You installed latest extensions, followed the recommendations on Joomla security checklist, locked won your config file - so you can leave your site alone - you're safe! Wrong. You must check at least one additional resource. Even most of the security-consciuscious Joomla webmasters aren't knowing the existence of this list, maintained at Joomla docs site. There are listed all components with known security problems (present and past versions!), and very important to know, the items once  appeared on the list aren't removed when the problem is fixed, because large majority of Joomla webmasters aren't upgrading their site as new versions are coming out for the addons used. So worth checking, even if the components you use are listed on GREEN - aka fixed -, you may run in trouble, because hackers are knowing the list (not as the lazy Joomla webmasters out there) - and are proactively seeking Joomla sites using the unsecure addons. So you will become easily a target even if you have the secure version...

Bookmark this link!

Vulnerable extensions list

Have you ever seen this error message? Yea, correct it's seen in Media Manager when you try to upload files of certain types, as a MP3 file to use with your brand new MP# player module, or an Excel sheet to share whit your visitors.

Embarrassing. Let's get rid if it!