Today we released MijoShop 2.5.2 which is compatible with Joomla 2.5 and 3.x versions. This is a High Level SQL Injection Vulnerability release so an immediate update is highly recommended for all of our members.
The vulnerability is applicable only if the attacker knows your username and was reported by VEL about 2 hours ago without POC. Our team was able to isolate and fix the issue immediately. Any further detail will be disclosed later.
Please, check this article to update to MijoShop 2.5.2. Even we use a dedicated server, the automatic update may fail sometimes due to the high load. You can use the manual update in such a case. As always, don't forget to take a back-up before upgrading.
On behalf of the entire team at Miwisoft LLC, please accept my sincere apologies for any inconvenience.