Because of these vulnerabilities, the attackers can hijack the authentication of administrators for requests that change plugin settings or conduct cross-site scripting (XSS) attacks via the several parameters (โcsj_fadeโ, โcsj_sleepโ, โcsj_widthโ, โupload_imageโ, โcsj_heightโ) in in the thisismyurl_csj.php page to wp-admin/options-general.php.
Upgrade the plugin.