WPVulnerability
Democratizing WordPress security information
Welcome to WPVulnerability, the WordPress Vulnerability Database API. This project is a 100% open and free API, for access by any WordPress user, with the sole purpose of improving the security of a site, thanks to this information.
Newsletter
You’ll only receive a newsletter when there is some news related to the WPVulnerability project.
Privacy Data, by:
ROBOTSTXT / ESB10708568
Carrer Wagner 28 1-4
08923 Santa Coloma, Barcelona (Spain)
2025-06-17 API update
·
Stability Improvements Over the past two weeks (June 1–14), we experienced some platform stability issues that have now been fixed. These problems caused 5xx errors. The issue with the origin server has…
2025-04-16 About the CVE
·
On this occasion, although we are still working on some improvements, I simply bring you this news because we do not yet know how it could affect the information we publish. Although…
2024-10-01 API update
·
New memcached, Redis, and SQLite Endpoints In line with our efforts to enhance the security of WordPress, in addition to the software itself, PHP, and the web servers, database servers, and other…
2024-09-24 API update
·
New ImageMagick and curl Endpoints In line with our efforts to enhance the security of WordPress, in addition to the software itself, PHP, and the web servers, database servers, we have included…
2024-08-16 API update
·
New MariaDB and MySQL Endpoints In line with our efforts to enhance the security of WordPress, in addition to the software itself, PHP, and the web server, we have included vulnerabilities from…
2024-02-11 API update
·
Apache HTTPD API endpoint, out of beta As we commented in the last API update, we have already published out of beta the endpoint of PHP vulnerabilities, and this time it is…
Some vulnerability’s statistics (2025-04-01)
38,889
plugin
2,648
themes
714
PHP
277
Apache
48
nginx
407
MariaDB
1,473
MySQL
601
ImageMagick
165
curl
20
memcached
57
Redis
57
SQLite
Check the statistics in our API.
API
The API has available access to three elements: core, plugins and themes.
The API returns all contents in JSON and does not require any API Key. Please consider using it reasonably. If you are a big company or your users are going to use it intensively, please, make a donation.
Software endpoints
Other endpoints
More information
Javier Casares
WPVulnerability project lead
If you have any suggestions, notices or notifications, please write to me.
You can also check our legal / company information at robotstxt.es.