diff --git a/lib/wpscan/db/vuln_api.rb b/lib/wpscan/db/vuln_api.rb
index 3a2f48e5..228a3f36 100644
--- a/lib/wpscan/db/vuln_api.rb
+++ b/lib/wpscan/db/vuln_api.rb
@@ -23,7 +23,8 @@ module WPScan
         return {} unless token
         return {} if path.end_with?('/latest') # Remove this when api/v4 is up
 
-        res = Browser.get(uri.join(path), params.merge(request_params))
+        # Typhoeus.get is used rather than Browser.get to avoid merging irrelevant params from the CLI
+        res = Typhoeus.get(uri.join(path), default_request_params.merge(params))
 
         return {} if res.code == 404 # This is for API inconsistencies when dots in path
         return JSON.parse(res.body) if NON_ERROR_CODES.include?(res.code)
@@ -65,12 +66,13 @@ module WPScan
       end
 
       # @return [ Hash ]
-      def self.request_params
-        {
+      # Those params can not be overriden by CLI options, except for the cache_ttl
+      def self.default_request_params
+        @default_request_params ||= {
+          timeout: 30,
+          connecttimeout: 15,
+          cache_ttl: Browser.instance.cache_ttl,
           headers: {
-            'Host' => uri.host, # Reset in case user provided a --vhost for the target
-            'Referer' => nil, # Removes referer set by the cmsscanner to the target url
-            'CF-Connecting-IP' => nil, # Removes in case user provided one for the target
             'User-Agent' => Browser.instance.default_user_agent,
             'Authorization' => "Token token=#{token}"
           }
diff --git a/spec/lib/db/vuln_api_spec.rb b/spec/lib/db/vuln_api_spec.rb
index 4dd95a0c..3ef9d44d 100644
--- a/spec/lib/db/vuln_api_spec.rb
+++ b/spec/lib/db/vuln_api_spec.rb
@@ -5,10 +5,6 @@ describe WPScan::DB::VulnApi do
 
   let(:request_headers) do
     {
-      'Host' => api.uri.host,
-      'Expect' => nil,
-      'Referer' => nil,
-      'CF-Connecting-IP' => nil,
       'User-Agent' => WPScan::Browser.instance.default_user_agent,
       'Authorization' => 'Token token=s3cRet'
     }
@@ -48,6 +44,16 @@ describe WPScan::DB::VulnApi do
 
       let(:path) { 'path' }
 
+      context 'when params used' do
+        it 'ensures they override the defaults' do
+          expect(Typhoeus).to receive(:get)
+            .with(api.uri.join(path), hash_including(cache_ttl: 0))
+            .and_return(Typhoeus::Response.new(code: 404))
+
+          api.get(path, cache_ttl: 0)
+        end
+      end
+
       context 'when no timeouts' do
         before do
           stub_request(:get, api.uri.join(path))