Wordfence is the flagship product of Defiant Inc. Millions of WordPress site owners rely on Wordfence to protect their websites, their customer data and their investment. Install Wordfence today and lock down your WordPress site in minutes.


Our Story

Wordfence is incorporated as Defiant, Inc., a Delaware company. We are a small team that is passionate about software engineering and delivering excellent customer service. Wordfence has been downloaded over 90 million times, and is consistently one of the top plugins for WordPress on WordPress.org. The Wordfence WordPress Security plugin protects over 2 million active WordPress websites.

Explore Defiant

Notable Research Coverage

Hackers Exploit Recent WordPress Plugin Bugs for Malvertising

Bleeping Computer

Sergiu Gatlan

July 22, 2019

Critical Bug in WordPress Plugin Lets Hackers Execute Code

Bleeping Computer

Sergiu Gatlan

July 15, 2019

WordPress Users Urged to Delete Zero-Day-Ridden Plugin


Lindsey O'Donnell

January 28, 2019

General Business Inquiries

Do you have a press inquiry or want to ask about partnerships, a feature or idea or other general business inquiries?

Let's Talk

Check Out The Latest From Our Blog

Easily Exploitable Vulnerabilities Patched in WP Database Reset Plugin

January 16, 2020

Chloe Chamberland

On January 7th, our Threat Intelligence team discovered vulnerabilities in WP Database Reset, a WordPress plugin installed on over 80,000 websites. One of these flaws allowed any unauthenticated user to reset any table from the database to the initial WordPress set-up state, while the other flaw allowed any authenticated user, even those with minimal permissions, …
Read More

Critical Authentication Bypass Vulnerability in InfiniteWP Client Plugin

January 14, 2020

Matt Barry

Description: Authentication Bypass Affected Plugin: InfiniteWP Client Affected Versions: < CVSS Score: 9.8 (Critical) CVSS Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Patched Version: A vulnerability has been discovered in the InfiniteWP Client plugin versions or earlier. InfiniteWP Client is a plugin that, when installed on a WordPress site, allows a site owner to manage unlimited WordPress …
Read More

Multiple Vulnerabilities Patched in Minimal Coming Soon & Maintenance Mode – Coming Soon Page Plugin

January 08, 2020

Chloe Chamberland

A few weeks ago, our threat intelligence team discovered several vulnerabilities present in Minimal Coming Soon & Maintenance Mode – Coming Soon Page, a WordPress plugin installed on over 80,000 websites. The most severe weakness allowed for an attacker to exploit Cross Site Request Forgery (CSRF) and enable maintenance mode while injecting cross-site scripting (XSS), …
Read More

Episode 62: 2019 Think Like a Hacker Highlights

December 20, 2019

Kathy Zant

We’ve had quite a year with Think Like a Hacker, the podcast about WordPress, security and innovation. For this end of year episode, we take a look back at a few of our favorite interviews and news stories. We review conversations with Josepha Haden, Brandy Lawson, Jennifer Bourn, Matt Cromwell, and we look back at …
Read More

Critical Vulnerability Patched in 301 Redirects – Easy Redirect Manager

December 19, 2019

Chloe Chamberland

Description: Authenticated Arbitrary Redirect Injection and Modification Affected Plugin: 301 Redirects – Easy Redirect Manager  CVSS Score: 9.0 (Critical) CVSS Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H CVE ID: CVE-2019-19915 Affected Versions: <= 2.40 Patched Version: 2.45 On Friday December 13th, our Threat Intelligence team discovered vulnerabilities present in 301 Redirects – Easy Redirect Manager, a WordPress plugin installed on …
Read More

Episode 61: Improving Website Performance and User Experiences with Dave Ryan

December 18, 2019

Kathy Zant

With Google Chrome experimenting with a badge of shame for websites that load slowly in Chrome, there is a new urgency for high performance interfaces for web users. Gatsby, Gridsome and other static site interfaces are hot in the development community right now, especially when talking about headless WordPress. At WordCamp US, Mark chats with …
Read More

View More Blog Posts