Description
This script is possibly vulnerable to Cross Frame Scripting (XFS) attacks.
This is an attack technique used to trick a user into thinking that fake web site content is legitimate data.
Remediation
Your script should filter metacharacters from user input.
References
Related Vulnerabilities
WordPress Plugin Facebook Page Feed Timeline Cross-Site Scripting (1.0)
WordPress Plugin WP eCommerce Multiple Vulnerabilities (3.9.1)
WordPress Plugin Simply Instagram Cross-Site Scripting (1.2.6)
WordPress Plugin Ultimate Instagram Feed Cross-Site Scripting (1.2)
Drupal Core 6.x Multiple Cross-Site Scripting Vulnerabilities (6.0 - 6.14)