Managing Webinars with CiviCRM

Published
2020-07-17 12:51
Written by
roshani - member of the CiviCRM community - view blog guidelines

With the new reality of living with Covid-19, it is difficult to host in-person meetings. At Plastic Pollution Coalition, we used to host in-person coalition meetings in several cities as a way for people to learn and network with others in their community. In June, we transitioned to doing webinars. Although it's difficult for people to network during webinars, we can still continue sharing best practices and have a dialogue with our community.

CiviCRM 6.16 Release

Published
2026-07-02 01:39
Written by
dev-team - official CiviCRM announcement

Thanks to the hard work of CiviCRM’s incredible community of contributors, CiviCRM version 6.16.0 is now ready to download. This is a regular monthly release that includes new features and bug fixes. Details are available in the monthly release notes.

Your are encouraged to upgrade now for the most stable, secure CiviCRM experience:

Download CiviCRM

CIVI-SA-2026-28: Escalation via Extension Download API

Published
2026-06-15 20:16
Written by

The Extension Download API provides administrators with tools for installing and sideloading extensions. The API is available in PHP, HTTP, CLI, etc. To execute the API, both the POSIX process and the CiviCRM user must have certain permissions.

The issue here is not a specific vulnerability in the API; on its own, it respects ordinary permissioning. However, if the system has another vulnerability (such as XSS), then the Extension Download API is an appealing target for escalation.