I have been using your Guestbook for half a year now and really like it. However, I believe there a couple things you could do to improve security.

The following has happened to me several times, using version 2.4.3: Someone creates a post with a "refresh" or "script" html tag, which automatically redirects to a hacker's web site. This happens even if html and ag codes are turned off.

For some of these, I've been able to hit "Cancel" while loading the page (to keep it from reaching the suspect entry), go into EasyAdmin, and remove. However the latest script that hacked my Guestbook was more severe. I had to actually go into the database and remove the entry from the table. Good thing I know SQL!

Anyway, great product...would just be nice to see an update that prevents "refresh" and "script" statements in the comment field.