PluggedOut Blog is reported prone to a cross-site scripting vulnerability.
This could allow for execution of hostile HTML and script code in the web client of a user who visits a malicious link to the vulnerable site. This code execution would occur in the security context of the site hosting the vulnerable software.
Exploitation could allow for theft of cookie-based authentication credentials. Other attacks are also possible.