WordPress Navis DocumentCloud plugin version 0.1 suffers from a cross site scripting vulnerability.