Recently our site was hacked by a very insidious attack called the "Pharma Hack".
*This hack was determined to have entered our site through this plug-in.*
This hack can kill your good standing and hard earned rank with Google. The hack inserts an I-Frame into your footer or header where it hides base 64code to call hidden cookies that it places in various folders on your server. You know the ones viagra, celebrex, etc . . .
We would find them then delete them to find later that they returned and were hidden in a new location. When we consistently found them and removed them they were then crammed into our databases for our support forum and posts, as well as our membership database.
It also serves up mal-ware from other sites remotely through your own sites infection. Our stats went from 30K hits a month to 123. And our site was removed from Google's listing.
You may not even notice your problem until Google de-lists you. If you are not paying attention to your site stats this could become a reality.
To read about this hack go here: http://www.scammeralert(DOT)info/website-hacked-attack-by-iframe-and-index-php-gifimg-php-base64_decode/
In the end it is not an easy problem to fix yourself. We know what we are doing and still had to hire a specialist from sitesecuritymonitor(DOT)com/ for $200 to get rid of it.