Social Locker <= 4.2.0 is vulnerable to Reflected Cross Site Scripting

There is a patch available in v4.2.5 and we strongly recommend you update to this version as soon as possible.