Skip to main content
CVE-2025-14478 HIGH This Week

Demo Importer Plus (WordPress plugin) is affected by improper restriction of xml external entity reference (CVSS 7.5).

WordPress PHP XXE
NVD
CVSS 3.1
7.5
EPSS
0.1%
CVE-2026-0517 HIGH This Week

Secure Access Server versions before 14.20 are vulnerable to a network-based denial-of-service attack where unauthenticated attackers can crash the server by sending specially crafted packets. This vulnerability requires no user interaction and is easily exploitable over the network, though no patch is currently available. Organizations running affected versions should implement network-level mitigations to restrict access to the vulnerable service.

Denial Of Service Secure Access
NVD
CVSS 3.1
7.5
EPSS
0.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy