Description
WordPress Plugin External Links-nofollow, noopener & new window is prone to a cross-site request forgery vulnerability. Exploiting this issue may allow a remote attacker to perform certain administrative actions and gain unauthorized access to the affected application; other attacks are also possible. WordPress Plugin External Links-nofollow, noopener & new window version 2.57 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 2.58 or latest
References
Related Vulnerabilities
WordPress Plugin Feed Them Social-for Twitter feed, Youtube and more PHAR Deserialization (2.9.8.5)
Internet Information Services Improper Input Validation Vulnerability (CVE-1999-0867)
WordPress 4.7.x Multiple Vulnerabilities (4.7 - 4.7.5)
WordPress Plugin iQ Block Country Cross-Site Scripting (1.1.19)