Security Advisory

CVE-2022-2600

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-08-22 15:05:12

Last updated 2024-08-03 00:46:03

Assigner WPScan

State PUBLISHED

Description

The Auto-hyperlink URLs WordPress plugin through 5.4.1 does not set rel="noopener noreferer" on generated links, which can lead to Tab Nabbing by giving the target site access to the source tab through the window.opener DOM object.

← Browse all CVEs View on cve.org ↗