Gwyn's Imagemap Selector <= 0.3.3 - Reflected Cross-Site Scripting

The Gwyn's Imagemap Selector WordPress plugin through 0.3.3 does not sanitise and escape some parameters before outputting them back in attributes, leading to a Reflected Cross-Site Scripting.