Description
e107 2.1.8 has CSRF in 'usersettings.php' with an impact of changing details such as passwords of users including administrators.
Remediation
References
Related Vulnerabilities
WordPress Plugin Gantry 4 Framework Remote Command Execution (4.1.3)
OpenSSL DEPRECATED: Code Vulnerability (CVE-2015-0286)
WordPress Plugin DMCA WaterMarker Cross-Site Scripting (1.0)
WordPress Plugin Stylish Price List Security Bypass (6.8.14)
WordPress Plugin WordPress Survey & Poll-Quiz, Survey and Poll SQL Injection (1.1.91)