Its always a hot topic... would you mind listing half a dozen reasons how its insecure please ?
I wish it were so simple, that I could just spit out a list of bullet points. It isn't, but I'll try. Again, note that it isn't the file explorer per se that is the cause of security issues, but all the API's and features that must be in place (at low enough privilege levels) to support the development of such an app.
Take, for example, the iOS security problem Coolknight1968 mentioned
here. This iOS security issue exists due the availability of an API that allows any app to read the owners inbox. WP deliberately omits such an API, but a programmatically accessible file system would allow access to the file in which mails are stored. That isn't quite as simple to exploit as on iOS, but nevertheless good enough to facilitate misuse given a determined enough attacker. Accessing such a file on the file system doesn't yet constitute an attack. For that, we must also consider intent. A corporate app that spies on employees mails is one attack (One). A similar app that facilitates corporate espionage is another (Two). An app that attempts to relay personal mail communications with your bank or your physician in the interest of perpetrating fraud or extortion is another (Three). The same applies to any other kind of data on your smartphone. Once it is accessible to other apps by any means, it instantly becomes a target for attack. The ability to access calendar data may allow apps to determine when you are home or on holidays. The lure of attacking banking or stock trading apps is obvious, etc. etc. etc.
The typical response is to suggest that security must be managed on the basis of individual files. Although possible, that just isn't a realistic proposition for a consumer oriented device. It also implies that OS developers hand over the responsibility for security to app developers, which most would agree isn't a good idea considering the level of quality smartphone apps typically achieve. The basic problem remains, which is the eternal conflict between usability and security. That conflict will always sway some developers to err on the side of usability, when they really shouldn't. That is how security holes appear. Over time, and given enough apps, thousands of them come into existence just waiting to be exploited.
Incorporating the ability for apps to access data at what is almost the lowest level of the operating system (the file system), amounts to ripping a huge hole in a bank vault, and hoping nobody of ill intention finds it. That is why neither iOS nor WP allow it, and it is also why Android is pretty much screwed in that regard.
EDIT:
Well then, why isn't it a problem on desktop computers and servers where the file system is accessible? Well, actually, it is a problem. Why do you think our desktop computers get updates almost weekly. One side develops new methods of attack while the other side develops new methods of defence... it's a never ending cycle, and Microsoft not being at the very front end of that cycle is what caught them their bad rep back in the early 2000's. That is where Android is heading now, but Microsoft, having learned their lesson, buttoned up WP nice and tight to ensure they don't need to engage in such an arms race again. WP simply must be more secure than a desktop computer, from the outset, by design.