WordPress · Woodmart · CVE-2025-8097
**Name of the Vulnerable Software and Affected Versions**
WoodMart versions prior to 8.2.7
**Description**
The WoodMart theme for WordPress is susceptible to improper input validation. Insufficient validation of the `qty` parameter within the `woodmart update cart item` function allows unauthenticated attackers to manipulate cart quantities using fractional values. This manipulation can result in cart totals rounding to $0.00, effectively bypassing payment requirements and enabling unauthorized acquisition of virtual or downloadable products.
**Recommendations**
Update WoodMart to version 8.2.7 or later.