typisttech/wordfence-api

Fetch WordPress vulnerability information from Wordfence vulnerability data feed.

Maintainers

Details

github.com/typisttech/wordfence-api

Homepage

Source

Issues

Fund package maintenance!
tangrufus
typist.tech/donation

Installs: 1

Dependents: 0

Suggesters: 0

Security: 0

Stars: 0

Watchers: 0

Forks: 0

Open Issues: 1

v0.1.1 2024-12-03 10:51 UTC

Requires

Requires (Dev)

MIT b2ca3952d600bbebf915734c78759f3538aad79a

securitywordpresswordfence

This package is auto-updated.

Last update: 2024-12-16 13:04:51 UTC

README

Wordfence API

Packagist Version PHP Version Require Test codecov license X Follow @TangRufus Hire Typist Tech

Fetch WordPress vulnerability information from Wordfence vulnerability data feed.

Built with ♥ by Typist Tech

Usage

use \TypistTech\WordfenceAPI\{Client, Feed, Record};

$client = new Client;

// Alternatively, use `Feed::Scanner`` for the scanner feed.
$records = $client->fetch(Feed::Production);

foreach($records as $record) {
    /** @var Record $record */
    echo $record->title;
}

Installation

composer require typisttech/wordfence-api

Known Issues

Allowed memory size of 999999 bytes exhausted (tried to allocate 99 bytes)

Tip

Set memory_limit on the fly as a temporary fix:

php -d memory_limit=512MB your-script.php

As of December 2024, the production Wordfence vulnerability data feed is over 80 MB. Client downloads the feed into memory and json_decode() the entire feed all in one go. It causes PHP to run out of memory.

A possible solution is to use a streaming JSON parser like json.Decoder in Go. If you know how to do that in PHP, please send pull requests. 🙇

Credits

Wordfence API is a Typist Tech project and maintained by Tang Rufus, freelance developer for hire.

Full list of contributors can be found here.

Copyright and License

This project is a free software distributed under the terms of the MIT license. For the full license, see LICENSE.

Wordfence Intelligence Terms and Conditions

Before using Wordfence Vulnerability Data Feed API, you must read and agree to the Wordfence Intelligence Terms and Conditions.

Learn more at Wordfence help documentation.

If you have any questions about the terms and conditions, please contact Wordfence directly.

MITRE Attribution Requirement

Any company or individual who uses Wordfence vulnerability database API needs to display the MITRE copyright claims included in that vulnerability record for any MITRE vulnerabilities that they display to their end user.

Learn more at Wordfence help documentation.

If you have any questions about the attribution requirement, please contact Wordfence directly.

Contribute

Feedbacks / bug reports / pull requests are welcome.