Description The plugin does not have CSRF check when deleting subscriber, which could allow attackers to make logged in admins perform such action via a CSRF attack
Make an admin open a link where `` is a valid user: http://example.com/wp-admin/admin.php?page=wp_newsletter_show_localrecord&action;=delete&rid;=