we use the extension "Frontend Submission" and and there are two cases in which entries got into the database that we can't explain.
1. People have to accept the data policy as required field (checkbox) to submit the form, but we got entries into the database, which haven't checked/ accepted the data policy. How is this possible?
2. The form redirects to a page where we track the entries. We got some SPAM entries which weren't redirected to that page. How is this possible? Is the form visible/ accessible on a different page than the page on which we integrated it?
Can you please share the page URL where I can make a test on your site or screenshots of the issue? And please export the field group to a Json file or generate PHP code so I can try to replicate the issue on my demo site.