The wpgv_doajax_front_template AJAX action (both authenticated and unauthenticated, defined in the front.php) does not sanitised, validate or escape the template_id parameter before using it in a SQL statement, leading to a SQL Injection issue. This has been present since at least 1.0.5 v4.1.0 tried to sanitise user input with sanitize_text_field() which is not sufficient.
The PoC will be displayed once the issue has been remediated