diff --git a/includes/admin/importers/class-sp-importer.php b/includes/admin/importers/class-sp-importer.php
index e1d12e79..9c2568ce 100644
--- a/includes/admin/importers/class-sp-importer.php
+++ b/includes/admin/importers/class-sp-importer.php
@@ -47,7 +47,7 @@ if ( class_exists( 'WP_Importer' ) ) {
 			$this->header();
 
 			if ( ! empty( $_POST['delimiter'] ) )
-				$this->delimiter = stripslashes( trim( $_POST['delimiter'] ) );
+				$this->delimiter = stripslashes( trim( sanitize_text_field( $_POST['delimiter'] ) ) );
 
 			if ( ! $this->delimiter )
 				$this->delimiter = ',';