I mean, if it's something that's editable only by admins of the instance, I'm not sure it constitutes a vulnerability, since admins can change the content to whatever they desire by definition.
At this point it doesn't seem like community sidebars have the voulnerabilty. We are fairly confident that they have identified the voulnerabilty and that lemmy.ca is safe as long as our admin accounts are properly locked down which we have confirmed.