Unauthenticated CSV Injection vulnerability found by Mark Parfeniuk in WordPress Hustle – Pop-Ups, Slide-ins and Email Opt-ins plugin (versions <= 6.0.7).
Update the WordPress Hustle – Pop-Ups, Slide-ins and Email Opt-ins plugin to the latest available version (at least 6.0.8.1).