Joomla 3.9.4 is now available. This is a security fix release for the 3.x series of Joomla which addresses 4 security vulnerabilities and contains 28 bug fixes and improvements.What's in 3.9.4?
Joomla 3.9.4 includes 4 security vulnerabilities fixes and several bugs and improvements, including:Security Issues FixedHigh Priority - Core - Missing ACL check in sample data plugins (affecting Joomla 3.8.0 through 3.9.3) More information »Low Priority - Core - XSS in com_config JSON handler (affecting Joomla 3.2.0 through 3.9.3) More information »Low Priority - Core - XSS in item_title layout (affecting Joomla 3.0.0 through 3.9.3) More information »Low Priority - Core - XSS in media form field (affecting Joomla 3.0.0 through 3.9.3) More information »Bug fixes and ImprovementsUser Terms (#23787) and Privacy Consent (#23660) plugins: Layouts for the label and message addedFeatured articles: Page subheading added #23583Custom formfield layout paths simplified #22645Com_contact: Contact name field moved out of the Contact Information block #23563Custom module: Improvement of the frontend editing #23741Action Logs improvement: Cache (#22739) and Purge/Export (#22740) actions are now logged
Visit GitHub for the full list of bug fixes.DownloadNew InstallationsDownload Joomla 3.9.4English (UK), 3.9.4 Full Package
New installation instructions and technical requirementsUpgrade PackagesUpgrade PackagesJoomla 3 upgrade packages
Note: Please read the update instructions before updating.Remember… Please clear your browser's cache after updating.Found a bug? Report it on the Joomla Issue Tracker.Questions? See the documentation wiki for FAQ’s regarding the 3.9.4 release.