fix: check for csrf token on /register/abort, + theme changes for v2.x branches of themes

install/package.json

@@ -99,9 +99,9 @@
         "nodebb-plugin-spam-be-gone": "1.0.2",
         "nodebb-rewards-essentials": "0.2.1",
         "nodebb-theme-lavender": "6.0.0",
-        "nodebb-theme-persona": "12.1.1",
+        "nodebb-theme-persona": "12.1.10",
         "nodebb-theme-slick": "2.0.2",
-        "nodebb-theme-vanilla": "12.1.18",
+        "nodebb-theme-vanilla": "12.1.19",
         "nodebb-widget-essentials": "6.0.0",
         "nodemailer": "6.7.8",
         "nprogress": "0.2.0",

src/routes/authentication.js

@@ -171,7 +171,7 @@ Auth.reloadRoutes = async function (params) {
 
 	router.post('/register', middlewares, controllers.authentication.register);
 	router.post('/register/complete', middlewares, controllers.authentication.registerComplete);
-	router.post('/register/abort', controllers.authentication.registerAbort);
+	router.post('/register/abort', Auth.middleware.applyCSRF, controllers.authentication.registerAbort);
 	router.post('/login', Auth.middleware.applyCSRF, Auth.middleware.applyBlacklist, controllers.authentication.login);
 	router.post('/logout', Auth.middleware.applyCSRF, controllers.authentication.logout);
 };