Wordfence is the flagship product of Defiant Inc. Millions of WordPress site owners rely on Wordfence to protect their websites, their customer data and their investment. Install Wordfence today and lock down your WordPress site in minutes.

Defiant

Our Story

Wordfence is incorporated as Defiant, Inc., a Delaware company. We are a small team that is passionate about software engineering and delivering excellent customer service. Wordfence has been downloaded over 200 million times, and is consistently one of the top plugins for WordPress on WordPress.org. The Wordfence WordPress Security plugin protects over 4 million active WordPress websites.

Explore Defiant

Notable Research Coverage

WordPress 5.7.2 Patches a Critical Vulnerability

Search Engine Journal

Roger Montti

May 13, 2021

General Business Inquiries

Do you have a press inquiry or want to ask about partnerships, a feature or idea or other general business inquiries?

Let's Talk

Check Out The Latest From Our Blog

Recently Patched Vulnerabilities in Ninja Forms Plugin Affect Over 1 Million Site Owners

September 22, 2021

Chloe Chamberland

On August 3, 2021 the Wordfence Threat Intelligence team initiated the responsible disclosure process for two vulnerabilities that were discovered in Ninja Forms, a WordPress plugin installed on over 1,000,000 sites. These flaws made it possible for an attacker to export sensitive information and send arbitrary emails from a vulnerable site that could be used …
Read More

Terms of Use Violation

September 04, 2021

Mark Maunder

Wordfence is used by millions of free and paid customers around the world to secure their WordPress websites. We serve a broad range of customers across the globe, from diverse cultures, with diverse backgrounds, and who have diverse political views. As an organization, Defiant, the company that makes Wordfence, believes that everyone has the right …
Read More

Over 1 Million Sites Affected by Gutenberg Template Library & Redux Framework Vulnerabilities

September 01, 2021

Ram Gall

On August 3, 2021, the Wordfence Threat Intelligence team initiated the disclosure process for two vulnerabilities we discovered in the Gutenberg Template Library & Redux Framework plugin, which is installed on over 1 million WordPress sites. One vulnerability allowed users with lower permissions, such as contributors, to install and activate arbitrary plugins and delete any …
Read More

Nested Pages Patches Post Deletion Vulnerability

August 25, 2021

Ram Gall

On August 13, 2021, the Wordfence Threat Intelligence team responsibly disclosed two vulnerabilities in Nested Pages, a WordPress plugin installed on over 80,000 sites that provides drag and drop functionality to manage your page structure and post ordering. These vulnerabilities included a Cross-Site Request Forgery vulnerability that allowed posts and pages to be deleted, unpublished …
Read More

Critical Authentication Bypass Vulnerability Patched in Booster for WooCommerce

August 24, 2021

Chloe Chamberland

On July 30, 2021 the Wordfence Threat Intelligence team initiated the responsible disclosure process for a vulnerability that we discovered in Booster for WooCommerce, a WordPress plugin installed on over 80,000 sites. This flaw made it possible for an attacker to log in as any user, as long as certain options were enabled in the …
Read More

XSS Vulnerability Patched in SEOPress Affects 100,000 sites

August 16, 2021

Chloe Chamberland

On July 29, 2021 the Wordfence Threat Intelligence team initiated the responsible disclosure process for a vulnerability that we discovered in SEOPress, a WordPress plugin installed on over 100,000 sites. This flaw made it possible for an attacker to inject arbitrary web scripts on a vulnerable site which would execute anytime a user accessed the …
Read More

View More Blog Posts