Description The plugin does not prevent user with at least the contributor role from leaking other users’ sensitive metadata.
As a contributor,
- Add shortcode to any post and specify/guess any user ID and meta key and save
- Preview the post and see custom field value outputs from any user
Example shortcode: `[pmpro_member user_id="ANY_USER_ID" field="ANY_META_KEY"]`