Disqus, the maker of the popular community commenting plugin, has patched a handful of security flaws, including a CSRF bug. The vulnerabilities are present in all versions of the plugin up to 2.75. The most serious of the three vulnerabilities fixed in version 2.76 of the Disqus plugin is the CSRF flaw in the manage.php module. An attacker could set up a malicious site with the exploit code on it and inject it into the user s browser via CSRF.
Source: https://threatpost.com/disqus-patches-csrf-other-flaws-in-plugin/107738/