{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-2519", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "state": "PUBLISHED", "assignerShortName": "Wordfence", "dateReserved": "2025-03-19T13:28:10.784Z", "datePublished": "2025-04-08T01:44:21.955Z", "dateUpdated": "2026-04-08T17:34:54.985Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T17:34:54.985Z"}, "affected": [{"vendor": "iqonicdesign", "product": "Streamit", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "4.0.1", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "The Sreamit theme for WordPress is vulnerable to arbitrary file downloads in all versions up to, and including, 4.0.1. This is due to insufficient file validation in the 'st_send_download_file' function. This makes it possible for authenticated attackers, with subscriber-level access and above, to download arbitrary files."}], "title": "Streamit <= 4.0.1 - Authenticated (Subscriber+) Arbitrary File Download", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/fd28c405-ed2f-435a-806c-1fc43cac0f80?source=cve"}, {"url": "https://themeforest.net/item/streamit-video-streaming-wordpress-theme/29772881"}, {"url": "https://documentation.iqonic.design/streamit/change-log/streamit-v4-0/"}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", "cweId": "CWE-22", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "baseScore": 6.5, "baseSeverity": "MEDIUM"}}], "credits": [{"lang": "en", "type": "finder", "value": "Istv\u00e1n M\u00e1rton"}], "timeline": [{"time": "2025-03-19T00:00:00.000Z", "lang": "en", "value": "Discovered"}, {"time": "2025-03-19T00:00:00.000Z", "lang": "en", "value": "Vendor Notified"}, {"time": "2025-04-04T00:00:00.000Z", "lang": "en", "value": "Disclosed"}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-04-08T14:20:08.166038Z", "id": "CVE-2025-2519", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-04-08T15:59:58.926Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-2519", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-04-08T14:20:08.166038Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-04-08T14:20:09.667Z"}}], "cna": {"title": "Streamit <= 4.0.1 - Authenticated (Subscriber+) Arbitrary File Download", "credits": [{"lang": "en", "type": "finder", "value": "Istv\u00e1n M\u00e1rton"}], "metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 6.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"}}], "affected": [{"vendor": "iqonicdesign", "product": "Streamit", "versions": [{"status": "affected", "version": "0", "versionType": "semver", "lessThanOrEqual": "4.0.1"}], "defaultStatus": "unaffected"}], "timeline": [{"lang": "en", "time": "2025-03-19T00:00:00.000Z", "value": "Discovered"}, {"lang": "en", "time": "2025-03-19T00:00:00.000Z", "value": "Vendor Notified"}, {"lang": "en", "time": "2025-04-04T00:00:00.000Z", "value": "Disclosed"}], "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/fd28c405-ed2f-435a-806c-1fc43cac0f80?source=cve"}, {"url": "https://themeforest.net/item/streamit-video-streaming-wordpress-theme/29772881"}, {"url": "https://documentation.iqonic.design/streamit/change-log/streamit-v4-0/"}], "descriptions": [{"lang": "en", "value": "The Sreamit theme for WordPress is vulnerable to arbitrary file downloads in all versions up to, and including, 4.0.1. This is due to insufficient file validation in the 'st_send_download_file' function. This makes it possible for authenticated attackers, with subscriber-level access and above, to download arbitrary files."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-22", "description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')"}]}], "providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T17:34:54.985Z"}}}, "cveMetadata": {"cveId": "CVE-2025-2519", "state": "PUBLISHED", "dateUpdated": "2026-04-08T17:34:54.985Z", "dateReserved": "2025-03-19T13:28:10.784Z", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "datePublished": "2025-04-08T01:44:21.955Z", "assignerShortName": "Wordfence"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "The Sreamit theme for WordPress is vulnerable to arbitrary file downloads in all versions up to, and including, 4.0.1. This is due to insufficient file validation in the 'st_send_download_file' function. This makes it possible for authenticated attackers, with subscriber-level access and above, to download arbitrary files."}, {"lang": "es", "value": "El tema Sreamit para WordPress es vulnerable a la descarga de archivos arbitrarios en todas las versiones hasta la 4.0.1 incluida. Esto se debe a una validaci\u00f3n de archivos insuficiente en la funci\u00f3n 'st_send_download_file'. Esto permite que atacantes autenticados, con acceso de suscriptor o superior, descarguen archivos arbitrarios."}], "id": "CVE-2025-2519", "lastModified": "2026-04-15T00:35:42.020", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "security@wordfence.com", "type": "Secondary"}]}, "published": "2025-04-08T02:15:19.283", "references": [{"source": "security@wordfence.com", "url": "https://documentation.iqonic.design/streamit/change-log/streamit-v4-0/"}, {"source": "security@wordfence.com", "url": "https://themeforest.net/item/streamit-video-streaming-wordpress-theme/29772881"}, {"source": "security@wordfence.com", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/fd28c405-ed2f-435a-806c-1fc43cac0f80?source=cve"}], "sourceIdentifier": "security@wordfence.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-22"}], "source": "security@wordfence.com", "type": "Secondary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-20T23:21:44.927486+00:00", "value": {"mitigation_remediation": ["Upgrade the Streamit theme to the latest available version that removes the vulnerable download handler.", "If an immediate upgrade is not possible, block or restrict the download endpoint for subscriber and above roles by configuring the web server or a security plugin to prevent access to the st_send_download_file action.", "Continuously monitor user activity logs for unauthorized download attempts and review file access permissions to ensure only necessary files are exposed."], "summary": {"action": "Apply Patch", "impact": "Authenticated Arbitrary File Download"}, "threat_synthesis": {"affected_systems": "The vulnerability affects the iqonicdesign Streamit theme for WordPress in all versions up to and including 4.0.1. Users must verify whether their site is running a version in this range.", "description_and_impact": "The Streamit WordPress theme contains insufficient file validation in the function that handles download requests, enabling users with subscriber-level or higher access to download any file on the server. This flaw falls under input validation and path traversal weaknesses (CWE\u201122) and could allow attackers to exfiltrate private data or internal configuration files. The impact is limited to confidentiality loss, as the flaw does not modify or execute code on the host.", "risk_and_exploitability": "The CVSS score of 6.5 indicates a moderate severity and the EPSS score of less than 1% suggests a very low likelihood of exploitation. The flaw is not listed in the CISA KEV catalog, and it requires authenticated access at the subscriber level or higher, meaning only users who have logged in with those privileges can exploit it. However, once authenticated, attackers can retrieve arbitrary files, so the overall risk to a site depends on the sensitivity of the data behind those files."}}}}, "created": "2026-04-20T23:30:16.117051+00:00", "updated": "2026-04-20T23:30:16.117089+00:00", "vendors": []}