Thank you for your Block Bad Queries (BBQ) plugin, which is very similar to the functionality recommended in the How to Fix tab of the Ultimate Security Checker (USC) plugin. Unfortunately, BBQ does nothing if the user is logged in as an administrator, which is the only way a user can run the USC tests! This causes a false positive in USC, which reports that the site is still vulnerable to malicious URL requests.
Why do you disable BBQ functionality for administrators? In my opinion, BBQ should be enabled for all users, regardless of capabilities.
Would you please consider releasing an update which addresses this issue?
Thanks very much,