CSV Injection vulnerability found by Mohamad Pishdar (cert.ikiu.ac.ir) in WordPress Import and export users and customers plugin (versions <= 1.16.3.5).
Update the WordPress Import and export users and customers plugin to the latest available version (at least 1.16.3.5).