eRoom < 1.3.9 - Cache Deletion via CSRF

The plugin does not have CSRF check in place when deleting cache, which could allow attackers to make logged in users delete cache via a CSRF attack