No developer would write this page, but incompatibilities happen. Here I’m trying to track down when Newsletter does not work properly due to interaction with other plugins.
Apache mod_security is a module which keeps an eye on traffic and tries to sniff hacking attempt. But it can fail. For example, if it sees a request with a piece of text like “1=1” it believes it to be a SQL injection.
Newsletter administration panels use the jQuery UI tabs which set a cookie to remember the latest used tab and when the tab was the number 1 it writes into the cookie tab_1=1. That triggers mod_security which drops the communication.
More details here. Of course, it’s a clear fail of mod_security that should be reconfigured or disabled.
When this plugin is installed it seems that subscription links that point directly to the Newsletter plugin folder are blocked. Try to disable it if you experience problems during subscription to verify if that is your problem. I have no checked the plugin code or configuration to see if it can be kept installed.
This is an old plugin, and actually it seems no more maintained. Anyway problems are present only if the plugin is configured to strip away query string parameters from the URL. What happens is the inability to show the cancellation message to subscribers (and probably other newsletter messages) when a dedicated page is used.
You can disable the plugin, reconfigure it or not use a dedicated page but leaving Newsletter to use its own message page.
Theme My Login
The plugin, actually on version 6.3.1, wrongly intercept a Newsletter’s URL to the profile edit page and redirect to another page. Hope they fix that since I should otherwise add an odd patch on my side with the risk to broke other plugins. 🙂