Aaron. You have already validated my message and then I retrieved my "key" (it need for your version of wp-subscription-manager.php). And after looking to one of the vulnerable scripts (in this case - wp-subscription-manager.php), I can tell you that your site is vulnerable (via Subscribe To Comments plugin)!
You need to update plugin. You can take Subscribe To Comments 2.0.5 from my MustLive Security Pack v.1.0.4 or download last version (Subscribe To Comments 2.0.8) from developer's site.
Aaron. As I wrote at my site http://websecurity.com.ua/187/ two weeks ago, I was found a vulnerability in Subscribe To Comments WordPress plugin (and already released the path and plugin developer also worked on next version of plugin). So there are many other cases (among WordPress plugins) with plugin's vulnerabilities, not only in Democracy plugin. And as I see, you also use Subscribe To Comments at your site, so you need to draw attention to this information (and check your plugin).
