MyCSS <= 1.1 is vulnerable to Arbitrary Settings Update via Cross-Site Request Forgery (CSRF) vulnerability

The MyCSS WordPress plugin through 1.1 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack