Multiple Cross-Site Scripting (XSS) vulnerabilities found in WordPress CSV Import-Export plugin (versions <=1.1.0).
Dec 20, 2017 - we were unable to find a patched version of this plugin (last updated three years ago). Uninstall or use it at your own risk.