API Access

Threat intelligence that fits real product workflows.

Use the VulnTitan API to enrich dashboards, automate WordPress checks and route version-aware vulnerability findings into your own systems without bloated integration overhead.

REST endpoint Bearer auth Version-aware lookup

Create Account View Plans

Auth

Bearer token

Subscription-backed token auth with predictable usage windows.

Coverage

Core, plugin, theme

One lookup surface for the full WordPress software stack.

Fit

Product-ready

Designed for dashboards, scanners and managed service workflows.

Plans

Choose the access model that matches your delivery volume.

The structure stays compact: evaluate with Free, ship with Pro, or move to Enterprise when throughput and commercial support become part of the requirement.

Evaluation

Free

Starter

$0 / mo

For developers evaluating the dataset and validating light integrations.

25 requests per day

Plugin, theme and core lookup

Single-key evaluation workflow

Start Free

Production

Pro

Most teams

$29 / mo

For products and teams that need routine lookup volume and fast delivery.

10,000 requests per month

Bulk plugin, theme and core scanning

Priority data updates and support

Subscription-managed token lifecycle

Purchase Pro

Dedicated throughput

Enterprise

Custom

For platforms that need negotiated volume, SLAs and rollout support.

Unlimited or negotiated request volume

Dedicated delivery model

Commercial support path

Custom rollout and reporting

Contact Sales

Request Contract

A small input surface for fast vulnerability lookup.

The goal is to keep the integration surface obvious: software type, optional slug where relevant, and version when you want filtered exposure data.

type

Must be plugin, theme or core so the API checks the right dataset.

Required

slug

Needed for plugin and theme lookups. Skip it when the request targets WordPress core.

Required for themes/plugins

version

When supplied, VulnTitan narrows the result set to the requested software version.

Optional

Operator Example

Single-plugin lookup with authenticated access.

Designed to be easy to wire into a dashboard, scanner or internal service with minimal ceremony.

Request

Single package lookup

GET /api/vulnerabilities?type=plugin&slug=contact-form-7&version=6.0.3

Authorization: Bearer YOUR_API_KEY

Response

Compact vulnerability payload

{
  "count": 1,
  "data": [
    {
      "title": "Contact Form 7 ...",
      "type": "plugin",
      "slug": "contact-form-7",
      "cvss_rating": "Medium",
      "patched_versions": ["6.0.6"]
    }
  ]
}

When version is omitted, the API returns all known vulnerabilities for the selected software across the indexed version history.

Terms and Limits

Built for legitimate product use and predictable scaling.

Create Account

Rate limits

Applied according to your subscription tier and visible through token usage windows.

Key usage

Each API key is intended for one project or deployment path to keep traffic attribution clean.

Abuse policy

Misuse can result in token suspension or access review.

Commercial terms

Enterprise contracts and SLAs are available when your rollout needs them.