Vulnerabilities > CVE-2022-2600 - Unspecified vulnerability in Auto-Hyperlink Urls Project Auto-Hyperlink Urls 5.4.1
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
LOW Integrity impact
LOW Availability impact
NONE Summary
The Auto-hyperlink URLs WordPress plugin through 5.4.1 does not set rel="noopener noreferer" on generated links, which can lead to Tab Nabbing by giving the target site access to the source tab through the window.opener DOM object.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |