CVE-2022-2600

The CVE-2022-2600 entry concerns the WordPress plugin Auto-hyperlink URLs (versions through 5.4.1). The underlying issue is that generated links do not include rel="noopener noreferer", enabling Tab Nabbing and potentially exposing the source tab via window.opener. The vulnerability impact, as do...