VulnTitan VulnTitan Security command center
Plugin Vulnerability Hub
Plugin 2 known issues Latest disclosed May 09, 2022

External Links in New Window / New Tab Vulnerabilities

Review known vulnerability records for the WordPress plugin External Links in New Window / New Tab (`open-external-links-in-a-new-window`), including severity, CVE references, affected versions, and patch status.

Recent tracked CVEs on this page include CVE-2022-1582 and CVE-2022-1583, so operators can jump from disclosure to patch validation without scanning the full feed first.

View on WordPress.org Back to Feed
Known Records
2
High or Critical
0
Patch Coverage
100%
Last Updated
Jan 22, 2024
Priority CVE Quick Links

Fast paths into External Links in New Window / New Tab CVE reports

Start with the highest-signal CVE records for this WordPress plugin before scanning the full vulnerability feed.

Indexed CVEs
2
CVE-2022-1583 Medium 1.43
CVE-2022-1583 External Links in New Window / New Tab Vulnerability

External Links in New Window / New Tab <= 1.42 - Tabnabbing

CVE-2022-1582 Medium 1.43
CVE-2022-1582 External Links in New Window / New Tab Stored Cross-Site Scripting

External Links in New Window / New Tab <= 1.42 - Unauthenticated Stored Cross-Site Scripting

Coverage Snapshot

What this page helps you verify fast

This hub clusters every indexed record for External Links in New Window / New Tab so operators can confirm whether a disclosed issue maps to the installed slug, version range, and patch path.

Patch Visibility
2 records include a published patch path, leaving 0 with no listed safe release yet.
Severity Mix
0 critical and 0 high severity findings.
Recent CVEs
CVE-2022-1582 and CVE-2022-1583
Reference Workflow
Jump from the hub into the full report when you need remediation notes, exploit context, CVSS vectors, or source references.
Triage First

Open the records most likely to drive action

These recent records surface the CVE strings, patch cues, and direct report links most operators need first.

Known Vulnerabilities

Reports for External Links in New Window / New Tab

Sorted by latest disclosure date so newly published issues surface first.

Plugin Medium Patched: Yes CVE-2022-1582
CVE-2022-1582: External Links in New Window / New Tab <= 1.42 - Unauthenticated Stored Cross-Site Scripting

The External Links in New Window / New Tab WordPress plugin before 1.43 does not properly escape URLs it concatenates to onclick event handlers, which makes Stored Cross-Site Scripting attacks possible.

Published
May 09, 2022
Patched Release
1.43
Affected Versions
Versions up to 1.42
Next Step
Update to 1.43 or newer if supported.
Open CVE-2022-1582 Report Open CVE Reference
Plugin Medium Patched: Yes CVE-2022-1583
CVE-2022-1583: External Links in New Window / New Tab <= 1.42 - Tabnabbing

The External Links in New Window / New Tab WordPress plugin before 1.43 does not ensure window.opener is set to "null" when links to external sites are clicked, which may enable tabnabbing attacks to occur.

Published
May 09, 2022
Patched Release
1.43
Affected Versions
Versions up to 1.42
Next Step
Update to 1.43 or newer if supported.
Open CVE-2022-1583 Report Open CVE Reference