CVE-2025-8097

Name of the Vulnerable Software and Affected Versions WoodMart versions prior to 8.2.7

Description The WoodMart theme for WordPress is susceptible to improper input validation. Insufficient validation of the qty parameter within the woodmart update cart item function allows unauthenticated attackers to manipulate cart quantities using fractional values. This manipulation can result in cart totals rounding to $0.00, effectively bypassing payment requirements and enabling unauthorized acquisition of virtual or downloadable products.

Recommendations Update WoodMart to version 8.2.7 or later.