Wordfence is the flagship product of Defiant Inc. Millions of WordPress site owners rely on Wordfence to protect their websites, their customer data and their investment. Install Wordfence today and lock down your WordPress site in minutes.

Defiant

Our Story

Wordfence is incorporated as Defiant, Inc., a Delaware company. We are a small team that is passionate about software engineering and delivering excellent customer service. Wordfence has been downloaded over 150 million times, and is consistently one of the top plugins for WordPress on WordPress.org. The Wordfence WordPress Security plugin protects over 3 million active WordPress websites.

Explore Defiant

Notable Research Coverage

Hackers tried to steal database logins from 1.3M WordPress sites

Bleeping Computer

Sergiu Gatlan

June 4, 2020

Critical WordPress plugin bug lets hackers take over 1M sites

Bleeping Computer

Sergiu Gatlan

May 7, 2020

Elementor Pro Critical Vulnerability

Search Engine Journal

Roger Montti

May 7, 2020

Massive campaign targets 900,000 WordPress sites in a week

Bleeping Computer

Ionut Ilascu

May 5, 2020

General Business Inquiries

Do you have a press inquiry or want to ask about partnerships, a feature or idea or other general business inquiries?

Let's Talk

Check Out The Latest From Our Blog

2 Million Users Affected by Vulnerability in All in One SEO Pack

July 16, 2020

Chloe Chamberland

On July 10, 2020, our Threat Intelligence team discovered a vulnerability in All In One SEO Pack, a WordPress plugin installed on over 2 million sites. This flaw allowed authenticated users with contributor level access or above the ability to inject malicious scripts that would be executed if a victim accessed the wp-admin panel’s ‘all …
Read More

XSS Flaw Impacting 100,000 Sites Patched in KingComposer

July 09, 2020

Ram Gall

On June 15, 2020, our Threat Intelligence team was made aware of a number of access control vulnerabilities that had recently been disclosed in KingComposer, a WordPress plugin installed on over 100,000 sites. During our investigation of these vulnerabilities, we discovered an unpatched reflected Cross-Site Scripting(XSS) vulnerability. Wordfence Premium customers received a new firewall rule …
Read More

Critical Vulnerabilities Patched in Adning Advertising Plugin

July 08, 2020

Ram Gall

On June 24, 2020, our Threat Intelligence team was made aware of a possible vulnerability in the Adning Advertising plugin, a premium plugin with over 8,000 customers. We eventually discovered 2 vulnerabilities, one of which was a critical vulnerability that allowed an unauthenticated attacker to upload arbitrary files, leading to Remote Code Execution(RCE), which could …
Read More

Malware Detection: Measuring Recall to Catch Them All

June 24, 2020

Ram Gall

At Wordfence, we take performance seriously on all levels. While speed is one way to measure performance, there are other metrics that are equally important. Over the past year, our Threat Intelligence team has improved our malware scan by leaps and bounds. We wanted to share some of the metrics we use and what they …
Read More

Episode 78: Targeted Phishing Bypassing Security Checks and a new DDoS Record

June 22, 2020

Kathy Zant

This week, we look at some targeted phishing attacks that are bypassing Microsoft Outlook’s protective filters, and phishing campaigns using calendar invitations to target unsuspecting recipients. We also look at some successful bitcoin scams and a new record for a massive DDoS attack that targeted an AWS customer. Drupal pushes out some security fixes, and …
Read More

Defiant Participating in Privacy Shield Framework

June 22, 2020

Kathy Zant

Defiant, dba Wordfence, is now listed on the Privacy Shield certification list participating in both the EU-U.S. and Swiss-U.S. Privacy Shield frameworks. The purpose of these frameworks is to allow for the lawful transfer of personal data from the European Union and Switzerland to the United States. Two years ago when the General Data Protection …
Read More

View More Blog Posts