Description
usersettings.php in e107 through 2.3.0 lacks a certain e_TOKEN protection mechanism.
Remediation
References
Related Vulnerabilities
WordPress Plugin YITH WooCommerce Gift Cards Premium Arbitrary File Upload (3.3.0)
PHP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2010-1914)
WordPress Plugin Design Approval System Cross-Site Scripting (3.6)
WordPress Plugin Admin Columns CSV Injection (3.4.6)
WordPress Plugin Member Approval Cross-Site Request Forgery (131109)