Well the backend (admin panel) atm has no check on form inputs since i assume nobody will try to hack/abuse his/her own site.
The frontend (the actual contact form) has the basic checks that is needed i think and i plan to add some extra stuff like generating random tokens and compare against each other (backend<->frontend) to make sure form is submitted from the original site + making sure nothing else (other fields) is submitted just the allowed form fields and also a simple log system to log all attempts in a log file or send them to the admin email.
These stuff will come in the next "minor" update/patch along with some other stuff mentioned in the first post.
The frontend (the actual contact form) has the basic checks that is needed i think and i plan to add some extra stuff like generating random tokens and compare against each other (backend<->frontend) to make sure form is submitted from the original site + making sure nothing else (other fields) is submitted just the allowed form fields and also a simple log system to log all attempts in a log file or send them to the admin email.
These stuff will come in the next "minor" update/patch along with some other stuff mentioned in the first post.