Project: Workbench Moderation
Security risk: *Moderately critical* 11∕25
Vulnerability: Access bypass
The Workbench Moderation module adds arbitrary moderation states to Drupal
core's "unpublished" and "published" node states, and affects the behavior of
node revisions when nodes are published.
In some conditions, content moderation fails to check a users access to use
certain transitions, leading to an access bypass.
This issue is related to the Drupal Core release SA-CORE-2018-006.
Install the latest version:
* If you use the Workbench Moderation module for Drupal 8.x, upgrade to
Workbench Moderation 8.x-1.4