CVE-2022-1583

Summary

The External Links in New Window / New Tab WordPress plugin before 1.43 does not ensure window.opener is set to "null" when links to external sites are clicked, which may enable tabnabbing attacks to occur.

Affected Software

VendorProductVersion RangeStatus
UnknownExternal Links in New Window / New Tab1.43 < 1.43affected

Weaknesses

  • CWE-1022: CWE-1022 Use of Web Link to Untrusted Target with window.opener Access

ADP Enrichment

CVE Program Container

Additional References

References