https://github.com/typisttech/wordfence-api
Fetch WordPress vulnerability information from Wordfence vulnerability data feed.
https://github.com/typisttech/wordfence-api
wordfence wordpress wordpress-security
Last synced: 2 months ago
JSON representation
Fetch WordPress vulnerability information from Wordfence vulnerability data feed.
- Host: GitHub
- URL: https://github.com/typisttech/wordfence-api
- Owner: typisttech
- License: mit
- Created: 2024-12-03T05:58:06.000Z (6 months ago)
- Default Branch: main
- Last Pushed: 2025-01-19T18:22:56.000Z (5 months ago)
- Last Synced: 2025-03-30T13:03:45.816Z (2 months ago)
- Topics: wordfence, wordpress, wordpress-security
- Language: PHP
- Homepage:
- Size: 5.54 MB
- Stars: 1
- Watchers: 0
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# Wordfence API
[](https://packagist.org/packages/typisttech/wordfence-api)
[](https://github.com/typisttech/wordfence-api/blob/main/composer.json#:~:text=%22php%22%3A,%22%2C)
[](https://github.com/typisttech/wordfence-api/actions/workflows/test.yml)
[](https://codecov.io/gh/typisttech/wordfence-api)
[](https://github.com/typisttech/wordfence-api/blob/master/LICENSE)
[](https://x.com/tangrufus)
[](https://bsky.app/profile/tangrufus.com)
[](https://github.com/sponsors/tangrufus)
[](https://typist.tech/contact/)
Fetch WordPress vulnerability information from Wordfence vulnerability data feed.
Built with ♥ by Typist Tech---
## Usage
```php
use \TypistTech\WordfenceAPI\{Client, Feed, Record};$client = new Client;
// Alternatively, use `Feed::Scanner`` for the scanner feed.
$records = $client->fetch(Feed::Production);foreach($records as $record) {
/** @var Record $record */
echo $record->title;
}
```## Installation
```bash
composer require typisttech/wordfence-api
```## Known Issues
### `Allowed memory size of 999999 bytes exhausted (tried to allocate 99 bytes)`
> [!TIP]
> Set `memory_limit` on the fly as a temporary fix:
>
> ```bash
> php -d memory_limit=512MB your-script.php
> ```As of December 2024, the [production Wordfence vulnerability data feed](https://www.wordfence.com/api/intelligence/v2/vulnerabilities/production) is over 80 MB.
[`Client`](src/Client.php) downloads the feed into memory and `json_decode()` the entire feed all in one go.
It causes PHP to run out of memory.A possible solution is to use a streaming JSON parser like [`json.Decoder`](https://pkg.go.dev/encoding/json#example-Decoder.Decode-Stream) in Go.
If you know how to do that in PHP, please send pull requests. :bow:## Credits
[`Wordfence API`](https://github.com/typisttech/wordfence-api) is a [Typist Tech](https://typist.tech) project and
maintained by [Tang Rufus](https://x.com/TangRufus), freelance developer [for hire](https://typist.tech/contact/).Full list of contributors can be found [on GitHub](https://github.com/typisttech/wordfence-api/graphs/contributors).
## Copyright and License
This project is a [free software](https://www.gnu.org/philosophy/free-sw.en.html) distributed under the terms of
the MIT license. For the full license, see [LICENSE](./LICENSE).### Wordfence Intelligence Terms and Conditions
Before using Wordfence Vulnerability Data Feed API, you must read and agree to the [Wordfence Intelligence Terms and Conditions](https://www.wordfence.com/wordfence-intelligence-terms-and-conditions/).
Learn more at [Wordfence help documentation](https://www.wordfence.com/help/wordfence-intelligence/v2-accessing-and-consuming-the-vulnerability-data-feed/#vulnerability-data-feed).
If you have any questions about the terms and conditions, please contact Wordfence directly.
### MITRE Attribution Requirement
Any company or individual who uses Wordfence vulnerability database API needs to display the MITRE copyright
claims included in that vulnerability record for any MITRE vulnerabilities that they display to their end user.Learn more at [Wordfence help documentation](https://www.wordfence.com/help/wordfence-intelligence/v2-accessing-and-consuming-the-vulnerability-data-feed/#mitre_attribution_requirement).
If you have any questions about the attribution requirement, please contact Wordfence directly.
## Contribute
Feedbacks / bug reports / pull requests are welcome.