Version 3.1.4 released
Sanitize strings in the option page to avoid XSS injection from the admin side. Thanks to Julien from RCE Security for his POC. I'm quoted him :
"To successfully exploit this vulnerability, a user with rights to add or change user group titles, style titles or category titles must trick another authenticated user with access rights to the administrative panel to visit the affected configuration page of the plugin."