[@corb3nik](/corb3nik) discovered a vulnerability on the theme preview feature that could have allowed a malicious user to bypass the storefront password protection for any store by accessing the `/preview_bar` endpoint and fetching the preview domain of a store; giving them access to any inform…