7 matches found
EUVD-2026-43302
The Joomla extension Helix Ultimate is vulnerable to an unauthenticated stored XSS...
EUVD-2026-43303
The Joomla extension Helix Ultimate is vulnerable to an unauthenticated arbitrary file deletion...
CVE-2026-57830
The Joomla extension Helix Ultimate is vulnerable to an unauthenticated arbitrary file deletion...
CVE-2026-57829
The Joomla extension Helix Ultimate is vulnerable to an unauthenticated stored XSS...
CVE-2026-57830
The CVE-2026-57830 entry describes a vulnerability in the Joomla extension Helix Ultimate where an unauthenticated user can perform arbitrary file deletions. Affected product: Helix Ultimate for Joomla (the CVE specifically references the extension rather than core Joomla). The identified impact ...
CVE-2026-57829
The CVE concerns the Joomla extension Helix Ultimate (vulnerable component: the Helix Ultimate plugin) with an unauthenticated stored XSS in versions prior to 2.2.7. According to the shared metrics, the vulnerability has a CVSS 4.0 base score of 8.7 (HIGH) with network access, low attack complexi...
CVE-2026-57829 Joomla Extension - joomshaper.com - Unauthenticated stored XSS in Helix Ultimate < 2.2.7
The Joomla extension Helix Ultimate is vulnerable to an unauthenticated stored XSS...