Why are passwords exportable as plain text in WordPress?

On my WordPress 3.9.2 installation can I extract the users plain text passwords by going to Users, select all users, and choosing Bulk Actions Export.

When I look in the mySQL database with phpMyAdmin, the passwords are hashed.

Question

How come all user passwords can be exported in plain text, and how can I prevent this?

Update

When I either export one user or “Export All Users” I get output similar to this

User ID,Username,Payment Status,First Name,Last Name,Address,Zip,City,Country,Date,Sex,Phone no.,Email,Company,Password,TOS,Website,AIM,Yahoo IM,Jabber/Google Talk,Biographical Info,Registered,IP
"31","xxx","paid","Jasmine","Lognnes","xxx","xxx","xxx","","xxx","female","","xxx","xxx","xxx","agree","","","","","","2012-01-26 18:13:19","xxx"

You cannot export passwords as plaintext in WordPress, because they are not stored in plaintext. What you see here is obviously the result of a very bad plugin.

Fields like Payment, Sex or Company are not even part of the regular WordPress tables.

For the future: Do not install plugins without prior tests and reviews in a safe environment. Use a local setup to find such security problems. Especially when you are dealing with other peoples data, this is a requirement.

What you should do now: Disable all plugins until this export is not possible anymore. The last disabled plugin was probably the problem. Find all the tables that it has created, delete those tables. Uninstall that plugin.