Title: WpBom
Author: Vitor Guia
Published: <strong>Desanm 20, 2021</strong>
Last modified: Janvye 9, 2025

---

Search plugins

![](https://ps.w.org/wpbom/assets/banner-772x250.png?rev=2647290)

![](https://ps.w.org/wpbom/assets/icon-128x128.png?rev=2647055)

# WpBom

 By [Vitor Guia](https://profiles.wordpress.org/vitoranguia/)

[Download](https://downloads.wordpress.org/plugin/wpbom.1.4.0.zip)

 * [Details](https://hat.wordpress.org/plugins/wpbom/#description)
 * [Reviews](https://hat.wordpress.org/plugins/wpbom/#reviews)
 *  [Installation](https://hat.wordpress.org/plugins/wpbom/#installation)
 * [Development](https://hat.wordpress.org/plugins/wpbom/#developers)

 [Support](https://wordpress.org/support/plugin/wpbom/)

## Description

This package is compatible with [WordPress Coding Standards](https://github.com/WordPress/WordPress-Coding-Standards),
[PSR-4](https://www.php-fig.org/psr/psr-4).

WordPress integration with OWASP [CycloneDX](https://cyclonedx.org) and [Dependency Track](https://dependencytrack.org)

Features:

 * Automatic BOM submission to OWASP Dependency Track
 * Manual BOM submission to OWASP Dependency Track
 * Download BOM JSON in OWASP CycloneDX format

## Screenshots

 * [[
 * See option page

## Installation

This project uses [PHP](https://php.net) and [Composer](https://getcomposer.org).

$ cd wp-content/plugins/
 $ git clone https://gitlab.com/sepbit/wpbom.git $ cd wpbom
$ composer update –no-dev

## FAQ

Add [CPE](https://nvd.nist.gov/products/cpe) from BOM

    ```
    add_filter(
        'wpbom_bom',
        function( $bom ) {
            foreach ( $bom['components'] as $key => $component ) {
                if ( 'woocommerce' === $component['name'] ) {
                    $bom['components'][ $key ]['cpe'] = 'cpe:2.3:a:woocommerce:woocommerce:' . $component['version'] . ':*:*:*:*:wordpress:*:*';
                }
            }
            return $bom;
        }
    );
    ```

We are building a feature to automate this

Remove component from BOM

    ```
    add_filter(
        'wpbom_bom',
        function( $bom ) {
            foreach ( $bom['components'] as $key => $component ) {
                if ( 'woocommerce' === $component['name'] ) {
                    unset( $bom['components'][ $key ] );
                }
            }
            return $bom;
        }
    );
    ```

Add component from BOM

    ```
    add_filter(
        'wpbom_bom',
        function( $bom ) {
            global $wpdb;
            $db_server_info      = explode( '-', $wpdb->db_server_info() );
            $bom['components'][] = array(
                'type'     => 'application',
                'bom-ref'  => 'pkg:deb/debian/' . strtolower( $db_server_info[2] ) . '@' . $db_server_info[1],
                'name'     => strtolower( $db_server_info[2] ),
                'version'  => $db_server_info[1],
                'purl'     => 'pkg:deb/debian/' . strtolower( $db_server_info[2] ) . '@' . $db_server_info[1],
                'licenses' => array(
                    array(
                        'license' => array(
                            'id' => 'GPL-2.0-or-later',
                        ),
                    ),
                ),
            );
            return $bom;
        }
    );
    ```

## Reviews

There are no reviews for this plugin.

## Contributors & Developers

“WpBom” is open source software. The following people have contributed to this plugin.

Contributors

 *   [ Vitor Guia ](https://profiles.wordpress.org/vitoranguia/)

“WpBom” has been translated into 1 locale. Thank you to [the translators](https://translate.wordpress.org/projects/wp-plugins/wpbom/contributors)
for their contributions.

[Translate “WpBom” into your language.](https://translate.wordpress.org/projects/wp-plugins/wpbom)

### Interested in development?

[Browse the code](https://plugins.trac.wordpress.org/browser/wpbom/), check out 
the [SVN repository](https://plugins.svn.wordpress.org/wpbom/), or subscribe to 
the [development log](https://plugins.trac.wordpress.org/log/wpbom/) by [RSS](https://plugins.trac.wordpress.org/log/wpbom/?limit=100&mode=stop_on_copy&format=rss).

## Changelog

#### 1.4.0

 * Add PHP 8.4

#### 1.2.0

 * Add WordPress as component
 * Fix some bugs

#### 1.1.0

 * Add CPE example
 * Fix Copyright
 * Remove purl

#### 1.0.2

 * Add icon

#### 1.0.0

 * First release!

## Meta

 *  Version **1.4.0**
 *  Last updated **1 year ago**
 *  Active installations **70+**
 *  WordPress version ** 6.0 or higher **
 *  Tested up to **6.7.5**
 *  PHP version ** 8.2 or higher **
 *  Languages
 * [Dutch (Belgium)](https://nl-be.wordpress.org/plugins/wpbom/) and [English (US)](https://wordpress.org/plugins/wpbom/).
 *  [Translate into your language](https://translate.wordpress.org/projects/wp-plugins/wpbom)
 *  [Advanced View](https://hat.wordpress.org/plugins/wpbom/advanced/)

## Ratings

No reviews have been submitted yet.

[Add my review](https://wordpress.org/support/plugin/wpbom/reviews/#new-post)

[See all reviews](https://wordpress.org/support/plugin/wpbom/reviews/)

## Contributors

 *   [ Vitor Guia ](https://profiles.wordpress.org/vitoranguia/)

## Support

Got something to say? Need help?

 [View support forum](https://wordpress.org/support/plugin/wpbom/)

## Donate

Would you like to support the advancement of this plugin?

 [ Donate to this plugin ](https://liberapay.com/vitoranguia/)