Fix security vulnerability in admin modules

- The Module\BaseAdmin::post method checked credentials but didn't abort the process when it failed
- Created Module\BaseAdmin::checkAdminAccess method

src/Module/Admin/Blocklist/Contact.php

@@ -32,7 +32,7 @@ class Contact extends BaseAdmin
 {
 	public static function post(array $parameters = [])
 	{
-		parent::post($parameters);
+		self::checkAdminAccess();
 
 		self::checkFormSecurityTokenRedirectOnError('/admin/blocklist/contact', 'admin_contactblock');