{"id":19433213,"url":"https://github.com/ssnepenthe/soter-core","last_synced_at":"2026-05-16T22:33:51.190Z","repository":{"id":57058752,"uuid":"90481806","full_name":"ssnepenthe/soter-core","owner":"ssnepenthe","description":"A very basic library for interacting with the WPScan Vulnerability Database API.","archived":false,"fork":false,"pushed_at":"2019-09-28T01:13:44.000Z","size":143,"stargazers_count":0,"open_issues_count":6,"forks_count":2,"subscribers_count":1,"default_branch":"master","last_synced_at":"2025-07-13T18:43:57.291Z","etag":null,"topics":["php","vulnerabilities","wordpress","wpscan-vulnerability-database","wpvulndb"],"latest_commit_sha":null,"homepage":"","language":"PHP","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/ssnepenthe.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2017-05-06T18:05:03.000Z","updated_at":"2017-09-27T03:35:12.000Z","dependencies_parsed_at":"2022-08-24T07:40:05.915Z","dependency_job_id":null,"html_url":"https://github.com/ssnepenthe/soter-core","commit_stats":null,"previous_names":[],"tags_count":2,"template":false,"template_full_name":null,"purl":"pkg:github/ssnepenthe/soter-core","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ssnepenthe%2Fsoter-core","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ssnepenthe%2Fsoter-core/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ssnepenthe%2Fsoter-core/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ssnepenthe%2Fsoter-core/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/ssnepenthe","download_url":"https://codeload.github.com/ssnepenthe/soter-core/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ssnepenthe%2Fsoter-core/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":33121204,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-16T18:38:32.183Z","status":"ssl_error","status_checked_at":"2026-05-16T18:38:29.903Z","response_time":115,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["php","vulnerabilities","wordpress","wpscan-vulnerability-database","wpvulndb"],"created_at":"2024-11-10T14:38:47.752Z","updated_at":"2026-05-16T22:33:51.170Z","avatar_url":"https://github.com/ssnepenthe.png","language":"PHP","funding_links":[],"categories":[],"sub_categories":[],"readme":"# soter-core\nSoter Core is a simple library for interacting with the [WPScan Vulnerability Database](https://wpvulndb.com/) API.\n\nIt contains the core logic for [Soter](https://github.com/ssnepenthe/soter) and [Soter Command](https://github.com/ssnepenthe/soter-command).\n\n## Requirements\nThis package requires Composer. It *should* work down to PHP 5.3, however it is only properly tested down to PHP 5.6 since that is now the minimum required version for [10up/WP_Mock](https://github.com/10up/wp_mock).\n\n## Installation\n```\ncomposer require ssnepenthe/soter-core\n```\n\n## Usage\nDepending on your use-case, you should be interacting with either the `Api_Client` class or the `Checker` class.\n\n### API Client\n```PHP\n$client = new Soter_Core\\Api_Client(\n    new Soter_Core\\Cached_Http_Client(\n        new Soter_Core\\WP_Http_Client( 'Some user agent string' ),\n        new Soter_Core\\WP_Transient_Cache( 'unique-prefix', HOUR_IN_SECONDS )\n    )\n);\n```\n\nThe API client exposes a `-\u003echeck()` method which can be used to check a `Soter_Core\\Package` instance against the API:\n\n```PHP\n$plugin = new Soter_Core\\Package( 'contact-form-7', Soter_Core\\Package::TYPE_PLUGIN, '4.9' );\n$response = $client-\u003echeck( $plugin );\n\n$theme = new Soter_Core\\Package( 'twentyfifteen', Soter_Core\\Package::TYPE_THEME, '1.8' );\n$response = $client-\u003echeck( $theme );\n\n// WordPress \"slug\" is the version string stripped of periods.\n$wordpress = new Soter_Core\\Package( '481', Soter_Core\\Package::TYPE_WORDPRESS, '4.8.1' );\n$response = $client-\u003echeck( $wordpress );\n```\n\nResponses will be an instance of `Soter_Core\\Response`. You can check package vulnerabilities using the following methods:\n\n`-\u003ehas_vulnerabilities()` - Returns a boolean value indicating whether there are any recorded vulnerabilities for a given package.\n\n`-\u003eget_vulnerabilities()` - Returns an instance of `Soter_Core\\Vulnerabilities` representing all vulnerabilities that have ever affected a given package.\n\n`-\u003eget_vulnerabilities_by_version( string $version = null )` - Returns an instance of `Soter_Core\\Vulnerabilities` representing all vulnerabilities which affect a given package at the given version.\n\n`-\u003eget_vulnerabilities_for_current_version()` - Returns an instance of `Soter_Core\\Vulnerabilities` representing all vulnerabilities which affect a given package at the version checked against the API.\n\n### Checker\n```PHP\n$checker = new Soter_Core\\Checker(\n    new Soter_Core\\Api_Client(\n        new Soter_Core\\Cached_Http_Client(\n            new Soter_Core\\WP_Http_Client( 'Some user agent string' ),\n            new Soter_Core\\WP_Transient_Cache( 'unique-prefix', HOUR_IN_SECONDS )\n        )\n    ),\n    new Soter_Core\\WP_Package_Manager()\n);\n```\n\nThe following methods are available on a checker instance:\n\n`-\u003echeck_site( array $ignored = array() )` - Checks the current version of all installed packages (plugins, themes and core) and returns an instance of `Soter_Core\\Vulnerabilities`. An optional array of package slugs that should not be checked can be provided.\n\n`-\u003echeck_plugins( array $ignored = array() )` - Checks the current version of all installed plugins and returns an instance of `Soter_Core\\Vulnerabilities`. An optional array of plugin slugs that should not be checked can be provided.\n\n`-\u003echeck_themes( array $ignored = array() )` - Checks the current version of all installed themes and returns an instance of `Soter_Core\\Vulnerabilities`. An optional array of theme slugs that should not be checked can be provided.\n\n`-\u003echeck_wordpress( array $ignored = array() )` - Checks the current version of WordPress and returns an instance of `Soter_Core\\Vulnerabilities`. An optional array of WordPress \"slugs\" that should not be checked can be provided. Keep in mind that the slug used for WordPress is the version string stripped of periods (e.g. '475' for version 4.7.5).\n\nYou can also add any number of callbacks to be run after each package is checked.\n\nEach callback will be called with a `Soter_Core\\Vulnerabilities` instance and a `Soter_Core\\Response` instance.\n\nAs a simple example, you might do something like the following to log error responses for debugging purposes:\n\n```PHP\n$checker-\u003eadd_post_check_callback( function( $vulnerabilities, $response ) {\n    if ( ! $response-\u003eis_error() ) {\n        return;\n    }\n\n    // Ex: \"Error checking plugin not-a-real-plugin with message: Non-200 status code received\"\n    $this-\u003elogger-\u003edebug( 'Error checking {type} {slug} with message: {message}', [\n        'message' =\u003e $response-\u003eerror['message'],\n        'slug' =\u003e $response-\u003eget_package()-\u003eget_slug(),\n        'type' =\u003e $response-\u003eget_package()-\u003eget_type(),\n    ] );\n} );\n```\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fssnepenthe%2Fsoter-core","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fssnepenthe%2Fsoter-core","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fssnepenthe%2Fsoter-core/lists"}