Force.com Site - Insufficient privileges

We are working on a new (custom) web-to-case form. Part of the requirement is for it to auto-lookup contacts based on provided email and assign existing contacts to the case. To achieve this we added this lookup:

List<Contact> cnt = [Select Id, Account.Id from Contact where Email =: WebCase.SuppliedEmail LIMIT 4];
        if((!cnt.isEmpty()) && (cnt.size() == 1)){
            WebCase.ContactId = cnt.get(0).Id;
            WebCase.AccountId = cnt.get(0).Account.Id;

After adding these lines of code, we get an "Authorization Required" error on the site after submitting a case - debug logs seem to pin it on a case trigger that's supposed to count the number of cases of a specific record type:

trigger countCasesOnAccount on Case (after insert, after update) {
    List<Case> lstCase = [select id, AccountId from Case where id in: trigger.newmap.keyset()];
    set<Id> sAccId = new set<Id>();
    for(Case cs: lstCase){
        if(cs.AccountId != null){
            sAccId.add(cs.AccountId);
        }
    }
    if(sAccId != null && sAccId.size() > 0){
        List<Account> lstAccount = [select id, Open_At_Risk_Cases__c, (select id from Cases where status != 'Closed' AND RecordTypeID = '012d0000000hDP1') from Account where id in: sAccId];
        if(lstAccount.size() > 0){
            for(Account acc: lstAccount){
                acc.Open_At_Risk_Cases__c = acc.Cases.size();
            }
            
            update lstAccount;
        }
    }
}

The guest user has access to all fields required to execute this, but it still fails. Just wondering:

1) What are the options to have this process work around this trigger, or do we need to remove this trigger entirely?
2) If there's a better way to have the contact lookup happen (like with the native web-to-case functionality)