Does MerPress have any unpatched vulnerabilities?

No. All known vulnerabilities in MerPress have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is MerPress compatible with WordPress 6.7.5?

According to WordPress.org data, MerPress 1.1.11 has been tested up to WordPress 6.7.5. Check the plugin's changelog for the latest compatibility information.

Is MerPress compatible with PHP 7.2+?

MerPress requires PHP 7.2 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is MerPress updated?

MerPress was last updated on Aug 4, 2025. Frequent updates are generally a positive security signal.

What is MerPress's security score?

MerPress has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

MerPress Security & Risk Analysis

wordpress.org/plugins/merpress

Merpress lets you create diagrams and visualizations using MermaidJS.

900 active installs v1.1.11 PHP 7.2+ WP 4.6+ Updated Aug 4, 2025

blockdiagramsflowchartmermaidposts

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is MerPress Safe to Use in 2026?

Generally Safe

Score 100/100

MerPress has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 8mo ago

Risk Assessment

Based on the provided static analysis, Merops v1.1.11 exhibits an excellent security posture. The plugin demonstrates a strong adherence to secure coding practices, with no identified dangerous functions, no raw SQL queries, and all output properly escaped. The absence of file operations and external HTTP requests further reduces potential attack vectors. Notably, the analysis shows zero AJAX handlers, REST API routes, shortcodes, or cron events, resulting in a completely unexposed attack surface. This suggests a well-contained plugin with minimal interaction points that could be exploited.

The taint analysis further reinforces this positive assessment, with no identified flows with unsanitized paths at any severity level. This indicates that user-supplied data, if it were to enter the plugin, is likely handled in a secure manner. The vulnerability history is also clear, with no recorded CVEs of any severity. This lack of past vulnerabilities, combined with the current clean static analysis, points to a well-maintained and secure plugin over its lifecycle.

In conclusion, Merops v1.1.11 appears to be a highly secure plugin. Its zero-attack surface, robust code signals like prepared statements and output escaping, and complete lack of historical vulnerabilities are significant strengths. There are no apparent weaknesses identified in this analysis that would warrant a deduction.

Vulnerabilities

None known

MerPress Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

MerPress Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

0 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Attack Surface

MerPress Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 1

actioninitmerpress.php:22

Maintenance & Trust

MerPress Maintenance & Trust

Maintenance Signals

WordPress version tested6.7.5

Last updatedAug 4, 2025

PHP min version7.2

Downloads8K

Community Trust

Rating100/100

Number of ratings3

Active installs900

Alternatives

MerPress Alternatives

GenerateBlocks

generateblocks

A small collection of lightweight WordPress blocks that can accomplish nearly anything.

200K 5 CVEs

Content Views – Post Grid & Filter, Recent Posts, Category Posts … (Shortcode, Gutenberg Blocks, and Widgets for Elementor)

content-views-query-and-display-post-page

Easy to show posts, pages, custom posts in customizable grid, list, slider, accordion... Available as Widgets (for Elementor), Shortcode, and Blocks.

100K 4 CVEs

Category Posts Widget

category-posts

Adds a widget that shows the most recent posts from a single category.

40K 2 CVEs

Latest Posts Block – Dynamic Posts Grid, Posts List, Posts Tile with Stunning Layouts for WordPress Blogs & Pages

latest-posts-block-lite

100

Dynamic Posts Grid, Posts List, Posts Tile with Stunning Layouts for WordPress Blogs & Pages

8K No CVEs

Latest Post Shortcode

latest-post-shortcode

The "Latest Post Shortcode" allows you to create a dynamic content selection from your posts by combining, limiting, and filtering what you need.

4K 2 CVEs

Developer Profile

MerPress Developer Profile

neffff

3 plugins · 940 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect MerPress

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/merpress/public/mermaid.min.js

Script Paths