Unauthenticated Remote Plugin Deletion vulnerability discovered by Michal Lipinski in WordPress Login with phone number plugin (versions <= 1.3.6).
Update the WordPress Login with phone number plugin to the latest available version (at least 1.3.7).