Discover the latest security update for Drupal's Registration role module, addressing an access bypass vulnerability championed by the diligent efforts of the Drupal Security Team.
As Drupal 7's support nears closure, a proposal emerges for an independent D7Security team on Github, aiming to sustain vital module security beyond the support end date.
The module doesn't sufficiently verify that it's communicating with the correct server when using the Elavon (On-site) payment gateway, to correct this you can install the latest version.
The Tagify module security update helps deal access bypass as an attacker with the permission "access content" can view and reference unpublished terms.