ExpressVPN has removed the split tunneling feature from the latest version of its software after finding that a bug exposed the domains users were visiting to configured DNS servers.
However, this bug caused some DNS queries to be sent to the DNS server configured on the computer, usually a server at the user's ISP, allowing the server to track a user's browsing habits.
Big rule for newbies: Don't trust your VPN's promise of DNS re-routing. It might be fine, but you can never guarantee this will never happen again. Set your DNS routing manually. Cloudflare or Quad9 are great options.