Personally, I'd avoid it if you can without too much hassle. Using Javascript (or AJAX if you need to load them dynamically), you can quite easily just use a div and change the contents as necessary - in some cases this will give you much more flexibility and will simplify your JS, especially if there's a lot of interaction between your widget and the rest of the page.

That said, I'd investigate both options, and if the JS path seems too tricky or complicated, just go with iframes.

A good option is to use the overflow CSS property. The default value is visible but you can set it to hidden, scroll or auto. I would use auto in your case. If your content gets too big it will look like you have an iframe but it is still right on the page.

see: overflow property

Iframes are not evil they are just another tool like anything else and to determine their merits you have to determine the context in which they will be used. Google Image Search, and several other high profile sites, use iframes for limited purposes.

In general I find they are used for branding or to enable a user to return to a site that redirects the user off site.

Note, if you are using cross domain iframes e.g. an iframe that refers to a domain outside where the page is being served you are limited by design for security reasons and cannot access through javascript the internals of a DOM outside the domain it is associated with.

Also please note many sites prevent their site from being embeded and will stripe the iframe off (redirecting the top url to their domain).

There are several usability and accessability issues with iframes. Some browsers and screenreaders can not display iframes, so you should provide alternative content:

<iframe src="content.html">
    <p>
        This content will only be displayed by browsers that do not support
        iframes. You should provide a link to the content, or in your 
        case an alternative way to use your widget.
    </p>
</iframe>

If you start serving third party content, you should watch out for the iframe grabbing focus after it has finished loading. While a minor annoyance for regular users, it can be very confusing for users browsing with screenreaders.

No, nothing wrong with iframes. Iframes are probably a better idea if you're going to start serving third party content.

The upcoming HTML5 spec also plans to build more security features into iframes for situations like this, so I would consider it good practice to use them now also.

Technically there is nothing wronger with iFrame that with alternatives. But semantically, there are evil.

The Web is based on HTTP, a protocol that says a given URL will always leads to a unique ressource.

Using iFrame, you just serve several ressources melted in a web pages behind one URL for all of them. If you have concerns about how the Web should grow, it's troublesome. What's more, for the search engine robots, it's tricky.