Where information is displayed when it shouldn't be.
The module does not secure settings that are exposed using the rarely used sub-module Flag Bookmark.
Discloses statistical information about content and hardens possible risks with bespoke user registration forms.
Bypassing subscriptions to group membership.
Uncommon setups may be exposed to these risks.
Exposes SKUs and titles for access restricted products.
Mixed risks. Upgrade highly recommeded.
Only an issue if the permission "Register other accounts" is granted to anonymous users.
Multiple vulnerabilities, you should upgrade!
The module does not check access properly under certain circumstances.
Looking for support for your existing Drupal site?Planning something new?
We would love to help!
Get in touch with us for more details or a free quote for your Drupal project or to organise a meet-up over a coffee.
07 3077 7295 email@example.com Client Portal