Vulnerabilities > High

DATE CVE VULNERABILITY TITLE RISK
2025-04-08 CVE-2025-2525 The Streamit theme for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'st_Authentication_Controller::edit_profile' function in all versions up to, and including, 4.0.1.
network
low complexity
CWE-434
8.8
8.8
2025-04-08 CVE-2025-2526 The Streamit theme for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 4.0.2.
network
low complexity
CWE-639
8.8
8.8
2025-04-07 CVE-2025-3379 A vulnerability classified as critical was found in PCMan FTP Server 2.0.7.
network
low complexity
CWE-120
7.3
7.3
2025-04-07 CVE-2025-3377 A vulnerability was found in PCMan FTP Server 2.0.7.
network
low complexity
CWE-120
7.3
7.3
2025-04-07 CVE-2025-3375 A vulnerability was found in PCMan FTP Server 2.0.7.
network
low complexity
CWE-120
7.3
7.3
2025-04-07 CVE-2025-3376 A vulnerability was found in PCMan FTP Server 2.0.7.
network
low complexity
CWE-120
7.3
7.3
2025-04-07 CVE-2025-3373 A vulnerability has been found in PCMan FTP Server 2.0.7 and classified as critical.
network
low complexity
CWE-120
7.3
7.3
2025-04-07 CVE-2025-3371 A vulnerability, which was classified as critical, has been found in PCMan FTP Server 2.0.7.
network
low complexity
CWE-120
7.3
7.3
2025-04-07 CVE-2025-3372 A vulnerability, which was classified as critical, was found in PCMan FTP Server 2.0.7.
network
low complexity
CWE-120
7.3
7.3
2025-04-07 CVE-2025-3370 A vulnerability classified as critical has been found in PHPGurukul Men Salon Management System 1.0.
network
low complexity
CWE-74
7.3
7.3