Price Manipulation Vulnerability in MinimogWP eCommerce Theme
CVE-2025-8198

7.5HIGH

Key Information:

Vendor: WordPress
Status: MinimogWP – The High Converting Ecommerce WordPress Theme
Vendor: CVE Published:; 26 July 2025

What is CVE-2025-8198?

The MinimogWP eCommerce theme is susceptible to a price manipulation vulnerability due to inadequate validation of quantity values when items are added to the shopping cart. This flaw allows unauthenticated attackers to modify product quantities to fractional values, influencing the calculated price. Users can mitigate this issue by ensuring their WooCommerce installation is updated to version 9.8.2 or later, which addresses this security concern.

Affected Version(s)

MinimogWP – The High Converting eCommerce WordPress Theme * <= 3.9.0

References

https://www.wordfence.com/threat-intel/vulnerabilities/id...

https://changelog.thememove.com/minimog-wp/

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 26, 2025
Vulnerability Reserved
Jul 25, 2025

Credit

Vijay