The Banner Effect Header WordPress plugin was affected by a Cross-Site Scripting (XSS) security vulnerability.
www.netsparker.com/cve-2015-1384-xss-vulnerability-in-banner-effect-header/