Thank you for the further details on this vulnerability! How do you recommend overcoming this issue? Have an email confirmation on behalf of our site?
If someone’s email address is “stolen” by an imposter using it to make a Patreon account, what can the person who actually owns the email address do to rightfully claim the account?