If your website is built in drupal, we recommend ensuring you have a good back-up and checking if your site is vulnerable. Give us a call if you need help.

The vulnerability allows an attacker, leveraging multiple attack vectors, to take complete control of a website. The Drupal team estimates that at the time of the announcement over 1 million sites are affected, about 9% of Drupal sites.

You can find the full details on the Wordfence blog.