Question about Bot Blocking Process

Note: I also posted this on G2.

I work with a couple non-profit websites that use WPJobBoard, and we have WP Cerber Security installed on both. Last week we had a spam bot try to register for an account, but WP Cerber stopped it. What is odd, is that instead of being totally blocked, the bot was able to create an employer profile under my admin account.

Here is the server log (EDT time zone) entry that coincides with the blocking of the bot…

82.102.27.92 – – [07/Apr/2021:17:31:23 -0400] “POST /employer-panel/employer-registration/ HTTP/1.0” 200 17465 “https://www.FakeDomain.org/employer-panel/employer-registration/” “Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4099.2 Safari/537.36” 0 0 “on:TLSv1.2:ECDHE-RSA-AES128-GCM-SHA256” 2892 2190020 192.252.144.33 http://www.FakeDomain.org redirect-handler – 82.102.27.92

And here is a screen shot from WP Cerber for that IP at this time (MST time zone): https://d.pr/i/ergooH

Is it possible that the bot was able to create an Employer Profile, but not fully register because of WP Cerber? And could WP Cerber have caused the employer profile to be assigned to the first user ID (which is mine as the administrator)?

Any thoughts would on this would be appreciated.