Joomla Account Creation Vulnerability
The Joomla team released a patch for a serious security vulnerability affecting all Joomla versions from 3.4.4 and up. If you’re using one of these versions of Joomla, you’re encouraged to update immediately.
The vulnerability has a high severity as it allows anyone to create a user remotely and specify the desired group permission to it, including administrator. Two CVE’s were assigned to these vulnerabilities: CVE-2016-8870 and CVE-2016-8869.