Wordfence is the flagship product of Defiant Inc. Millions of WordPress site owners rely on Wordfence to protect their websites, their customer data and their investment. Install Wordfence today and lock down your WordPress site in minutes.

Defiant

Our Story

Wordfence is incorporated as Defiant, Inc., a Delaware company. We are a small team that is passionate about software engineering and delivering excellent customer service. Wordfence has been downloaded over 150 million times, and is consistently one of the top plugins for WordPress on WordPress.org. The Wordfence WordPress Security plugin protects over 3 million active WordPress websites.

Explore Defiant

Notable Research Coverage

WordPress Plugin Bug in Popup Builder Threatens 100K Websites

Threatpost

Lindsey O'Donnell

March 13, 2020

WordPress Plugin Bug Allows Malicious Code Injection on 100K Sites

Bleeping Computer

Sergiu Gatlan

March 13, 2020

Popular ThemeREX WordPress Plugin Opens Websites to RCE

Threatpost

Tara Seals

March 10, 2020

XSS plugin vulnerabilities plague WordPress users

Naked Security

Danny Bradbury

March 3, 2020

Critical Bugs in WordPress Plugins Let Hackers Take Over Sites

Bleeping Computer

Sergiu Gatlan

February 28, 2020

Multiple WordPress Plugin Vulnerabilities Actively Being Attacked

Bleeping Computer

Ionut Ilascu

February 25, 2020

Active Attacks Target Popular Duplicator WordPress Plugin

Threatpost

Tara Seals

February 21, 2020

Critical WordPress Plugin Bug Afflicts 700K Sites

Threatpost

Lindsey O'Donnell

February 13, 2020

General Business Inquiries

Do you have a press inquiry or want to ask about partnerships, a feature or idea or other general business inquiries?

Let's Talk

Check Out The Latest From Our Blog

Vulnerabilities Patched in IMPress for IDX Broker

March 26, 2020

Ram Gall

On February 28, 2020, the Wordfence Threat Intelligence team became aware of a newly patched stored Cross-Site Scripting (XSS) vulnerability in IMPress for IDX Broker, a WordPress plugin with over 10,000 installations. Although all Wordfence users, including those still using the free version of Wordfence, were already protected from this vulnerability by the Web Application …
Read More

Episode 71: Hackers Targeting COVID-19 Fears

March 25, 2020

Kathy Zant

With many of us under either lockdown or shelter-in-place orders due to the COVID-19/Corona virus, fear and stress are rampant. This additional stress lowers our critical thinking capabilities and increases our vulnerability. Hackers targeting these human vulnerabilities are using the global pandemic to attempt exploitation through numerous scams and phishing campaigns. We also cover plugin …
Read More

Vulnerabilities Patched in the Data Tables Generator by Supsystic Plugin

March 24, 2020

Chloe Chamberland

A few weeks ago, we disclosed several flaws that were patched in the Pricing Table by Supsystic plugin. On January 20th, our Threat Intelligence team discovered several similar vulnerabilities present in another product from Supsystic: Data Tables Generator by Supsystic, a WordPress plugin installed on over 30,000 sites. These flaws were very similar and allowed …
Read More

Severe Flaws Patched in Responsive Ready Sites Importer Plugin

March 18, 2020

Chloe Chamberland

On March 2nd, our Threat Intelligence team discovered several vulnerable endpoints in Responsive Ready Sites Importer, a WordPress plugin installed on over 40,000 sites. These flaws allowed any authenticated user, regardless of privilege level, the ability to execute various AJAX actions that could reset site data, inject malicious JavaScript in pages, modify theme customizer data, …
Read More

Episode 70: Customer Education and Agency Resiliency with Jon Bius

March 14, 2020

Kathy Zant

We chat with Jon Bius, a web developer at Biz Tools One, an agency in Fayetteville, NC, about how they use customer education to build relationships and differentiate their business. Jon has been helping customers build websites for over two decades, and he talks about how WordPress helps him empower his customers. In the news, …
Read More

Vulnerabilities Patched in Popup Builder Plugin Affecting over 100,000 Sites

March 12, 2020

Ram Gall

On March 4th, our Threat Intelligence team discovered several vulnerabilities in Popup Builder, a WordPress plugin installed on over 100,000 sites. One vulnerability allowed an unauthenticated attacker to inject malicious JavaScript into any published popup, which would then be executed whenever the popup loaded. The other vulnerability allowed any logged-in user, even those with minimal …
Read More

View More Blog Posts