I'm the author of the plugin. I apologize for any problems the plugin may have caused.
Did the tags being added contain any html/injection code or were they just rude words?
I've tried to sanitize the input data with the line
$target = str_replace("'","''",str_replace(";","",sanitize_title_with_dashes($query)));
and I tested trying to send it bad input before releasing the plugin, but I may well have missed something. I'll check the plugin and update it within the next 24 hours. I considered stopping tags with rude words being added but thought people might want this, perhaps I'll add it and let people remove it.
Ideally I'll add pre-moderation at some point.