication ( 2FA ) for Joomla

Simple & Easy 2FA setup with any App supporting TOTP algorithm like Google, Authy, LastPass Authenticator & other 2FA methods like OTP over email, OTP over phone, OTP over email and phone, email verification, push notification, security questions (KBA), hardware token (YubiKey).

Secure your Joomla site with state of art second-factor authentication plugin. The setup takes only few minutes, yet protects your site forever. This plugin provides two factor authentication (TFA) during login. Once you have the J2FA plugin installed on your site, you need not to think about stolen password or weak password problems. We provide a variety of second factor authentication (2FA) methods so that your users can choose best suitable method for them.
Visit https://plugins.miniorange.com/joomla-two-factor-authentication-2fa to know more about Joomla 2FA plugin by miniOrange.


You will get 24/7 assistance from our dedicated team of experts. You just need to submit the query from plugin or you can also drop us an email on

Apps Supported by Two Factor Authentication 2FA for Joomla

  • miniOrange Authenticator App
  • Google Authenticator App.
  • Authy 2-Factor Authentication App
  • Any TOTP based App

Two Factor Authentication 2FA for Joomla includes following second-factor authentication methods:

1 OTP OVER EMAIL – Users will receive a One Time Passcode (OTP) on their registered email ID and will validate the OTP in order to complete the login process.
2. OTP OVER SMS - In this method users will receive an SMS with a One Time Passcode (OTP) after verifying which they will be allowed to login.
3. OTP OVER SMS AND EMAIL - User will receive an OTP on their registered mobile number and email.
4. Google Authenticator/Authy Authenticator/LastPass Authenticator - Enter passcode from a preconfigured account in Google Authenticator, Authy Authenticator or LastPass App to login.
5. Email Verification - Accept the verification link sent to your email to login.
6. Soft Token - Users can enter a one-time passcode from the miniOrange Authenticator App.
7. QR code authentication - Scan the QR code from the account in your miniOrange Authenticator App to login.
8. Push notification - Accept a push notification in your miniOrange Authenticator App to login.

Two Factor Authentication 2FA for Joomla also provides a backup option:

In case of user can’t access their phone, nothing to worry about, the users can login using KBA. In this option, the user will be prompted to answer some knowledge-based questions or life questions. If answered correctly, the user will be able to authenticate himself.

Upcoming features in next release of Two Factor Authentication 2FA for Joomla:

  1. Role-based 2FA- You can choose to disable 2FA for some roles or enable 2FA for only some of the roles.
  2. IP based 2FA or IP whitelisting- You can disable the 2FA for some IPs/IP ranges.
  3. Remember device: Second-factor authentication will be required only on new devices

Custom feature requirements -

If you want any custom changes/feature in this plugin, just let us know your requirement in brief on

Read more

EB Logo Carousel is an excellent module to display clients logos, partners logos, sponsors logos, and affiliates logos. It also allows you to put links for each logo and it comes up with lots of in-built styling.


Compatible with Joomla 3.x.x and 4 Alpha
Configurable number of columns for desktops, tablets, and mobiles.
Compatible with all desktop and mobile browsers
In-built and fully configurable carousel behavior (Check Demo)
Add UNLIMITED logo slides
Configurable Navigation arrow positions
Configurable Pause slides on mouse hover - enable or disable
Configurable Autoplay and manage the speed of autoplay
Configurable Logo image box borders
Configurable Logo image box hover effects

Read more

Adsense in article by Jaiss

This Joomla Plugin allow to insert your Google Adsense Code (ore any other code) inside article.

You can chose 4 different position that place your ads in automatic or you can choose exactly position in you article:

Automatic selectable postition are:
After article - Middle of article (at the end of middle paragraph) - Before article - After specified paragraph

Also if you write {adsense} in article, plugin inserts in these postion your adsense code. You can insert unlimited {adsense} in your article and when insert this code automatic postition will be disabled.

You can hide plugin in specified article:

Hide plugin is very simple!! You only need to insert {noadsense} in article that you want exclude.

Read more

EB Timeline is a pure HTML/CSS Joomla timeline module that helps you to tell your brand story by creating beautiful horizontal and vertical history timelines very easily using native Joomla articles. It comes up with the most FLEXIBLE Article Filtering and pre-built but still fully configurable styling options.


Compatible with Joomla 3.x.x and 4 Alpha
Compatible with all desktop and mobile browsers
Pre-built 6 Vertical and Horizontal Timeline Styles
Fully Configurable Timeline Color, Text Color, Box Text Color, Box Background Color
Configurable Timeline Effect with Flat and 3D Shadow
Limit no of articles to be displayed
Specify Articles source (categories, Tags)
Filter Articles within the Date range
Articles Order By Title, ID, Alias, Created date, Modified date, Random, Featured Article, Hits, etc.
Ordering Direction By Ascending and Descending
Show/Hide Article Date, Category, Hits, Author, Tags, Introtext, Read More button
Configure Date display with Date Format
Configure Introtext with Content Limit
Configurable Intro Or Full Image (Hide/Show)

Read more


Launch a Full version of Joomla! for FREE (including hosting) Find out More