WPVulnerability


Democratizing WordPress security information

Welcome to WPVulnerability, the WordPress Vulnerability Database API. This project is a 100% open and free API, for access by any WordPress user, with the sole purpose of improving the security of a site, thanks to this information.

Newsletter


You’ll only receive a newsletter when there is some news related to the WPVulnerability project.

Privacy Data, by:
ROBOTSTXT / ESB10708568
Carrer Wagner 28 1-4
08923 Santa Coloma, Barcelona (Spain)

  • 2024-09-24 API update

    ·

    New ImageMagick and curl Endpoints In line with our efforts to enhance the security of WordPress, in addition to the software itself, PHP, and the web servers, database servers, we have included…

    Read More →

  • 2024-08-16 API update

    ·

    New MariaDB and MySQL Endpoints In line with our efforts to enhance the security of WordPress, in addition to the software itself, PHP, and the web server, we have included vulnerabilities from…

    Read More →

  • 2024-01-29 API update

    ·

    PHP vulnerabilities, out of beta A few months ago, we started the PHP API with PHP vulnerabilities. And now, it’s finally fully available. We’ve been working to create a full database, and…

    Read More →

  • 2023-11-06 API update

    ·

    PHP vulnerabilities (beta) WordPress is not solely made up of the Core, Plugins, and Themes; it also requires additional components to operate effectively. The most crucial of these is PHP, which is…

    Read More →

  • 2023-08-13 API update

    ·

    Up-to-date One of the initial objectives of the WPVulnerability project has been to have as much information available in the most reliable way possible. And although we are constantly working on improving…

    Read More →

Some vulnerability’s statistics (2024-10-01)

31,264

plugin

2,339

themes

698

PHP

274

Apache

41

nginx

398

MariaDB

1,445

MySQL

600

ImageMagick

159

curl

19

memcached

27

Redis

52

SQLite

API

The API has available access to three elements: core, plugins and themes.

The API returns all contents in JSON and does not require any API Key. Please consider using it reasonably. If you are a big company or your users are going to use it intensively, please, make a donation.

Javier Casares

WPVulnerability project lead

If you have any suggestions, notices or notifications, please write to me.

You can also check our legal / company information at robotstxt.es.

Sample image