Start FREE

WordPress security vulnerability API for developers

Receive detailed information about the latest WordPress core, theme and plugin vulnerabilities 48 hours before they are made public.
Our vulnerability API is leveraged by

Integrate vulnerability data into your CLI tooling and services

48h early vulnerability detection
Monitor active exploitation
Prioritise updates with patch priority

Standard API includes

See API documentation
500 API calls / day
Single endpoint
Data 48h in advance

API datapoints:

Software name
Software type (plugin, theme, core)
Software type (free, premium)
Versioning info (fixed-in, ranges)
Patch priority
CVSS score
Link to database entry

Standard API JSON example 


"vulnerabilities":[
  {
    "title":"WordPress File Upload plugin <= 4.16.2 - Contributor+ Path Traversal vulnerability leading to Remote Code Execution (RCE)",
    "product_name":"WordPress File Upload",
    "product_slug":"wp-file-upload",
    "product_type":"Plugin",
    "fixed_in":"4.16.3",
    "patch_priority": 3,
    "cvss_score":8.8,
    "direct_url":"https://patchstack.com/database/vulnerability/wp-file-upload/wordpress-file-upload-plugin-4-16-2-contributor-path-traversal-vulnerability-leading-to-remote-code-execution-rce"
  },

Frequently asked questions

At this time each request is manually approved in order to avoid any misuse or abuse of the service.

Our add-ons do not have a trial period. If you are unhappy with the service, a 30-day money-back guarantee applies as stated in our Terms & Conditions.

No, you do not need to be signed up to a paid plan. However, in order to charge you, credit card credentials have to be set up (even on Community plan). To do so, sign up and navigate to Account > Billing.

Yes, you can. Visit API for hosts to see our extended API offering. However, each case is viewed and quoted individually. In order to do so, please reach out to us via the Intercom chat or contact form.

If you have questions, don't hesitate to reach out to Sander via live chat.

How to request access

1
Create a Patchstack account on any of our plans
2
Add billing details (regardless of the plan)
3
Navigate to Add-ons and request an API key
4
Receive the API key and set up your tooling or services

Integrated WordPress vulnerability data for $149 / mo

Need more? See Enterprise API

Website security

PricingFor WordPressFor WooCommerceFor agenciesFor hostsAPIDocumentationLog in

For plugin devs

Managed VDP
Log in
Active programsSecurity auditing

For researchers

Bug bounty
Log in
Guidelines
Learn
Discord

Resources

Vulnerability databaseWhitepaper 2024
Vulnerability statistics
Case studies
Articles

Patchstack

AboutCareers
Affiliates
Merch storeMedia kit

Socials

LinkedInFacebookX
Patchstack logo
© 2024 Patchstack
DPAPrivacy PolicyTerms & ConditionsCo-funded by EU logo
Looks like your browser is blocking our support chat widget. Turn off adblockers and reload the page.
crossmenu