The Spreadsheet Integration and Spreadsheet Integration Professional plugins for WordPress have a security flaw that can allow malicious actors to inject malicious web scripts into pages. This vulnerability affects versions up to and including 3.5.0, and is caused by the plugins not properly sanitizing user input and not properly escaping output. This flaw can be exploited if attackers are able to trick users into clicking on a malicious link.