Authenticated SQL Injection (SQLi) vulnerability discovered by Ihor Bliumental in WordPress Leaflet Maps Marker plugin (versions <= 3.12.4).
Update the WordPress Leaflet Maps Marker plugin to the latest available version (at least 3.12.5).