## https://sploitus.com/exploit?id=WPEX-ID:3CFB6696-18AD-4A38-9CA3-992F0B768B78
This CSRF attack will reject a Quote in the database.
1. Go to All In One Quote > Quotes
2. Click "Add quote", fill in the title, and save.
3. Find the Quote ID, convert it to base64, and URL encode the result. E.g. for a quote ID of "35" the result should be "MzU%3D"
3. Force an admin to visit the following URL, with the encoded ID from above, to trigger the CSRF attack and reject the Quote:
https://example.com?status=quote_rejected"e_id=MzU%3D