A vulnerability labeled as problematic has been found in purethemes Listeo Core Plugin up to 2.0.21 on WordPress. The affected element is an unknown function. The manipulation results in cross site scripting.
This vulnerability is known as CVE-2026-25461. It is possible to launch the attack remotely. No exploit is available.
