GET urls with side effects can be a security problem.
For example, imagine the following urls:
Now if those urls are protected by a login system, then only those who login can use them right?
This is because according to a web browser it is ok to include or link to elements on other pages. In fact that's the whole point of hyper linking.
In this way it uses the authorization of person viewing your well crafted page. You can now create a page so that you can delete files as someone else, or pay any amount of money you want to anyone. Whatever the badly designed GET urls allow you to do.
This can even be done with POST. However it's a little harder.
So lay off the GETs with side effects.
This problem is called Cross-site request forgery