WordPress TweetScribe plugin version 1.1 suffers from cross site request forgery and cross site scripting vulnerabilities.