WPVulnerability

Democratizing WordPress security information

Welcome to WPVulnerability, the WordPress Vulnerability Database API. This project is a 100% open and free API, for access by any WordPress user, with the sole purpose of improving the security of a site, thanks to this information.

Contributors

Newsletter

You’ll only receive a newsletter when there is some news related to the WPVulnerability project.

Privacy Data, by:
ROBOTSTXT / ESB10708568
Carrer Wagner 28
08923 Santa Coloma, Barcelona (Spain)

2025-06-17 API update
2025-06-17
·
Javier Casares
Stability Improvements Over the past two weeks (June 1–14), we experienced some platform stability issues that have now been fixed. These problems caused 5xx errors. The issue with the origin server has…
Read More →
2025-04-16 About the CVE
2025-04-16
·
Javier Casares
On this occasion, although we are still working on some improvements, I simply bring you this news because we do not yet know how it could affect the information we publish. Although…
Read More →
2024-10-01 API update
2024-10-01
·
Javier Casares
New memcached, Redis, and SQLite Endpoints In line with our efforts to enhance the security of WordPress, in addition to the software itself, PHP, and the web servers, database servers, and other…
Read More →
2024-09-24 API update
2024-09-24
·
Javier Casares
New ImageMagick and curl Endpoints In line with our efforts to enhance the security of WordPress, in addition to the software itself, PHP, and the web servers, database servers, we have included…
Read More →
2024-08-16 API update
2024-08-16
·
Javier Casares
New MariaDB and MySQL Endpoints In line with our efforts to enhance the security of WordPress, in addition to the software itself, PHP, and the web server, we have included vulnerabilities from…
Read More →
2024-02-11 API update
2024-02-11
·
Javier Casares
Apache HTTPD API endpoint, out of beta As we commented in the last API update, we have already published out of beta the endpoint of PHP vulnerabilities, and this time it is…
Read More →

Some vulnerability’s statistics (2025-07-01)

39,704

plugin

2,800

themes

714

PHP

277

Apache

nginx

407

MariaDB

1,473

MySQL

601

ImageMagick

165

curl

memcached

Redis

SQLite

Check the statistics in our API.

API

The API has available access to three elements: core, plugins and themes.

The API returns all contents in JSON and does not require any API Key. Please consider using it reasonably. If you are a big company or your users are going to use it intensively, please, make a donation.

WordPress endpoints

Software endpoints

Other endpoints

More information

Javier Casares

WPVulnerability project lead

If you have any suggestions, notices or notifications, please write to me.

You can also check our legal / company information at robotstxt.es.

WPVulnerability Database API

WPVulnerability

Sponsored by

Contributors

2025-06-17 API update

2025-04-16 About the CVE

2024-10-01 API update

2024-09-24 API update

2024-08-16 API update

2024-02-11 API update

Some vulnerability’s statistics (2025-07-01)

API

Javier Casares