stackideas CVE Vulnerabilities & Metrics

Focus on stackideas vulnerabilities and metrics.

Last updated: 15 Feb 2026, 23:25 UTC

About stackideas Security Exposure

This page consolidates all known Common Vulnerabilities and Exposures (CVEs) associated with stackideas. We track both calendar-based metrics (using fixed periods) and rolling metrics (using gliding windows) to give you a comprehensive view of security trends and risk evolution. Use these insights to assess risk and plan your patching strategy.

For a broader perspective on cybersecurity threats, explore the comprehensive list of CVEs by vendor and product. Stay updated on critical vulnerabilities affecting major software and hardware providers.

Global CVE Overview

Total stackideas CVEs: 5
Earliest CVE date: 30 Jan 2014, 18:55 UTC
Latest CVE date: 16 Jan 2026, 15:15 UTC

Latest CVE reference: CVE-2026-21625

Rolling Stats

30-day Count (Rolling): 0
365-day Count (Rolling): 3

Calendar-based Variation

Calendar-based Variation compares a fixed calendar period (e.g., this month versus the same month last year), while Rolling Growth Rate uses a continuous window (e.g., last 30 days versus the previous 30 days) to capture trends independent of calendar boundaries.

Variations & Growth

Month Variation (Calendar): -100.0%
Year Variation (Calendar): 0%

Month Growth Rate (30-day Rolling): -100.0%
Year Growth Rate (365-day Rolling): 0.0%

Monthly CVE Trends (current vs previous Year)

Annual CVE Trends (Last 20 Years)

Critical stackideas CVEs (CVSS ≥ 9) Over 20 Years

CVSS Stats

Average CVSS: 2.34

Max CVSS: 4.3

Critical CVEs (≥9): 0

CVSS Range vs. Count

Range	Count
0.0-3.9	4
4.0-6.9	3
7.0-8.9	0
9.0-10.0	0

CVSS Distribution Chart

Top 5 Highest CVSS stackideas CVEs

These are the five CVEs with the highest CVSS scores for stackideas, sorted by severity first and recency.

CVE-2015-7324 stackideas Published on 27 Dec 2017, 19:29 UTC (CVSS: 4.3)
Multiple cross-site scripting (XSS) vulnerabilities in helpers/comment.php in the StackIdeas Komento (com_komento) component before 2.0.5 for Joomla! allow remote attackers to inject arbitrary web script or HTML via the (1) img or (2) url tag of a new comment.
CVE-2014-1837 stackideas Published on 30 Jan 2014, 19:55 UTC (CVSS: 4.3)
Cross-site scripting (XSS) vulnerability in the StackIdeas Komento (com_komento) component before 1.7.4 for Joomla! allows remote attackers to inject arbitrary web script or HTML via vectors related to "checking new comments."
CVE-2014-0793 stackideas Published on 30 Jan 2014, 18:55 UTC (CVSS: 4.3)
Multiple cross-site scripting (XSS) vulnerabilities in the StackIdeas Komento (com_komento) component before 1.7.3 for Joomla! allow remote attackers to inject arbitrary web script or HTML via the (1) website or (2) latitude parameter in a comment to the default URI.
CVE-2018-5263 stackideas Published on 08 Jan 2018, 23:29 UTC (CVSS: 3.5)
The StackIdeas EasyDiscuss (aka com_easydiscuss) extension before 4.0.21 for Joomla! allows XSS.
CVE-2026-21625 stackideas Published on 16 Jan 2026, 15:15 UTC (CVSS: 0)
User provided uploads to the Easy Discuss component for Joomla aren't properly validated. Uploads are purely checked by file extensions, no mime type checks are happening.

All CVEs for stackideas

CVE-2026-21625 stackideas vulnerability CVSS: 0 16 Jan 2026, 15:15 UTC

User provided uploads to the Easy Discuss component for Joomla aren't properly validated. Uploads are purely checked by file extensions, no mime type checks are happening.

CVE-2026-21624 stackideas vulnerability CVSS: 0 16 Jan 2026, 15:15 UTC

Lack of input filterung leads to a persistent XSS vulnerability in the user avatar text handling of the Easy Discuss component for Joomla.

CVE-2026-21623 stackideas vulnerability CVSS: 0 16 Jan 2026, 15:15 UTC

Lack of input filterung leads to a persistent XSS vulnerability in the forum post handling of the Easy Discuss component for Joomla.

CVE-2018-5263 stackideas vulnerability CVSS: 3.5 08 Jan 2018, 23:29 UTC

The StackIdeas EasyDiscuss (aka com_easydiscuss) extension before 4.0.21 for Joomla! allows XSS.

CVE-2015-7324 stackideas vulnerability CVSS: 4.3 27 Dec 2017, 19:29 UTC

Multiple cross-site scripting (XSS) vulnerabilities in helpers/comment.php in the StackIdeas Komento (com_komento) component before 2.0.5 for Joomla! allow remote attackers to inject arbitrary web script or HTML via the (1) img or (2) url tag of a new comment.

CVE-2014-1837 stackideas vulnerability CVSS: 4.3 30 Jan 2014, 19:55 UTC

Cross-site scripting (XSS) vulnerability in the StackIdeas Komento (com_komento) component before 1.7.4 for Joomla! allows remote attackers to inject arbitrary web script or HTML via vectors related to "checking new comments."

CVE-2014-0793 stackideas vulnerability CVSS: 4.3 30 Jan 2014, 18:55 UTC

Multiple cross-site scripting (XSS) vulnerabilities in the StackIdeas Komento (com_komento) component before 1.7.3 for Joomla! allow remote attackers to inject arbitrary web script or HTML via the (1) website or (2) latitude parameter in a comment to the default URI.