Title: Security Issues
Last modified: December 8, 2016

---

# Security Issues

 *  [malavigne](https://wordpress.org/support/users/malavigne/)
 * (@malavigne)
 * [9 years, 5 months ago](https://wordpress.org/support/topic/security-issues-27/)
 * This plugin have major security issues. For whatever reasons, the plugin is allowing
   the indexation of the archived XML files. The result? All your client’s order
   informations (Address, Email, Phone, etc.) are there laying on search engines.
 * There is ways to block the SEs to crawl this information, but I can’t conceive
   that this is not addressed out of the box!
 * If you are using it, don’t activate the archive option. But anyways, don’t bother
   buying it!

Viewing 2 replies - 1 through 2 (of 2 total)

 *  [Michael Visser](https://wordpress.org/support/users/visser/)
 * (@visser)
 * [9 years, 5 months ago](https://wordpress.org/support/topic/security-issues-27/#post-8528148)
 * [@malavigne](https://wordpress.org/support/users/malavigne/), thanks for raising
   this, this Plugin does not inform search engines of archived export files, the“
   Enable Archives” option visible from the WooCommerce > Store Export > Settings
   screen is disabled by default and includes a clear notice if activated to ensure
   that directory browsing (and consequently indexing by SE’s) is disabled.
 * [https://www.visser.com.au/documentation/store-exporter-deluxe/troubleshooting/#mitigating-the-risk-of-having-the-wordpress-media-indexed-by-search-engines-eg-google](https://www.visser.com.au/documentation/store-exporter-deluxe/troubleshooting/#mitigating-the-risk-of-having-the-wordpress-media-indexed-by-search-engines-eg-google)
 * Further, we worked with the team at Plugin Vulnerabilities to mitigate the risk
   of guessing any archived exports by adding the date and time as well as a complex
   suffix hash to the export filename.
 * [https://www.visser.com.au/blog/plugin-update-store-exporter-deluxe-2-0-8-for-woocommerce/](https://www.visser.com.au/blog/plugin-update-store-exporter-deluxe-2-0-8-for-woocommerce/)
 * Did other functionality of this Plugin work as expected? Your review would have
   been better suited as a support topic where this could have been clarified.
 *  Moderator [Jan Dembowski](https://wordpress.org/support/users/jdembowski/)
 * (@jdembowski)
 * Forum Moderator and Brute Squad
 * [9 years, 5 months ago](https://wordpress.org/support/topic/security-issues-27/#post-8528863)
 * I’ve removed `modlook` from this topic. There’s nothing here that’s modlook’able.

Viewing 2 replies - 1 through 2 (of 2 total)

The topic ‘Security Issues’ is closed to new replies.

 * ![](https://ps.w.org/woocommerce-exporter/assets/icon-256x256.png?rev=986329)
 * [Store Exporter – Export WooCommerce Products, Orders, Subscriptions, Customers](https://wordpress.org/plugins/woocommerce-exporter/)
 * [Frequently Asked Questions](https://wordpress.org/plugins/woocommerce-exporter/#faq)
 * [Support Threads](https://wordpress.org/support/plugin/woocommerce-exporter/)
 * [Active Topics](https://wordpress.org/support/plugin/woocommerce-exporter/active/)
 * [Unresolved Topics](https://wordpress.org/support/plugin/woocommerce-exporter/unresolved/)
 * [Reviews](https://wordpress.org/support/plugin/woocommerce-exporter/reviews/)

 * 2 replies
 * 3 participants
 * Last reply from: [Jan Dembowski](https://wordpress.org/support/users/jdembowski/)
 * Last activity: [9 years, 5 months ago](https://wordpress.org/support/topic/security-issues-27/#post-8528863)