Skip to content

Vendors API

GET /vendors

List the vendors.

Parameters:

  • search (optional): filter by keyword
  • letter (optional): filter by the first letter
  • page (optional, default: 1): the page to start

Example request:

GET /api/vendors HTTP/1.1
Host: example.com
Accept: application/json

Example response:

HTTP/1.1 200 OK

[
  ...
  {
    "name": "wordpress",
    "human_name": "Wordpress"
  },
  ...
]

GET /vendors/<string:name>

Get a specific vendor.

Example request:

GET /api/vendors/wordpress HTTP/1.1
Host: example.com
Accept: application/json

Example response:

HTTP/1.1 200 OK

{
  "name": "wordpress",
  "human_name": "Wordpress",
  "products": [
    "adserve",
    "alert_before_you_post",
    "blix",
    "blixed",
    "blixkrieg",
    "captcha",
    "cryptographp",
    "dean_logan_wp-people_plugin",
    "download_monitor_plugin",
    "fcchat_widget",
    "fgallery_plugin",
    "filemanager",
    "lanoba_social_plugin",
    "math_comment_spam_protection_plugin",
    "page_flip_image_gallery_plugin",
    "pay-with-tweet",
    "permalinks_migration_plugin",
    "peter\\'s_math_anti-spam_for_wordpress",
    "photo_album_plugin",
    "pictpress",
    "plugin_newsletter_plugin",
    "pool",
    "search_unleashed_plugin",
    "sirius",
    "slideshow_gallery2",
    "sniplets_plugin",
    "spambam_plugin",
    "st_newsletter_plugin",
    "unamed_theme",
    "unamed_theme_se",
    "upload_file_plugin",
    "wassup_plugin",
    "wordpress",
    "wordpress-users",
    "wordpress_mu",
    "wordpressclassic",
    "wordspew",
    "wp-contactform",
    "wp-footnotes",
    "wp_cal_plugin",
    "wp_download",
    "wp_downloads_manager",
    "wp_forum",
    "wp_maintenance_mode_plugin",
    "wpss"
  ]
}

GET /vendors/<string:name>/cve

Get the list of CVEs associated to a vendor.

Parameters:

  • search (optional): filter by keyword in summary
  • product (optional): filter by product name
  • cvss (optional): filter by CVSS (one of none, low, medium, high, critical)
  • cwe (optional): filter by CWE
  • page (optional, default: 1): the page to start

Example request:

GET /api/vendors/wordpress/cve HTTP/1.1
Host: example.com
Accept: application/json

Example response:

HTTP/1.1 200 OK

[
  ...
  {
    "id": "CVE-2019-16223",
    "summary": "WordPress before 5.2.3 allows XSS in post previews by authenticated users.",
    "created_at": "2019-09-11T14:15:00Z",
    "updated_at": "2021-01-04T18:15:00Z"
  },
  ...
]