Wordfence is the flagship product of Defiant Inc. Millions of WordPress site owners rely on Wordfence to protect their websites, their customer data and their investment. Install Wordfence today and lock down your WordPress site in minutes.

Defiant

Our Story

Wordfence is incorporated as Defiant, Inc., a Delaware company. We are a small team that is passionate about software engineering and delivering excellent customer service. Wordfence has been downloaded over 150 million times, and is consistently one of the top plugins for WordPress on WordPress.org. The Wordfence WordPress Security plugin protects over 3 million active WordPress websites.

Explore Defiant

Notable Research Coverage

Critical Flaws in WordPress Quiz Plugin Allow Site Takeover

Threatpost

Lindsey O'Donnell

August 14, 2020

Hidden WordPress 5.5 Feature Blocks Rogue Plugins

Search Engine Journal

Roger Montti

August 13, 2020

Divi WordPress Theme Vulnerability

Search Engine Journal

Roger Montti

August 6, 2020

Facebook plugin bug lets hackers hijack WordPress sites’ chat

Bleeping Computer

Sergiu Gatlan

August 4, 2020

Newsletter plugin bugs let hackers inject backdoors on 300K sites

Bleeping Computer

Sergiu Gatlan

August 3, 2020

Newsletter WordPress Plugin Opens Door to Site Takeover

Threatpost

Tara Seals

August 4, 2020

General Business Inquiries

Do you have a press inquiry or want to ask about partnerships, a feature or idea or other general business inquiries?

Let's Talk

Check Out The Latest From Our Blog

High-Severity Vulnerabilities Patched in Discount Rules for WooCommerce

September 17, 2020

Ram Gall

On August 20, 2020, the Wordfence Threat Intelligence team was made aware of several vulnerabilities that had been patched in Discount Rules for WooCommerce, a WordPress plugin installed on over 40,000 sites. We released a firewall rule to protect against these vulnerabilities the same day. During our investigation, we also discovered a separate set of …
Read More

The Hacker Motive: What Attackers Are Doing with Your Hacked Site

September 16, 2020

Chloe Chamberland

Yesterday, September 15, 2020, the Wordfence Live team covered The Hacker Motive: What Attackers Are Doing with Your Hacked Site. This companion blog post reviews the motives we discussed live during Wordfence Live and dives deeper into the minds of attackers. You can watch the video of Wordfence Live below. Timestamps You can click on …
Read More

Episode 86: War of the Hackers

September 11, 2020

Scott Miller

Millions of attacks have been targeting the recent File Manager plugin zero-day vulnerability discovered last week. Two attackers are vying for control over sites compromised through the vulnerability. A security researcher has revealed that specially crafted Windows 10 themes can be used to perform Pass-the-Hash attacks. A database belonging to the Digital Point webmaster forum …
Read More

Attackers Fight for Control of Sites Targeted in File Manager Vulnerability

September 10, 2020

Ram Gall

Last week, we covered a vulnerability in the File Manager plugin installed on over 700,000 WordPress sites. By Friday, September 4, 2020, we recorded attacks on over 1.7 million sites, and by today, September 10, 2020 the total number of sites attacked has increased to over 2.6 million. We’ve seen evidence of multiple threat actors …
Read More

Millions of Sites Targeted in File Manager Vulnerability Attacks

September 04, 2020

Ram Gall

The Wordfence Threat Intelligence team is seeing a dramatic increase in attacks targeting the recent 0-day in the WordPress File Manager plugin. This plugin is installed on over 700,000 WordPress websites, and we estimate that 37.4% or 261,800 websites are still running vulnerable versions of this plugin at the time of this publication. Attacks are …
Read More

Episode 85: 0Day in File Manager Plugin and WordPress 5.5.1 Fixes Broken Sites

September 04, 2020

Scott Miller

Over 700,000 WordPress users were affected by a zero-day vulnerability in the File Manager plugin, and the WordPress 5.5.1 release fixed millions of sites affected by deprecation of jQuery Migrate. SendGrid is under siege from spammers using hacked accounts, and Apple approves a notorious malware variant to run on Macs. Here are timestamps and links …
Read More

View More Blog Posts