I'm not a coder, but I installed this plugin on three unique sites and all three of those sites got hacked.
When I installed the plugin, it changed the headers of the other plugins and immediately deactivated them. From what I understand, the specific type of hack seems to effect jquery plugins, so if your plugin is open source, it may have been injected into there.