CVE-2024-40514

Name of the Vulnerable Software and Affected Versions themesebrand Chatvia version 5.3.2

Description The issue allows a remote attacker to escalate privileges via the user profile name and image upload functions. This enables unauthorized access and potential malicious activities.

Recommendations For themesebrand Chatvia version 5.3.2, consider restricting access to the user profile name and image upload functions until a patch is available. As a temporary workaround, disabling these functions can help minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.