Description
e107 2.1.8 has CSRF in 'usersettings.php' with an impact of changing details such as passwords of users including administrators.
Remediation
References
Related Vulnerabilities
WordPress Plugin All in One Webmaster Cross-Site Request Forgery (8.2.3)
WordPress Plugin CBX Petition for WordPress SQL Injection (1.0.3)
WordPress Plugin Shopping Cart & eCommerce Store Multiple Security Bypass Vulnerabilities (3.0.20)
WordPress Plugin Viral Quiz Maker-OnionBuzz SQL Injection (1.2.6)