Yesterday someone somehow purchased a product off my site that should have cost $3 for $0.01. After doing a bit of research online some people are saying it's possible to spoof posted variables and do this.
The bigger problem is that the Gravity forms entry actually shows the wrong amount, but the purchase still completed! As I'm using the user addon as well to work as a digital delivery system this basically means someone got this product for free.
Does Gravity forms check that the amount returned from Paypal matches the product value? If it doesn't is there anyway I can implement this?