Redacted sample Fix Ready packet · HRP-CAT-3097
Product prices unexpectedly show as $0.00
Maintenance teams debugging suspicious WooCommerce price overrides
This public sample uses redacted, provisional packet text. Screenshot proof is intentionally withheld until a real pipeline run produces actual before/after captures.
Fix ready for review
Analysis Result
Hermes ran the price-zero scenario through the local WooCommerce repair pipeline, captured real before/after screenshots, traced the issue to a malicious mu-plugin, and produced a review packet that keeps the fix behind approval because the evidence is from a seeded local repair workspace.
Fix review packet
Proof before production
Nothing has changed on your live store yet.
Evidence files
4 screenshots, result.json, review-packet-v1.json, and fix-artifact.json
Checks included
10 deterministic QA steps passed in the local repair run
Undo window
72 hours
What you reported
Catalog pages showed every product as $0.00 even though the underlying product prices were still stored correctly.
Affected URL: https://sample-store.example/shop
What Hermes found
A malicious mu-plugin named price-display-engine.php hooked woocommerce_get_price_html at priority 99 and replaced every product price with wc_price(0) through an unregistered pde_regional_price filter that always defaulted to zero.
What Hermes changed
Delete only the malicious mu-plugin from wp-content/mu-plugins, leaving the theme, WooCommerce data, cart totals, checkout, and order-state logic untouched so WooCommerce can render the stored prices normally again.
- Delete the malicious mu-plugin that overrides WooCommerce price HTML.
- Leave theme files, WooCommerce product data, cart, checkout, and order-state logic unchanged.
How this was checked
Captured local pipeline verification: Captured local pipeline run produced QA_NEEDS_REVIEW with evidence PASS
Scenario
local-price-zero-1780388865254
Screenshot set
Before /shop/ and after /shop/ from the real local pipeline run
Result
Evidence PASS, QA_NEEDS_REVIEW because production-fidelity verification was not completed
- Captured the affected seeded shop page before repair with $0.00 price output.
- Deleted only wp-content/mu-plugins/price-display-engine.php from the repair workspace.
- Verified /shop/ loaded after repair with visible product cards and price elements.
- Verified no WooCommerce error messages or PHP error markers were visible after repair.
Canonical packet fields
Recipe
woocommerce.product_price_display.v1
Fidelity
not_verified; local seeded workspace differs from production
Review status
needs_review before apply
Screenshot evidence
Provided by the local pipeline: before/1-shop_-desktop.png and after/step-3.png
Functional checks
Verify site loads, affected page loads, products visible, prices visible, and no PHP errors
Customer summary
PASS: prices render normally after deleting the malicious mu-plugin
Proof, scope, and next step
- Diagnosis: price-display-engine.php hooked woocommerce_get_price_html and replaced every product price with wc_price(0).
- Change: delete wp-content/mu-plugins/price-display-engine.php entirely; no other files were modified.
- Verification: deterministic QA loaded the site and affected page, confirmed product cards and price elements, captured after screenshots, and found no PHP error markers.
Blast radius: One malicious mu-plugin file in wp-content/mu-plugins.
Rollback scope: Restore wp-content/mu-plugins/price-display-engine.php from the reviewed backup if needed.
Not tested: Full production-fidelity verification was not completed; this sample is intentionally labeled as seeded local pipeline evidence.
Next step: Review the packet, screenshots, fixed file list, and local-evidence limitation before approving apply on a real site.
Safety net
Risk: Low risk
Low because the packet deletes one malicious mu-plugin and does not touch theme files, database prices, checkout, payment, or order-state behavior.
Rollback: Restore the deleted mu-plugin from the reviewed artifact backup if the approval reviewer decides the removal is wrong.
Before and after target
Before capture
Real local screenshot of the seeded shop before repair with broken price-display output.
After capture
Real local screenshot of the seeded shop after repair with product cards and price elements visible.
Tracked packet evidence
Reproduce
The local pipeline captured /shop/ before repair while the price-display engine forced catalog prices to $0.00.
Isolate
The agent traced the override to wp-content/mu-plugins/price-display-engine.php and confirmed the theme functions file was clean.
Verify
After deleting the mu-plugin, the QA run loaded the shop, confirmed products and prices were visible, and checked for error markers.
Visual evidence and packet artifacts
Public samples list the evidence contract and show only screenshots produced by a real captured pipeline run.
Captured run
Packet evidencelocal-price-zero-1780388865254 completed on 2026-06-02 in the seeded local WooCommerce repair workspace.
Before screenshot
Packet evidenceCaptured /shop/ with the broken price-display output before the repair.
After screenshot
Packet evidenceCaptured /shop/ after removal with product cards and visible price elements.
Review packet verdict
Packet evidenceEvidence verdict PASS, review status needs_review, outcome QA_NEEDS_REVIEW.

Before: seeded shop with broken price output
Open full-size screenshot: Before: seeded shop with broken price output
After: seeded shop after mu-plugin removal
Open full-size screenshot: After: seeded shop after mu-plugin removalThese are real local pipeline run screenshots from local-price-zero-1780388865254 against a seeded WooCommerce repair workspace. They are not customer production screenshots and the packet remains needs_review because full production-fidelity verification was not completed.