From f3ee15c62745b52cb333704f65c9b176dfeb7972 Mon Sep 17 00:00:00 2001
From: Brian Miyaji <brian@themeboy.com>
Date: Fri, 5 Nov 2021 22:24:22 +0900
Subject: [PATCH] Sanitize importer delimiter

---
 includes/admin/importers/class-sp-importer.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/includes/admin/importers/class-sp-importer.php b/includes/admin/importers/class-sp-importer.php
index e1d12e79..9c2568ce 100644
--- a/includes/admin/importers/class-sp-importer.php
+++ b/includes/admin/importers/class-sp-importer.php
@@ -47,7 +47,7 @@ if ( class_exists( 'WP_Importer' ) ) {
 			$this->header();
 
 			if ( ! empty( $_POST['delimiter'] ) )
-				$this->delimiter = stripslashes( trim( $_POST['delimiter'] ) );
+				$this->delimiter = stripslashes( trim( sanitize_text_field( $_POST['delimiter'] ) ) );
 
 			if ( ! $this->delimiter )
 				$this->delimiter = ',';