Forgetting to secure the admin panel isn't a little mistake though and is easy enough to detect "Hey, I didn't have to log in to an admin account to use the admin panel thats weird".
Saying security is less important because it's not a bank doesn't make sense because it's issues like this that can cost a company it's existence.
I'm not advocating firing the developer. If every developer got fired for every stupid silly mistake we'd have no working developers in the world. I was just clarifying the seriousness of this specific flaw. :)
Saying security is less important because it's not a bank doesn't make sense because it's issues like this that can cost a company it's existence.