Wordfence is the flagship product of Defiant Inc. Millions of WordPress site owners rely on Wordfence to protect their websites, their customer data and their investment. Install Wordfence today and lock down your WordPress site in minutes.


Our Story

Wordfence is incorporated as Defiant, Inc., a Delaware company. We are a small team that is passionate about software engineering and delivering excellent customer service. Wordfence has been downloaded over 90 million times, and is consistently one of the top plugins for WordPress on WordPress.org. The Wordfence WordPress Security plugin protects over 2 million active WordPress websites.

Explore Defiant

Notable Research Coverage

WordPress Users Urged to Delete Zero-Day-Ridden Plugin


Lindsey O'Donnell

January 28, 2019

Active XSS Attacks Targeting Amp for WP WordPress Plugin

Bleeping Computer

Lawrence Abrams

November 20, 2018

LOL: BabaYaga WordPress Malware Updates Your Site

Bleeping Computer

Catalin Cimpanu

June 7, 2018

New Tools Make Checking for Leaked Passwords a Lot Easier

Bleeping Computer

Catalin Cimpanu

March 2, 2018

WordPress captcha plugin on 300,000 sites had a sneaky backdoor

The Register

Richard Chirgwin

December 20, 2017

General Business Inquiries

Do you have a press inquiry or want to ask about partnerships, a feature or idea or other general business inquiries?

Let's Talk

Check Out The Latest From Our Blog

Podcast Episode 2: Mikey Veenstra Talks XSS Vulnerability + The Adam Warner Interview

March 12, 2019

Mark Maunder

Welcome to Think Like a Hacker, Episode 2. In this episode Mikey Veenstra, a threat analyst at Wordfence, discusses a serious XSS vulnerability in an abandoned cart plugin. We also chat with Adam Warner, a well known figure in the WordPress community. In our interview we chat about Adam’s personal WordPress journey, community engagement success …
Read More

XSS Vulnerability in Abandoned Cart Plugin Leads To WordPress Site Takeovers

March 11, 2019

Mikey Veenstra

Last month, a stored cross-site scripting (XSS) flaw was patched in version 5.2.0 of the popular WordPress plugin Abandoned Cart Lite For WooCommerce. The plugin, which we’ll be referring to by its slug woocommerce-abandoned-cart, allows the owners of WooCommerce sites to track abandoned shopping carts in order to recover those sales. A lack of sanitation on …
Read More

Think Like a Hacker Podcast Episode 1: An Interview with Josepha Haden

March 07, 2019

Mark Maunder

Josepha Haden is the Executive Director of the WordPress project at Automattic. She oversees and directs all contributor teams in their work to build and maintain WordPress. Josepha can be found at https://josepha.blog. In our news segment, we talk about recent vulnerabilities in the Freemius library affecting WordPress plugins, the CoinHive shutdown, and why potential …
Read More

WordCamp Phoenix Recap

February 26, 2019

Kathy Zant

The first WordCamp for 2019 took place this past weekend in Phoenix, Arizona with nearly 700 attendees, and we were delighted to be involved. In addition to our gold-level sponsorship, Wordfence Threat Analyst Mikey Veenstra spoke on Friday, and our Client Partner Kathy Zant worked for months on the organizing committee to bring this highly …
Read More

Vulnerabilities Patched in WP Cost Estimation Plugin

February 13, 2019

Mikey Veenstra

At the end of January, Wordfence security analysts identified attackers exploiting vulnerabilities in outdated versions of the commercial plugin WP Cost Estimation & Payment Forms Builder, or WP Cost Estimation for short. These flaws were found and patched by the developer a few months ago, but no official public disclosure was made at the time. Following …
Read More

Live Event: Wordfence Central Official Launch and Demo

February 06, 2019

Mark Maunder

Today we are very excited to announce the launch of Wordfence Central. Our team has been working hard for almost a year on this ground-breaking project. Wordfence Central gives you the power of a security events and information manager for WordPress. Join me for a live event starting at 8am Pacific time, 11am EST where …
Read More

View More Blog Posts