CVE-2018-1000507
WP User Groups plugin for WordPress version 2.0.0 contains a CSRF vulnerability in the Settings page that allows modification of user groups/types. The issue is exploitable when an administrator clicks a crafted link, according to the CVE description. Mitigation noted: the vulnerability was fixed...