[Critical Bug] User can update other users post.

[sanskarbansal]

A clear and concise description of what the bug is. User can provide the _id of other user's post and update it without any authorisation. To Reproduce Steps to reproduce the behavior:

1. Create a post with your user, get someone else's post '_id' from database.
2. Intercept Requests using BurpSuit.
3. Delete the post which you just created in Step 1.
4. Change the post id with anybody else post id in delete request in burpsuit and Click on Forward.... .
5. That's it.

Expected behavior It should throw an error that post id malformed or something like this.

[welcome[bot]]

Hello there!👋 Welcome to the project!🚀⚡ Thank you and congrats🎉 for opening your very first issue in this project. Athavani is a full-stack MERN Tool built in order to save all your memories in a single place and rejoice them through the years. Please adhere to our Code of Conduct. Please make sure not to start working on the issue, unless you get assigned to it.😄

[ChitvanRamani22]

@sanskarbansal great go ahead!

[sanskarbansal]

@ChitvanRamani22 please review my PR.