Yes, disabling suspicious query strings did the trick, but like you say, it's quick and dirty. I'm hoping the plugin developers take stock of popular plugins and exclude them from being blocked.
Alternatively, perhaps they could add a field for permitted query strings, like the whitelisted IPs.