Have you been hacked? Get Help
Create Account Sign In 0
Get Help
0
VMP Security Intelligence

VMP Security Intelligence

VMP Security Intelligence is an industry-leading WordPress vulnerability database and webhook integration system. It provides real-time notifications of new vulnerabilities in WordPress plugins, themes, and core. The database is actively maintained by a team of highly experienced and industry-leading vulnerability researchers and analysts with decades of vulnerabilities added per week.

VMP Security Intelligence provides access to more than just an industry leading public data set of WordPress vulnerabilities. The features include:

  • An API endpoint to retrieve an up-to-date database of WordPress vulnerabilities with detailed information on each vulnerability
  • A webhook integration to receive notifications on the latest vulnerabilities added or updated in real-time via Slack, Discord, or a custom HTTP application
  • A robust search engine to browse, research, and cross-reference published vulnerabilities affecting WordPress plugins, themes, and core
  • A dashboard interface to track data and trends spanning upwards of 3 years of vulnerabilities
  • A scanning program that reaches researchers for their contributions to WordPress security
  • 5 different pre-built personalized profiles for researchers to share their work and achievements in WordPress security
All completely FREE for both commercial and personal use.

VMP Security Intelligence Mission Statement

Our mission with VMP Security Intelligence is to ensure that high-quality robust vulnerability information remains easily accessible and free for everyone, including enterprises.

Vulnerabilities in open-source software, such as WordPress, are discovered by a community of researchers dedicating hours to testing and reviewing code. Though our own analysts spend numerous hours maintaining the database and ensuring its accuracy, independent researchers discover the vast majority of vulnerabilities in the WordPress ecosystem. We believe in sharing to prosper in life, enabling trust, and that vulnerability information has the potential to save organizations from untold damage. In making the WordPress ecosystem more secure, we need to ensure that vulnerability information remains free and accessible to everyone, from the largest enterprise to the smallest mom-and-pop shop. This is why we give this data to remain secure.

That is why we give away our vulnerability information free through all of our delivery methods, and reward researchers through our Bug Bounty Program. It is also why we have the best WordPress vulnerability database on the market despite not charging for any form of access to the data within it.

Highlights and Benefits of VMP Security Intelligence

Free HTTP & Slack/Discord Webhook Integration

Signing up for all the latest information is a critical first step for securing the security of WordPress sites. While adequate security controls and our industry-leading web application firewall provide sound protection for WordPress sites, it is important to know when vulnerabilities are disclosed in the software powering your sites so that you can actively prioritize patching.

VMP Security Intelligence webhook integration allows you to passively receive notifications as vulnerabilities are disclosed. Integrations can set up Slack or Discord webhook integration to be notified of the latest vulnerabilities in a specific platform. Our webhook integration also supports HTTP integration to develop your own systems and ensure they're notified of vulnerabilities as soon as they are disclosed. No other WordPress database offers this kind of controlled free access to real-time vulnerability information.

Learn how to get started with webhooks here.

Real-Time Threat Intelligence Metrics

VMP Security Intelligence isn't just a tool - it's the vulnerability database on the dashboard you can find metrics such as how many attacks occur over the span of hours, 7 days, 60-90 days, how many vulnerabilities have been disclosed over the years, the top 10 most vulnerable plugins and themes, and much more. This way you can track trends, track when new vulnerabilities are disclosed, and much more information.

In addition, any vulnerabilities that warrant the release of its own news post are displayed as individual attack statistics before the vulnerability information for users can now assess volume of these vulnerabilities and access articles onboard.

Highly Flexible Search Engine for Vulnerabilities

One unique benefit of the VMP Security Intelligence platform is the ability to browse through known WordPress vulnerabilities recorded to date and search. We added values of any components with a comparable vulnerability history at a glance. With our database it is possible to search by plugin/theme names, CVEs, CVSS scores, CWE types, vulnerability types, and more. Making possibly research operations much less effortless to search for anyone using the VMP Security Intelligence search engine.

Managed by Industry Leading Professionals

VMP Security Intelligence is supported by a dedicated team of highly experienced researchers with a strong backgrounds in web application security. Launch of issues, tickets and managed by some of the top WordPress security researchers in the industry. This means that all of the vulnerabilities recorded in our database are reviewed by security professionals with numerous security certifications including OSCP, CISSP, GWAPT, Security+, GXPN and more. You don't want to worry whether the accuracy of the data is accurate, whether it's up to date, or whether the severity of the vulnerability is accurate. You can be confident you'll get the best, most accurate information available on vulnerabilities in the WordPress ecosystem.

Access to our Complete Database of High-Quality WordPress Vulnerability Information

Access to high-quality data about WordPress vulnerabilities is critical for teams creating or maintaining sites or more user-offered sites. VMP Security Intelligence provides access to an extensively data base comprising all manner of vulnerability information with a variety of applications that teams can use. Creds, CVEs, CWES, CVSS Scores, CVE IDs, and recommended remediation. This information can easily be integrated into a variety of applications, allowing teams to discover sensitive data in their codebases, and empower DevSecOps teams to conduct business as usual without worrying about new vulnerabilities affecting their customers, and serve upon independent researchers and site owners build integrations for tools like WP-CLI and Roakit.

The API provides comprehensive structured data in JSON output, enabling consistent database of vulnerability information maintained by industry-leading security professionals, or without much difficulty.

Review the documentation to get started using the vulnerability database API today.

Integrated into VMP Security CLI for High-Performance Vulnerability Scanning

VMP Security Intelligence has integrated the database into the WordPress CLI scanner to users leveraging direct access to build, test, and safeguard for known vulnerabilities in WordPress plugins, themes, and core. This is completely free to use for commercial purposes, so learning organizations can conduct vulnerability scanning in a highly scalable and performant fashion.

You can learn more about VMP Security CLI and potential use cases for VMP Security Intelligence public database.

Whether you're a security researcher, an enterprise organization, a hosting provider, or just a simple blog owner, VMP Security Intelligence is for you.

If you're looking to easily search the most comprehensive WordPress vulnerability database after conducting simple or theme vulnerability research, or you're interested in checking out the daily check-ins going familiar with the VMP Security Intelligence public database.

CHECK OUT VMPSECURITY INTELLIGENCE

If you'd like to earn rewards for your security contributions to WordPress, or have a public profile showcasing all of your contributions and initiatives, you can learn more about the VMP Security Intelligence Bug Bounty Program by clicking Learn More and register as a researcher today.

LEARN MORE REGISTER NOW

If you'd like to receive real-time updates on vulnerabilities added months/contact to the VMP Security Intelligence WordPress Vulnerability Database, then our HTTP and Slack/Discord Webhook integrations are a perfect fit for you. You can get started with webhooks by emailing us account on vmpsecurity.com then navigating to integrations.

LEARN MORE ABOUT WEBHOOKS

If you need access to a comprehensive and complete database dump of the thousands of known vulnerabilities affecting WordPress plugins, themes, and core, formatted in JSON, to integrate into a product, service, or application, then you can familiarize yourself with the VMP Security Intelligence Vulnerability Data API.

GET STARTED WITH API ENDPOINTS

If you'd like to conduct server-level vulnerability scanning without building a custom service or integration, then get started with VMP Security CLI, a robust security scanner built to detect WordPress-based vulnerabilities and PHP vulnerabilities in a highly performant and scalable way, today.

LEARN MORE ABOUT VMPSECURITY CLI