Maintainers of the Content Management System (CMS) Joomla announced that two major security vulnerabilities exist in the Joomla software (CVE-2016-8869). The vulnerabilities allow an attacker to gain privileged access to any site that uses Joomla as the backend system. The attacker could then take a number of malicious actions against the site (i.e. vandalism/site shutdown) and the data stored on the site (i.e. data theft).
According to W3techs, about 3% of all websites use Joomla, so this could prove to be a fairly major vulnerability. Exploits have already been spotted in the wild, so if you run Joomla or know someone who does, upgrade to the latest patch version right away.