Vendor
MooSocial Store Plugin 2.6 contains a blind SQL injection vulnerability, identified as CVE-2018-25371, allowing unauthenticated attackers to manipulate database queries via the 'product' parameter, potentially leading to sensitive data extraction.