A vulnerability was found in Fox-themes Prague Plugin up to 2.2.8 on WordPress. It has been classified as problematic . Affected by this vulnerability is an unknown functionality. The manipulation leads to cross site scripting. This vulnerability is listed as CVE-2025-15654 . The attack may be initiated remotely. There is no available exploit.