A vulnerability was found in joomshaper Helix Ultimate Plugin up to 2.2.6. It has been declared as problematic. The affected element is an unknown function. The manipulation results in cross site scripting.

This vulnerability is reported as CVE-2026-57829. The attack can be launched remotely. No exploit exists.