Joomla Version Checker
Find out exactly which Joomla version any site is running, whether it is out of date or end-of-life, and which CVEs affect it. Free online tool, no installation, runs right in your browser.
Used by developers, agencies, and site owners to audit Joomla installs
Pinpoint the Core Version
Identify the Joomla version even when the generator tag is disabled, by combining several detection signals.
- Generator meta tag
- Media & language asset paths
- Core file signatures
- Major release line
End-of-Life Check
Joomla 3.x is end-of-life. We flag whether the detected major version still receives security updates.
- Supported vs EOL major version
- Live lifecycle data
- Upgrade-path guidance
- Outdated / current flag
Known CVEs Surfaced
The version check runs the full scan, so you also see vulnerabilities tied to that Joomla release.
- 100K+ CVE cross-reference
- Core & extension flags
- CVSS severity scoring
- One scan, full picture
Why Your Joomla Version Matters
Joomla powers millions of sites, and its core and extensions are a frequent target for automated attacks. Each release ships security fixes, and once a major version reaches end of life it stops getting patches entirely. Knowing the exact version a site runs, and how far behind it is, is the first step to staying secure.
Frequently Asked Questions
How do I check what Joomla version a site is running?
Enter the site URL above and run the scan. ScanTower reads the Joomla generator meta tag, language and media asset paths, and known core file signatures to determine the version and whether it is current.
Why do some Joomla sites only reveal the major version?
Security-conscious Joomla operators disable the generator meta tag. When that happens we fall back to asset paths and core file fingerprints, which usually still reveal the major release line even if the exact point release is hidden.
Can it tell if a Joomla site is end-of-life?
Yes. Joomla 3.x reached end of life, and we flag whether the detected major version still receives security updates, which matters because EOL Joomla stops getting patches.
Does this tell me if the site is vulnerable?
The version check runs the full scan and cross-references the detected Joomla release against a 100K+ CVE database, scored by severity, so you see the known vulnerabilities affecting that version.
Is checking a site's Joomla version legal?
Reading the version a public site already advertises is passive reconnaissance. Run deeper scans only on sites you own or are authorized to test, which is why the tool asks you to confirm permission first.
Related free tools
WordPress Version Checker
Detect any site's WordPress core version and whether it is out of date.
Drupal Version Checker
Find the Drupal core version any site is running.
Magento Version Checker
Detect the Magento / Adobe Commerce version of any store.
Website Technology Checker
Identify the full tech stack: CMS, frameworks, servers and more.
Website Security Checker
Run a broad security scan across the whole site.
SSL Certificate Checker
Validate the certificate, chain and expiry of any site.
That's Just the Beginning
FREEThis Joomla Version Check scan caught some issues. Run a Full Security Scan to uncover hidden threats like exposed secrets, malicious scripts, and supply chain attacks this quick check missed.