CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0CVE-2025-2526 – Streamit <= 4.0.2 - Authenticated (Subscriber+) Privilege Escalation via User Email Change/Account Takeover
https://notcve.org/view.php?id=CVE-2025-2526
07 Apr 2025 — The Streamit theme for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 4.0.2. This is due to the plugin not properly validating a user's identity prior to updating their details like email in the 'st_Authentication_Controller::edit_profile' function. This makes it possible for unauthenticated attackers to change arbitrary user's email addresses, including administrators, and leverage that to reset the user's password and gain access to their account... • https://documentation.iqonic.design/streamit/change-log/streamit-v4-0 • CWE-639: Authorization Bypass Through User-Controlled Key •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-2519 – Streamit <= 4.0.1 - Authenticated (Subscriber+) Arbitrary File Download
https://notcve.org/view.php?id=CVE-2025-2519
04 Apr 2025 — The Sreamit theme for WordPress is vulnerable to arbitrary file downloads in all versions up to, and including, 4.0.1. This is due to insufficient file validation in the 'st_send_download_file' function. This makes it possible for authenticated attackers, with subscriber-level access and above, to download arbitrary files. • https://documentation.iqonic.design/streamit/change-log/streamit-v4-0 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0CVE-2025-2525 – Streamit <= 4.0.1 - Authenticated (Subscriber+) Arbitrary File Upload
https://notcve.org/view.php?id=CVE-2025-2525
04 Apr 2025 — The Streamit theme for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'st_Authentication_Controller::edit_profile' function in all versions up to, and including, 4.0.1. This makes it possible for authenticated attackers, with subscriber-level and above permissions, to upload arbitrary files on the affected site's server which may make remote code execution possible. • https://documentation.iqonic.design/streamit/change-log/streamit-v4-0 • CWE-434: Unrestricted Upload of File with Dangerous Type •