Without the website being open source, I would have to perform a black box audit, and finding those vulnerabilities is definitely possible but might require more time.
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
Without the website being open source, I would have to perform a black box audit, and finding those vulnerabilities is definitely possible but might require more time.