Esta vulnerabilidad, también conocida como reverse tabnabbing, un tipo de ataque de phishing en el que el atacante reemplaza la pestaña legítima, y fiable, por un documento malicioso usando el selector window.opener.location.assign() cuando se accede mediante un enlace de apertura en nueva ventana/pestaña, o sea del tipotarget=»_blank». noopener noreferrer. This is designed specifically to combat malicious phishing attacks called reversed tabnabbing.It is a type of a hacking attack best described in the following manner: the link target page, often called a child page, can contain malicious code. This means the limited cross-window access will become asynchronous, but the benefit is improved security and performance. When you let a link open in a new tab/window, there is a target_"blank" added to the link, but since the last update of WordPress, automatically they add the rel attribute "noopener and noreferrer" to it at the same time. I ran a test suite over all the browser/platform combinations available on Browserstack: sources, report. However, I always wonder if Google honors this wish. Noreferrer determines whether information is transmitted to the external website about the origin of the website visit. We also use third-party cookies that help us analyze and understand how you use this website. The noopener keyword for the rel attribute of the , , and