Information from Yohsuke Ohkouchi

【Overview】

Cross site scripting vulnerability exists in the place to display the setting completion status of this plug-in setting screen.

【Impact】

Arbitrary code may be executed on this plugin setting screen.
However, since it assumes that you are logged in to the wordpress administration screen, it will not be attacked from the outside.

【How to respond】

Please update from wordpress management screen or download the latest version from the official plugin site.