WPVulnerability

WordPress Vulnerability Database API

WPVulnerability

Democratizing WordPress security information

API endpoints →
WordPress plugin

Welcome to WPVulnerability, the WordPress Vulnerability Database API. This project is a 100% open and free API, for access by any WordPress user, with the sole purpose of improving the security of a site, thanks to this information.

ROBOTSTXT
ROBOTSTXT
Sample image
Cloud City
Sample image
seravo
Sample image
ModularDS

Contributors

Sample image
Javier Casares
Sample image
David Perez
Sample image
Alex Lion
Sample image
Lucas Bonomo
Sample image
Daniel Kudwien

Newsletter

You’ll only receive a newsletter when there is some news related to the WPVulnerability project.

Privacy Data, by:
ROBOTSTXT / ESB10708568
Carrer Wagner 28 1-4
08923 Santa Coloma, Barcelona (Spain)

  • 2023-01-03 API update

    ·

    Javier Casares

    Wordfence vulnerabilities As we announced 3 weeks ago, we’ve added, review, and checked over 9,500 new vulnerabilities and added hundreds of new plugins and themes to the API. This has helped to…

    Read More →

  • 2022-12-20 API update

    ·

    Javier Casares

    Closed plugins From now on, plugins that are closed, or are going to close, in the WordPress.org repository, will automatically cause all vulnerabilities in that plugin to mark that the plugin is…

    Read More →

  • 2022-11-01 API update

    ·

    Javier Casares

    Fix (v1.5.1) There was an incongruencies between the “updated” data in the “last updated” API and the “public” API. This value should be the date (unixtime) when, in the database, the information…

    Read More →

  • 2022-10-04 API update

    ·

    Javier Casares

    Plugins API The Plugins API includes, from today, a new field called “latest” that informs, in UNIXTIME, the date of last update of a plugin. It is not available in all plugins…

    Read More →

Some vulnerability’s statistics (2024-10-01)

30,395

plugin

2,325

themes

694

PHP

274

Apache

41

nginx

396

MariaDB

1,401

MySQL

600

ImageMagick

159

curl

19

memcached

27

Redis

52

SQLite

Check the statistics in our API.

API

The API has available access to three elements: core, plugins and themes.

The API returns all contents in JSON and does not require any API Key. Please consider using it reasonably. If you are a big company or your users are going to use it intensively, please, make a donation.

WordPress endpoints
Software endpoints
Other endpoints
More information

Javier Casares

WPVulnerability project lead

If you have any suggestions, notices or notifications, please write to me.

You can also check our legal / company information at robotstxt.es.

Sample image