Primary

Context

MinimogWP WordPress Theme Price Manipulation Vulnerability

Vulnerability

A vulnerability allowing price manipulation has been identified in the MinimogWP eCommerce WordPress theme, affecting all versions through 3.9.0. The issue arises from inadequate validation of quantity values when items are added to the cart. This flaw enables unauthenticated users to modify the quantity of items to fractional amounts, thereby altering the total price based on these adjustments. Notably, this vulnerability is not exploitable if WooCommerce version 9.8.2 or later is active.

Impact

Exploitation of this vulnerability allows for unauthorized price manipulation in the shopping cart, potentially leading to financial loss or abuse of the eCommerce system.

Remediation

Users are advised to update the MinimogWP theme to version 3.9.1 or later.

Added: Jul 26, 2025, 6:17 AM

Updated: Jul 26, 2025, 6:17 AM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

7.4

remediation

7.7

relevance

0.3

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

7.4

remediation

7.7

relevance

0.3

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

MinimogWP WordPress Theme Price Manipulation Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating