Security Update

Security

Drupal Core Security Update: New Features and Fixes

Share

× SHARE

Drupal Core Security got released on 18th Jan 2023, Get started by downloading the official Drupal core files. ...more

Read Full Content
Security

Critical Vulnerabilities found in Drupal Core

Share

× SHARE

Multiple vulnerabilities are possible if an untrusted user has access to write Twig code, including potential unauthorized read access to private files, the contents of other files on the server, or database credentials. ...more

Read Full Content
Security

Moderately Critical Commerce Elavon Security Update

Share

× SHARE

The module doesn't sufficiently verify that it's communicating with the correct server when using the Elavon (On-site) payment gateway, to correct this you can install the latest version. ...more

Read Full Content
Security

Moderately Critical Context Module Security Update

Share

× SHARE

This security update addresses the cross site scripting vulnerability for the Context Module. ...more

Read Full Content
Security

Moderately Critical PDF Generator API Security Advisory

Share

× SHARE

This security update offers solution to moderately critical remote code execution vulnerability for the PDF Generator API module. ...more

Read Full Content
Security

Moderately Critical Tagify Security Update

Share

× SHARE

The Tagify module security update helps deal access bypass as an attacker with the permission "access content" can view and reference unpublished terms. ...more

Read Full Content
Security

Moderately Critical Drupal Core Multiple Vulnerabilities Update

Share

× SHARE

The Media oEmbed iframe route does not properly validate the iframe domain setting, which allows embeds to be displayed in the context of the primary domain. To correct this install the recent version of Drupal 9. ...more

Read Full Content
Security

Critical Drupal Core Arbitrary PHP Code Execution Security Update

Share

× SHARE

The recent security release included a critical Arbitrary PHP code execution update. ...more

Read Full Content
Security

Moderately Critical Drupal Core Access Bypass Update

Share

× SHARE

Under certain circumstances, the Drupal core form API evaluates form element access incorrectly. In order to solve that install the latest Drupal 9 versions. ...more

Read Full Content
Security

Moderately Critical Core Security Update for Information Disclosure

Share

× SHARE

Recent Drupal core security update for information disclosure was released this week. To solve this issue you need to use the updated version of Drupal 7, 8 and 9. ...more

Read Full Content
Security

Moderately critical Security Update - Multiple: Remote Code Execution, Information disclosure

Share

× SHARE

This security advisory corresponds to a 3rd party vulnerability. The solution is to install the latest version (8.x-2.6) of this module and update dompdf/dompdf at the same time. ...more

Read Full Content
Security

Moderately Critical Lottiefiles Field Security Update

Share

× SHARE

The module does not sufficiently filter user-provided text on output, resulting in a Cross-Site Scripting (XSS) vulnerability. The solution is to use the latest updated version. ...more

Read Full Content

Latest

Display Builder Beta 2 Released with New Features and Tutorial Video

09 February 2026
The “Lego Set” for the AI Era: Inside Cetacean Labs’ Oceanic Platform

09 February 2026
Dripyard Releases Meridian Theme Built on Single Directory Components

09 February 2026

Follow @thedroptimes