Cross-site request forgery (CSRF) vulnerability in the Login rebuilder plugin before 1.2.0 for WordPress allows remote attackers to hijack the authentication of arbitrary users.
http://wordpress.org/plugins/login-rebuilder/changelog/
http://jvndb.jvn.jp/jvndb/JVNDB-2014-000062