Title: Plugin Vulnerability?
Last modified: March 8, 2023

---

# Plugin Vulnerability?

 *  [blackeye0013](https://wordpress.org/support/users/blackeye0013/)
 * (@blackeye0013)
 * [3 years, 2 months ago](https://wordpress.org/support/topic/plugin-vulnerability-11/)
 * Hello,
 * Your plugin seems to be reported as vulnerable by iThemes Security (see: [https://ithemes.com/blog/wordpress-vulnerability-report-march-8-2023/#wordpress-simple-csvxls-exporter-plugin](https://ithemes.com/blog/wordpress-vulnerability-report-march-8-2023/#wordpress-simple-csvxls-exporter-plugin)).
   Could you please provide a fix?
 * Thanks

Viewing 3 replies - 1 through 3 (of 3 total)

 *  Plugin Author [Shambix](https://wordpress.org/support/users/shambix/)
 * (@shambix)
 * [3 years, 2 months ago](https://wordpress.org/support/topic/plugin-vulnerability-11/#post-16544838)
 * I am aware of the vulnerability, **which wouldn’t affect the website where the
   plugin is**, but the admin’s PC in certain particular situations, where if a 
   hacker enters weird data in eg. category names, then when exported in a csv and
   opened manually, it could execute malicious code on the PC.
 * It is flagged as medium risk (not critical), so I will fix it as soon as I can.
 *  Thread Starter [blackeye0013](https://wordpress.org/support/users/blackeye0013/)
 * (@blackeye0013)
 * [3 years, 1 month ago](https://wordpress.org/support/topic/plugin-vulnerability-11/#post-16670626)
 * Hello Shambix, any news on this? Although I’m glad to know this won’t cause any
   troubles in WP, it would look better, if the vulnerability was taken care of.
 * Same as the “Plugin hasn’t been tested with the latest 3 major releases of WordPress”
   notice.
 * Thanks and have a good day!
 *  [Sepi](https://wordpress.org/support/users/sepicompanywork/)
 * (@sepicompanywork)
 * [2 years, 9 months ago](https://wordpress.org/support/topic/plugin-vulnerability-11/#post-16986830)
 * hope to see **Simple CSV/XLS Exporter** again

Viewing 3 replies - 1 through 3 (of 3 total)

The topic ‘Plugin Vulnerability?’ is closed to new replies.

 * ![](https://s.w.org/plugins/geopattern-icon/simple-csv-xls-exporter_48768f.svg)
 * [Simple CSV/XLS Exporter](https://wordpress.org/plugins/simple-csv-xls-exporter/)
 * [Frequently Asked Questions](https://wordpress.org/plugins/simple-csv-xls-exporter/#faq)
 * [Support Threads](https://wordpress.org/support/plugin/simple-csv-xls-exporter/)
 * [Active Topics](https://wordpress.org/support/plugin/simple-csv-xls-exporter/active/)
 * [Unresolved Topics](https://wordpress.org/support/plugin/simple-csv-xls-exporter/unresolved/)
 * [Reviews](https://wordpress.org/support/plugin/simple-csv-xls-exporter/reviews/)

 * 5 replies
 * 3 participants
 * Last reply from: [Sepi](https://wordpress.org/support/users/sepicompanywork/)
 * Last activity: [2 years, 9 months ago](https://wordpress.org/support/topic/plugin-vulnerability-11/#post-16986830)
 * Status: not resolved