+2
User password change to require old password
When user attempts to change his password he is not being required to type his old password.
This is serious security issue.
Password reset from should require old one.
Customer support service by UserEcho