Skip to content
You can now search across every topic, entity and event.What's new
iCagenda
Product

iCagenda

A Joomla calendar and events extension.

Last refreshed: 14 July 2026 · Appears in 1 active topic

Key Question

Why did a Joomla events-calendar plugin end up on a federal exploited-vulnerabilities list?

Timeline for iCagenda

#1014 Jul

Mentioned in: A quiet KEV fortnight, then a 2008 bug

Cybersecurity: Threats and Defences
View full timeline →
Common Questions
What is the iCagenda Joomla extension?
iCagenda is a calendar and event-management extension for the Joomla content-management system, used to publish event listings on a website.
When was the iCagenda vulnerability added to CISA's KEV catalogue?
CISA added a KEV-listed vulnerability in iCagenda to its catalogue on 10 July 2026, one of four Joomla-ecosystem extensions affected that fortnight.Source: event

Background

iCagenda is a calendar and event-management extension for the Joomla content-management system, used by site operators to publish and manage listings of upcoming events. Like other Joomla extensions, it plugs directly into the core CMS, so a flaw in its code can expose the whole site it runs on, not just the events section.

A KEV-listed vulnerability in iCagenda was added to CISA's Known Exploited Vulnerabilities catalogue on 10 July 2026, part of a run of four Joomla-ecosystem extensions affected in the same fortnight alongside JoomShaper SP Page Builder, Balbooa Forms and a Widget Factory package. The concentration of Joomla plugin flaws, rather than a single major vendor, was the defining feature of this KEV window.