MarketPress: Order Status security

It seems as if the order status page seems to have no security. If you know the order number, you can see all the details, even if you are not logged in.

Shouldn't the page at least check to make sure you are logged in, and that order belongs to you before displaying the info? If not, I would definitely put this on the to-do list for future versions.