Yeah, I know it's very strange. I never understand why Facebook can't keep things more simple, like Twitter :)
I'll try to explain the situation in more detail, so that you can understand everything:
There are two different settings for visitor posts on a Facebook page available to page admins. The owner of each Facebook page can choose if they 1) allow visitor posts to be displayed, or 2) disallow visitor posts. It's explained in Facebook Pages FAQ.
Now, for example, the White House doesn't allow vistor posts, and there are no issues with this page. But many pages allow visitor posts, like for example Amazing Planet which I picked randomly for testing. I don't own this page, so I can't choose the settings to disallow visitor posts, and whatever people post to the page is displayed on it. Admins on some pages take the time to preview and moderate those visitor posts, but often they don't care and display everything.
If you look at the Amazing Planet page, you can see that there is a Visitor Posts (or similar in your language) box on the right side panel, which is not present on the White House page. I think you may have used only pages which don't allow visitor posts, or pages that didn't receive any posts from visitors yet. If a page allows visitor posts but doesn't have any, they will have an empty Visitor Posts box which looks like this:
To reproduce the issue, you can look at the pages you use and see if any has a Visitor Posts box or use any other page that allows visitor posts (for example Amazing Planet). You will see that the contents of the Visitor Posts box are crawled just like official page posts and will be reposted to your site, effectively allowing anyone with a Facebook account to post on your site without authorization.
Ideally, your crawler plugin should never crawl the Visitor Posts section, because if someone discovers this security breach, they can exploit it to spam your site with ads, offensive photos, malicious hack links etc. This is especially undesired on premium membership sites, where people are paying for access and demand highest quality content.
Until you can find a reliable way to eliminate visitor posts, I suggest adding the following warning to your plugin:
Do not use the plugin with Facebook pages which allow visitor posts because of potential security risk.
I think that even without this filter your plugin is really great, but people should be advised to take special care when selecting pages, otherwise they risk dangerous content being posted to their sites.
Also, I've seen that you have a similar plugin for Wordpress on offer. It would be a good idea to add this warning to it too, if it uses the same crawling algorithms.