Skip to main content
Blog
Joomla 6.0.2 bugfix & security release
Subscribe to our newsletter!

Joomla 6.0.2 bugfix & security release

06 January 2026

On Tuesday, January 6, 2025, Joomla 6.0.2 was released, together with Joomla 5.4.2. These are bugfix & security releases for the Joomla 5.x and 6.x series.

Security fixes

  • Joomla! Core - [20260101] - Inadequate content filtering for data URLs
    A security issue where images could be abused to inject harmful code;
    it affects older Joomla versions (Joomla 4.0.0-5.4.1, 6.0.0-6.0.1) and is solved by updating to 5.4.2 or 6.0.2.
  • Joomla! Core - [20260102] - XSS vector in the pagebreak plugin
    A security flaw in the pagebreak feature that could allow unwanted code on a website;
    it also affects older Joomla versions (Joomla 3.9.0-5.4.1, 6.0.0-6.0.1) and is fixed by updating to 5.4.2 or 6.0.2.

PHP 8.5

Starting with Joomla! 5.4.2 and Joomla! 6.0.2, PHP 8.5 is fully supported.

Bug fixes and improvements in Joomla 6.0.2

Some improvements include:

  • deeper submenu display fix: corrected how deep submenus are shown so site navigation works consistently without visual glitches.
  • template style adjustment: improved button hover styling in the default template for a more consistent and polished look.
  • email encoding issue resolved: fixed problems with certain email formats, making system emails more reliable.
  • development dependency updates: updated internal development tools to remove known vulnerabilities, improving overall project safety.
  • clearer system messages: cleaned up outdated or confusing system notifications to make administration clearer.
  • menu toggle reliability: fixed menu expand and collapse behaviour so navigation responds correctly.
  • improved translations: added and corrected language strings so the interface is properly translated in more places.
  • language cache stability: prevented errors caused by broken language cache files, improving stability for multilingual websites.

A full list of changes is available in the 6.0.2 milestone on GitHub.

Upgrading to Joomla 6 made simple

If you are already using Joomla 5.4, moving to Joomla 6.0 is a normal upgrade and not a migration. In most cases it is quick, safe, and easy to complete, and most extensions will keep working because of the compatibility plugin.

Still, it is important to prepare well. We advise you to test the upgrade on a local or staging site first before updating your live website. This helps avoid problems and keeps your site running without interruptions.

Need help updating or migrating to Joomla 6.0? Contact us!

Peter Martin
Joomla specialist for fast, secure and scalable websites.

Other articles

New website,
website optimisation,
website support or
training needed?

Correspondence

db8 Website Support
Galiciestraat 35
6663 NR Lent
The Netherlands

+31 85 301 48 28
support at db8 dot nl
+31 6 44 214 500 (urgent)

Nijmegen Office

NYMA makersplaats, Unit 69
Winselingseweg 16
6541 AK Nijmegen
Netherlands

By appointment
Monday to Friday
09:00 - 17:00 (5pm)
(Time zone: Central European Time)

Acquisition is
not appreciated

© db8.nl. All rights reserved.