[ad_1]
Someone has managed to, within 5minutes(I was in a room with them, but didn’t look at what they were doing), find a way to make a post(was still marked as pending though, as configured) on my website without being a user, even tho I set it so only registered people can post.
Not only that, but after the post was sent a new user was somehow created? With no need for e-mail verification or even setting a password?
This plugin needs some security overhaul.
The page I need help with: [log in to see the link]