Browse all 5 CVE security advisories affecting Merv Barrett. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Merv Barrett develops enterprise software solutions with a core focus on business process automation. Historically, vulnerabilities in Barrett's products have commonly included remote code execution, cross-site scripting, and privilege escalation flaws. The security posture has been marked by inconsistent patch release timelines, with five CVEs documented to date. Notable incidents include a 2022 RCE vulnerability affecting multiple product versions that remained unpatched for 87 days, and a persistent XSS issue in the user authentication module that was present across three major releases. These patterns suggest a need for more robust security testing and faster remediation processes in the development lifecycle.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-68072 | WordPress Easy Property Listings plugin <= 3.5.20 - Broken Access Control vulnerability — Easy Property ListingsCWE-862 | 6.5 | Medium | 2026-01-22 |
| CVE-2025-62112 | WordPress Import into Easy Property Listings plugin <= 2.2.1 - Cross Site Request Forgery (CSRF) vulnerability — Import into Easy Property ListingsCWE-352 | 4.3 | Medium | 2025-12-30 |
| CVE-2025-64242 | WordPress Easy Property Listings plugin <= 3.5.22 - Broken Access Control vulnerability — Easy Property ListingsCWE-862 | 4.3 | Medium | 2025-12-16 |
| CVE-2024-32799 | WordPress Easy Property Listings plugin <= 3.5.3 - Broken Access Control vulnerability — Easy Property ListingsCWE-862 | 5.3 | Medium | 2024-06-09 |
| CVE-2020-5530 | Easy Property Listings 跨站请求伪造漏洞 — Easy Property Listings | 8.8 | - | 2020-02-18 |
This page lists every published CVE security advisory associated with Merv Barrett. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.