Wordfence is the flagship product of Defiant Inc. Millions of WordPress site owners rely on Wordfence to protect their websites, their customer data and their investment. Install Wordfence today and lock down your WordPress site in minutes.


Our Story

Wordfence is incorporated as Defiant, Inc., a Delaware company. We are a small team that is passionate about software engineering and delivering excellent customer service. Wordfence has been downloaded over 150 million times, and is consistently one of the top plugins for WordPress on WordPress.org. The Wordfence WordPress Security plugin protects over 3 million active WordPress websites.

Explore Defiant

Notable Research Coverage

Hackers Exploit Recent WordPress Plugin Bugs for Malvertising

Bleeping Computer

Sergiu Gatlan

July 22, 2019

Critical Bug in WordPress Plugin Lets Hackers Execute Code

Bleeping Computer

Sergiu Gatlan

July 15, 2019

WordPress Users Urged to Delete Zero-Day-Ridden Plugin


Lindsey O'Donnell

January 28, 2019

General Business Inquiries

Do you have a press inquiry or want to ask about partnerships, a feature or idea or other general business inquiries?

Let's Talk

Check Out The Latest From Our Blog

Episode 65: WordCamp Asia Cancellation Prompts Community Support

February 14, 2020

Kathy Zant

WordCamp Asia was cancelled this week due to concerns of COVID-19/coronavirus in the region. This week, Wordfence CEO Mark Maunder talks about the decision to offer the WordCamp Asia Cancellation Fee Assistance Package to attendees, volunteers, organizers, and speakers that had planned to travel to this inaugural regional WordCamp. We also cover a number of …
Read More

Critical Vulnerability In Profile Builder Plugin Allowed Site Takeover

February 13, 2020

Mikey Veenstra

Description: Unauthenticated Administrator Registration Affected Plugin: Profile Builder (Free, Pro, and Hobbyist versions affected) Affected Versions: <= 3.1.0 CVSS Score: 10.0 (Critical) CVSS Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H Patched Version: 3.1.1 Earlier this week, a critical vulnerability was patched in the Profile Builder plugin for WordPress. This vulnerability affected the free version available on the WordPress.org repository, as …
Read More

Wordcamp Asia Cancellation Fee Assistance Package from Wordfence

February 11, 2020

Mark Maunder

A few minutes ago it was announced that Wordcamp Asia has been cancelled due to the recent COVID-19 concerns in the region. This was a very tough call, but I believe the right one. To give you some context, I’m going to include an extract from the final part of the World Health Organization Director …
Read More

Improper Access Controls in GDPR Cookie Consent Plugin

February 11, 2020

Matt Barry

Description: Improper Access Controls Affected Plugin: GDPR Cookie Consent Affected Versions: <= 1.8.2 CVSS Score: 9.0 (Critical) CVSS Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H Patched Version: 1.8.3 The following post describes how improper access controls lead to a stored cross-site scripting vulnerability in the GDPR Cookie Consent plugin that emerged after it was removed from the repository. The Wordfence …
Read More

Podcast Episode 64: Backdoors, Webshells, and the Growing Risks of Leaks & Breaches

February 08, 2020

Kathy Zant

We take a look at the annual hacked site report from GoDaddy’s Sucuri Security and the types of malware they found in various CMS and shopping cart applications. Microsoft reports they’re finding 77k webshells daily, and WP Scan’s roundup lists a number of popular plugins and themes with recent vulnerabilities. A report from students at …
Read More

Podcast Episode 63: Succeeding as a Remote Working Nomad with Chloe Chamberland

January 31, 2020

Kathy Zant

Chloe Chamberland never wanted to get into security, and yet in the last three years, she has emerged as one of our most effective and prolific threat researchers. Not only does she find vulnerabilities in numerous popular plugins, she also travels the world while doing so. Chloe talked to me from a cabin in a …
Read More

View More Blog Posts