Vulnerable endpoint with injection point.
POST /wp-admin/admin-ajax.php HTTP/1.1
Host: localhost
[Redacted]
Content-Type: application/x-www-form-urlencoded
action=<action_name>&nonce=[redacted]&query_vars={"tax_query":{"0":{"field":"term_taxonomy_id","terms":["<inject here>"]}}}