🎉 NEW: Reduce alert fatigue with the new Patch Priority scoring system

WordPress security vulnerability API for developers

Receive detailed information about the latest WordPress core, theme and plugin vulnerabilities 48 hours before they are made public.

Our vulnerability API is leveraged by

Integrate vulnerability data into your CLI tooling and services

✓ 48h early vulnerability detection

✓ Monitor active exploitation

✓ Prioritise updates with patch priority

API for developers includes

See API documentation

500 API calls / day

Single endpoint

Data 48h in advance

Vulnerability API JSON example


"vulnerabilities":[
  {
    "title":"WordPress File Upload plugin <= 4.16.2 - Contributor+ Path Traversal vulnerability leading to Remote Code Execution (RCE)",
    "product_name":"WordPress File Upload",
    "product_slug":"wp-file-upload",
    "product_type":"Plugin",
    "fixed_in":"4.16.3",
    "patch_priority": 3,
    "cvss_score":8.8,
    "direct_url":"https://patchstack.com/database/vulnerability/wp-file-upload/wordpress-file-upload-plugin-4-16-2-contributor-path-traversal-vulnerability-leading-to-remote-code-execution-rce"
  },

Frequently asked questions

Why do I have ta request access to the API?

At this time each request is manually approved in order to avoid any misuse or abuse of the service.

Is there a trial period to try out the API?

Our add-ons do not have a trial period. If you are unhappy with the service, a 30-day money-back guarantee applies as stated in our Terms & Conditions.

Do I nead a Developer plan account to use the API?

No, you do not need to be signed up to a paid plan. However, in order to charge you, credit card credentials have to be set up (even on Community plan). To do so, sign up and navigate to Account > Billing.

Can I increase the number of API calls?

Yes, you can. Visit API for hosts to see our extended API offering. However, each case is viewed and quoted individually. In order to do so, please reach out to us via the Intercom chat or contact form.