Problems with the egold gateway and digital downloads CC v.3.0.10

[Guest alonewolf]

:rolleyes: Not sure how it was done, but on my site about 12 digital downloads were downloaded bypassing the

stages they should had been in. Meaning the person choose egold, and proceeded somehow to get the info

and downloaded the files as if they actually went thru egold. My files are only accessible thru the Server Root Path. I looked at the order and they had downloaded almost all the files as if I had set the the order to

processing. No egold transactions took place. They did not get the last 3 out of 12 downloads, so I deleted

the order. My question is: Is there an known bug or exploit for the egold gateway? I really cannot figure out how they did this. I would have liked to keep the whole transaction for records. Instead I deleted it and just copied the info. For now I disabled my egold gateway, at least until I can find somewhat of a solution. Any help or suggestions would be appreciated. One more interesting note: the email address the person gave was not even a good one. It was automatically returned to my site as no good. So I cannot see how they got a hold of the download links in the first place. I am using cc v3.0.10, not sure what to do now.