High severity8.2NVD Advisory· Published May 25, 2026· Updated May 26, 2026
CVE-2018-25371
CVE-2018-25371
Description
mooSocial Store Plugin 2.6 contains a blind SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries through the product parameter in URL rewrite functionality. Attackers can inject SQL code using boolean-based blind, time-based blind, or stacked query techniques in the product URI parameter to extract sensitive database information.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: =2.6
Patches
Vulnerability mechanics
References
4News mentions
0No linked articles in our index yet.