WordPress Pondol Carousel Plugin <= 1.0 - Cross Site Scripting (XSS)

Because of this vulnerability, the variable "itemid" appears to send unsanitized data back to the users browser. Vulnerable file is /pondol-carousel/pages/admincreate.php. Solution Update the plugin...