Every CVE whose affected-product data names Purethemes Listeo, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2021-24318 — CVSS 6.5 (medium): The Listeo WordPress theme before 1.6.11 did not ensure that the Post/Page and Booking to delete belong to the user making the request…
CVE-2021-24317 — CVSS 6.1 (medium): The Listeo WordPress theme before 1.6.11 did not properly sanitise some parameters in its Search, Booking Confirmation and Personal Message…