Medium severity5.4NVD Advisory· Published Aug 22, 2022· Updated Jun 17, 2026
CVE-2022-2600
CVE-2022-2600
Description
The Auto-hyperlink URLs WordPress plugin through 5.4.1 does not set rel="noopener noreferer" on generated links, which can lead to Tab Nabbing by giving the target site access to the source tab through the window.opener DOM object.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- WordPress/Auto-hyperlink URLs plugindescription
- Range: <=5.4.1
Patches
Vulnerability mechanics
References
1- wpscan.com/vulnerability/01bbdefd-bdc3-43ef-9f35-6e7ebe786be2nvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.