Inadequate checks in the Media Manager allowed users with "edit" privileges to change file extension to arbitrary extension, including .php and other potentially executable extensions.

According to its self-reported version, the instance of Joomla! running on the remote web server is 4.x prior to 4.4.12 or 5.x prior to 5.2.5. It is, therefore, affected by an arbitrary file upload vulnerability due to inadequate checks in the Media Manager.

Note that the scanner has not tested for these issues but has instead relied only on the application's self-reported version number.

According to its self-reported version, the instance of Joomla! running on the remote web server is 4.0.x prior to 4.4.12 or 5.0.x prior to 5.2.5. It is, therefore, affected by a vulnerability.

  - Inadequate checks in the Media Manager allowed users with edit privileges to change file extension to     arbitrary extension, including .php and other potentially executable extensions. (CVE-2025-22213)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

ID	Name	Product	Family	Severity
114666	Joomla! 4.x < 4.4.12 Arbitrary File Upload	Web App Scanning	Component Vulnerability	high
114665	Joomla! 5.x < 5.2.5 Arbitrary File Upload	Web App Scanning	Component Vulnerability	high
232605	Joomla 4.0.x < 4.4.12 / 5.0.x < 5.2.5 Joomla 5.2.5 Security & Bugfix Release (5922-joomla-5-2-5-security-bugfix-release)	Nessus	CGI abuses	high

Detections

Analytics

CVE-2025-22213

high

Tenable Plugins

high

high

high