• Hi,

    Firstly, thank you for a great plugin, it works really nice.

    However, we were running a security test and it got triggered on target=”_blank” instances. In your plugin you have class-author-bio-box-frontend.php file, line 96.

    $html .= ‘<a target=”_blank” rel=”nofollow noopener noreferrer” href=”‘ . esc_url(

    Could you change it to target=”external” and make this a bit more safer!

    $html .= ‘<target=”external” rel=”nofollow noopener noreferrer” href=”‘ . esc_url(

    We already hardcoded changes locally (monkey patch) but it would be nice to have this one liner change within next versions of plugin! It will also result in higher security score for the plugin itself.

    Kind regards,
    Milan

  • The topic ‘Security issue caused by target=”_blank”, one liner change proposal’ is closed to new replies.