Plugin triggering ModSecurity IP Block because of XSS threat?

Hello,

I have installed this plugin for the first time on a non-profit website that I am working on and the plugin appears to be triggering an IP Block by ModSecurity on the web server because it believes that the plugin is a “Cross-site Scripting (XSS) Attack”.

I have pasted the ModSecurity log output below – can you please help me resolve this issue? Thanks so much!

[Wed May 15 11:17:29 2013] [error] [client 72.152.102.229] ModSecurity: Access denied with code 406 (phase 2). Pattern match “(?:\\\\b(?:(?:type\\\\b\\\\W*?\\\\b(?:text\\\\b\\\\W*?\\\\b(?:j(?:ava)?|ecma|vb)|application\\\\b\\\\W*?\\\\bx-(?:java|vb))script|c(?:opyparentfolder|reatetextrange)|get(?:special|parent)folder|iframe\\\\b.{0,100}?\\\\bsrc)\\\\b|on(?:(?:mo(?:use(?:o(?:ver|ut)|down|move|up)|ve)| …” at REQUEST_FILENAME. [file “/usr/local/apache/conf/modsec2.user.conf”] [line “114”] [id “950004”] [msg “Cross-site Scripting (XSS) Attack”] [data “.cookie”] [severity “CRITICAL”] [tag “WEB_ATTACK/XSS”] [hostname “amiquebec.org”] [uri “/wp-content/plugins/jquery-vertical-accordion-menu/js/jquery.cookie.js”] [unique_id “UZOnCUUyzs8AAB1jR-YAAAAb”]

https://www.ads-software.com/extend/plugins/jquery-vertical-accordion-menu/