DEV Community

Cover image for Joomla 5.2.4 Security & Bugfix Release
Sergey Tolkachyov
Sergey Tolkachyov

Posted on

1 1

Joomla 5.2.4 Security & Bugfix Release

#webdev #joomla #php #coding

Let’s celebrate! The Joomla! Project is pleased to announce the release of Joomla 5.2.4 and Joomla 4.4.11. This is a security and bug fix release for the 5.x and 4.x series of Joomla.

These releases continue Joomla’s high standards in accessible web design, highlighting Joomla's values of inclusiveness, simplicity and security into an even more powerful open-source web platform.

Security Fix

[20250201] - Core - SQL injection vulnerability in Scheduled Tasks component. Read more.

Bug fixes and Improvements with 5.2.4

  • Fix namespace map creation on PHP 8.4 (#44789)
  • Fix PHP Warning for debuguser, debuggroup (#44721)
  • Fix handling of null values on update row (#39607)
  • Fix cache counting issue - correctly count number of files (#43986)
  • Fix permissions for manually running scheduled tasks (#36719)
  • Tag Router: Allow numeric/CSV IDs (Regression) (#44784)
  • Fix for Composer update to enshrined/svg-sanitize to resolve SVG upload issues (#44746)
  • Fix for Article cannot be saved successfully on the front-end (#44680)
  • Fix media downloads with spaces (Follow-up of #37396) (#44745)
  • Finder Router: Filter out unnecessary query elements (#44055)
  • Jooa11y plugin and page cache conflicts (#41956)
  • Fix a11y issue in accordion (role attribute) (#40578)
  • Remove alt-text for menu items when both image and title are set (a11y fix) (#40675)
  • Fix breadcrumbs color in light and dark mode (#44212)
  • Email alt text fix in contact component (#44491)
  • Web Asset Manager: Incorrect loading of external resource with / at the end (#44774)
  • Fix media downloads with spaces (Follow-up of #37396) (#44745)
  • Fix multi-select behavior in Media Manager (Follow-up of #39824) (#44747)
  • Fix error handling when creating folders in Media Manager (#39878)
  • Fix assets for com_scheduler on new installations (#44684)
  • Fix password reset broken in backend (#44723)
  • Email cloak plugin fails for emails with IDN (Internationalized Domain Names) (#39888)
  • Fix handling of root path removal only when it is at the beginning (#36685)
  • Load the namespace from the cached manifest (Reverted) (#44755)
  • Fix for Codemirror duplicated assets entries (#44674)

The full list on GitHub is here: https://github.com/joomla/joomla-cms/milestone/136?closed=1

Read more

Joomla Community resources

profile
Coherence
 Promoted

Billboard image

Deploy and scale your apps on AWS and GCP with a world class developer experience

Coherence makes it easy to set up and maintain cloud infrastructure. Harness the extensibility, compliance and cost efficiency of the cloud.

Learn more

Top comments (0)

profile
Cloudinary
 Promoted

Cloudinary image

Optimize, customize, deliver, manage and analyze your images.

Remove background in all your web images at the same time, use outpainting to expand images with matching content, remove objects via open-set object detection and fill, recolor, crop, resize... Discover these and hundreds more ways to manage your web images and videos on a scale.

Learn more

Read next

rowsanali profile image

How to Implement OpenAI API Key in a Node.js Express App

Rowsan Ali -

silviaodwyer profile image

10 Stunning Vitepress Themes To Check Out

Silvia O'Dwyer -

shaikr786 profile image

Connecting AI Agent with UI - State Management🧩

Reshma Shaik -

davidmorais profile image

Updating my website's tech stack in 2025

David Morais -

DEV Live Events

AWS GenAI LIVE!

GenAI LIVE! is a dynamic live-streamed show exploring how AWS and our partners are helping organizations unlock real value with generative AI.

Tune in to the full event

DEV is partnering to bring live events to the community. Join us or dismiss this billboard if you're not interested. ❤️