The MStore API WordPress plugin before 3.9.8 is vulnerable to Blind SQL injection via the product_id parameter.
View the template here CVE-2023-3077.yaml
echo "$URL" | nuclei -t ~/nuclei-templates/http/cves/2023/CVE-2023-3077.yaml
References: