API Documentation

Swagger UI

Interactive API explorer with live testing
API Playground

Test endpoints with code examples
API Keys

Manage your API credentials
OpenAPI Spec

Download YAML specification
Authentication

API key authentication is required for most endpoints. You can provide your API key in two ways:

Header (Recommended)
X-API-Key: your-api-key-here
Query Parameter
?api_key=your-api-key-here
Get your API key: Visit API Key Management to create and manage your keys.
Quick Start Examples
# Check if a plugin version is vulnerable
curl -X GET "https://dashboard-webapp-c10t.onrender.com/api/vulnerabilities/check?plugin_slug=contact-form-7&version=5.5.0" \
  -H "X-API-Key: your-api-key-here"

# Search for critical vulnerabilities
curl -X GET "https://dashboard-webapp-c10t.onrender.com/api/vulnerabilities/search?severity=CRITICAL&limit=10" \
  -H "X-API-Key: your-api-key-here"
import requests

API_KEY = "your-api-key-here"
BASE_URL = "https://dashboard-webapp-c10t.onrender.com/api/vulnerabilities"

def check_plugin(slug, version):
    response = requests.get(
        f"{BASE_URL}/check",
        params={"plugin_slug": slug, "version": version},
        headers={"X-API-Key": API_KEY}
    )
    return response.json()

result = check_plugin("contact-form-7", "5.5.0")
print(f"Vulnerable: {result.get('vulnerable', False)}")
const API_KEY = 'your-api-key-here';
const BASE_URL = 'https://dashboard-webapp-c10t.onrender.com/api/vulnerabilities';

async function checkPlugin(slug, version) {
  const response = await fetch(
    `${BASE_URL}/check?plugin_slug=${slug}&version=${version}`,
    { headers: { 'X-API-Key': API_KEY } }
  );
  return await response.json();
}

const result = await checkPlugin('contact-form-7', '5.5.0');
return result.vulnerable;
<?php
$apiKey = 'your-api-key-here';
$url = 'https://dashboard-webapp-c10t.onrender.com/api/vulnerabilities/check?plugin_slug=contact-form-7&version=5.5.0';

$ch = curl_init();
curl_setopt_array($ch, [
    CURLOPT_URL => $url,
    CURLOPT_RETURNTRANSFER => true,
    CURLOPT_HTTPHEADER => ["X-API-Key: $apiKey"]
]);
$response = curl_exec($ch);
$data = json_decode($response, true);
echo "Vulnerable: " . ($data['vulnerable'] ? 'Yes' : 'No');
?>
Webhook Integration

Set up automated notifications for security events using webhooks.

EventDescription
scan.completedSecurity scan finished
vulnerability.newNew vulnerability discovered
kev.addedCVE added to CISA KEV
grade.changedSecurity grade changed
Endpoints
Vulnerabilities
  • GET /api/vulnerabilities/check
  • GET /api/vulnerabilities/search
  • GET /api/vulnerabilities/cve/{id}
  • GET /api/vulnerabilities/kev Pro
  • GET /api/vulnerabilities/stats
Plugins
  • GET /api/plugins/{slug}
  • GET /api/plugins/search
  • GET /api/plugins/popular
Rate Limits
Freemium100 req/hour
Professional1,000 req/hour
Enterprise10,000 req/hour
Need Help?