Skip to content

Evolve Framework update 1.0.4

by Evolve in WordPress on

The other day, a very well written article appeared on The Practical Developer, a comprehensive and not to be missed publication if you make a living out of creating software.

The article explained a very peculiar vulnerability that is intrinsic when using the target="_blank" directive for our HTML links; turns out, as odd as this bug might sound, that its dangerousness is inversely proportional to the ease of exploit.

Long story short: it’s better to accompany your target="_blank"s with a rel="noopener noreferrer" attribute, in order not to give the landing page access to the browser tab that originated it, a thing that could potentially be malicious.

As a result of learning this, today we’re updating the Evolve Framework with a fix that takes care of resolving the issue on Brix as well: simply update the Evolve Framework plugin to the latest version (currently 1.0.4), and you’ll be good to go.

Leave a Reply

Your email address will not be published. Required fields are marked *