This script is possibly vulnerable to client side template injection attacks.
Apply context-dependent encoding and/or validation to user input rendered on a page
WordPress Plugin Gallery-Flagallery Photo Portfolio 'skin' Parameter Cross-Site Scripting (1.72)
WordPress Plugin Feed Them Social-for Twitter feed, Youtube and more Cross-Site Scripting (1.6.9)
WordPress Plugin Add Link to Facebook Cross-Site Scripting (2.3)
WordPress Plugin Backup, Restore and Migrate WordPress Sites With the XCloner Cross-Site Scripting (3.1.2)