PT-2025-30960 · WordPress+1 · Minimogwp+1
Vijay
·
Published
2025-07-26
·
Updated
2025-07-26
·
CVE-2025-8198
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N |
Name of the Vulnerable Software and Affected Versions
MinimogWP – The High Converting eCommerce WordPress Theme versions prior to 3.9.1
Description
The MinimogWP – The High Converting eCommerce WordPress Theme for WordPress is susceptible to price manipulation due to an insufficient check on quantity values when modifying quantities in the cart. This allows unauthenticated attackers to add items to the cart and adjust the quantity to a fractional amount, leading to price changes based on the fractional amount. The issue is mitigated when WooCommerce version 9.8.2 or later is installed.
Recommendations
Update MinimogWP – The High Converting eCommerce WordPress Theme to version 3.9.1 or later.
Install WooCommerce version 9.8.2 or later.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Minimogwp
Woocommerce