The plugin does not escape the slider Name, which could allow high-privileged users to perform Cross-Site Scripting attacks.
Create or edit a Slide and put the following payload in the Name field: " onfocus=alert(/XSS/) autofocus="
The XSS will be triggered when editing the slide again