CVE-2025-8198

Name of the Vulnerable Software and Affected Versions MinimogWP – The High Converting eCommerce WordPress Theme versions prior to 3.9.1

Description The MinimogWP – The High Converting eCommerce WordPress Theme for WordPress is susceptible to price manipulation due to an insufficient check on quantity values when modifying quantities in the cart. This allows unauthenticated attackers to add items to the cart and adjust the quantity to a fractional amount, leading to price changes based on the fractional amount. The issue is mitigated when WooCommerce version 9.8.2 or later is installed.

Recommendations Update MinimogWP – The High Converting eCommerce WordPress Theme to version 3.9.1 or later. Install WooCommerce version 9.8.2 or later.