Enterprise API
The purpose of this document is to provide information about the API functionality of the Patchstack vulnerability database.
API Usage
Information
The base URL of the API is https://patchstack.com/database/api/v2
All responses are in the JSON format. For performance reasons, responses are cached until we update the database after which the appropriate caches are cleared.
You can request an API key by reaching out to us on this page. https://patchstack.com/threat-intel-feed/
Latest Vulnerabilities
Description: Retrieve the latest 20 vulnerabilities which have been added to the database.
Endpoint: /latest
Method: GET
Example Response (Trimmed) https://patchstack.com/database/api/v2/latest
Find Vulnerability
Description: Retrieve vulnerabilities of a specific plugin, theme or WordPress core version.
Endpoint: /product/TYPE/NAME/VERSION/EXISTS?
Method: GET
TYPE = theme, plugin, wordpress
NAME = Slug of the theme, slug of the plugin, or “wordpress” in case TYPE is set to wordpress
VERSION = Version to check for vulnerabilities
EXISTS = Optional flag that will not return all vulnerabilities but only a boolean response whether or not there are vulnerabilities. This flag being present results in a faster response.
Example Response https://patchstack.com/database/api/v2/product/plugin/tutor/1.5.2
Example Response https://patchstack.com/database/api/v2/product/plugin/tutor/1.5.2/exists
Bulk Find Vulnerability
Description: Retrieve vulnerabilities in bulk of a number of plugins, themes or WordPress versions.
Endpoint: /batch
Method: POST
Payload: Raw JSON payload, same format as the individual vulnerability endpoint. This payload should contain no more than 50 objects.
Payload Example 1
This payload example will determine if WooCommerce version 3.0.0 has vulnerabilities and if WordPress version 3.0.0 has vulnerabilities. It will also only return a boolean response.
Example Response 1 https://patchstack.com/database/api/v2/batch
Payload Example 2
This payload example will determine if WooCommerce version 3.0.0 has vulnerabilities and if WordPress version 3.0.0 has vulnerabilities. For WooCommerce it will return all vulnerabilities and for WordPress if it will return a boolean response.
Example Response 2 https://patchstack.com/database/api/v2/batch
Find Specific Vulnerability By Id
Description: Find a specific vulnerability by vulnerability id.
Endpoint: /vulnerability/ID
Method: GET
ID = Numeric identifier or PSID of the vulnerability.
Example Response 1 https://patchstack.com/database/api/v2/vulnerability/4760
Example Response 2 https://patchstack.com/database/api/v2/vulnerability/4614
Example Response 3 https://patchstack.com/database/api/v2/vulnerability/4112
More information about Enterprise API
You can find more information about Enterprise API here:
https://patchstack.com/for-hosts/