#5 - Webtune App - CSRF - CSRF Song Deletion

I am not sure if DELETE method is CSRF-able or not. A stackoverflow thread says it is possible. So, I guess this one can be considered as Vulnerability since the songs' id are enumerable and if an admin fell into a trap then the attacker could just delete the whole songs database.