By chance I found this log file on the plugin folder: stcr-import-failures.log.
The issue is that it includes all the emails from users (which failed in the import process) in plain text and in a fixed/static path.
It seems too easy to check for the bad guys, maybe adding some random text in the filename of the log could be enough.
By chance I found this log file on the plugin folder:
stcr-import-failures.log.The issue is that it includes all the emails from users (which failed in the import process) in plain text and in a fixed/static path.
It seems too easy to check for the bad guys, maybe adding some random text in the filename of the log could be enough.