NextGen plugin request is detected as SQL injection

Hi,

When ever I try to add images my gallery, my host detects it as an sql injection. See the following logs, they say it is problem with the plugin.
Please help me with this. I am a great fan of NextGen. I don’t want to change the plugin

Sat Sep 26 15:38:54.508444 2015] [:error] [pid 1390] [client 116.202.9.155] ModSecurity: Access denied with redirection to http://abcdxyz.in/using status 302 (phase 2). Pattern match “(?i:(?:,.*?[)\\\\da-f\\”‘][\\"'](?:[\\”‘].*?[\\"']|\\\\Z|[^\\”‘`]+))|(?:\\\\Wselect.+\\\\W*?from)|((?:select|create|rename|truncate|load|alter|delete|update|insert|desc)\\\\s*?\\\\(\\\\s*?space\\\\s*?\\\\())” at REQUEST_COOKIES:X-Frame-Events_4e433139e36fe563961278a02a5f4c4e. [file “/usr/local/apache/conf/modsec_vendor_configs/OWASP/rules/REQUEST-42-APPLICATION-ATTACK-SQLI.conf”] [line “82”] [id “981257”] [rev “2”] [msg “Detects MySQL comment-/space-obfuscated injections and backtick termination”] [data “Matched Data: ,\\x22gallery_id\\x22:27, found within REQUEST_COOKIES:X-Frame-Events_4e433139e36fe563961278a02a5f4c4e: {\\x22event\\x22:\\x22new_gallery\\x22,\\x22gallery_id\\x22:27,\\x22gallery_title\\x22:\\x22Padukanyasa\\x22,\\x22context\\x22:\\x22attach_to_post\\x22}”] [severity “CRITICAL”] [ver “OWASP_CRS/3.0.0”] [maturity “9”] [accuracy “8”] [tag “Host: abcdxyz.in”] [tag “OWASP_CRS/WEB_ATTACK/SQL_INJECTION”] [hostname “abcdxyz.in”] [uri “/”] [unique_id “VgZutkUyxgcAAAVuqaoAAAAN”]

https://wordpress.org/plugins/nextgen-gallery/