NVDThe plugin is vulnerable to XSS due to poor input handling.Attackers can inject scripts if users are tricked into clicking malicious links.