The number of cyber-attacks continues to increase every year. According to a study by Accenture, security breaches have increased by 67% since 2014. Meanwhile, another study from the University of Maryland revealed that hackers attack every 39 seconds.

Cybercrime has become a lucrative “profession” with the industry estimated to have earned US $1.5 Trillion in profits. 

WordPress is the most popular website design platform in the world. Presently, 62% of websites run on WordPress. Thus, it made perfect sense to have a defense system designed specifically for WordPress.

Enter Wordfence.

Wordfence is a plug-in that functions as a malware scanner and firewall. It was developed by the cyber-security firm, Defiant specifically for the more than 3 million WordPress websites operating on the Internet. 

According to Defiant, Wordfence has been downloaded over 150 million times and this proves the plug-in’s effectiveness in protecting WordPress websites from cyber attacks.

Wordfence Uncovers New Threat To WordPress Sites

Last April 28, 2020, the Threat Intelligence Team of Defiant observed a significant increase in the number of attacks that were focused on capitalizing weaknesses in Cross-Site Scripting or XSS.

Within a few days of its discovery, the team noted that the frequency of attacks had increased by 30-times above the average number of attacks recorded in the company’s database.

After conducting a thorough analysis, the team concluded that there was a single threat actor responsible for the bulk of the attacks. The objective of the threat actor was to inject a suspicious JavaScript that would implant a backdoor via the theme’s header by redirecting site visitors.

Further investigation revealed that the threat actor also targeted other weaknesses which enabled the malicious program to switch the URL of the website’s Homepage to the one used by the XSS payload.

By doing so, visitors to the compromised Homepage would be redirected to a malicious, malvertising site. 

Defiant’s team believes that the threat actor had a history of launching attacks but of a smaller scale. The team’s data indicates that the threat actor only became aggressive recently and ramped up the scale of attacks to more than 20 million. 

Defiant suspects more than half a million websites were attacked on May 3, 2020.

Websites that signed up with Wordfence’s Premium package, as well as those with the free version, were protected from the XSS attacks because of the program’s built-in protection feature. 

Wordfence has a Web Application Firewall that runs a set of rules designed to protect the website from attempts by cyber-criminals to change the URL of its home page. 

Why You Need Wordfence

Defiant theorizes that the attacks were coursed through vulnerable entry points in your website that was presumably resolved months – even years earlier.

It is standard procedure to keep your plug-ins updated to their latest versions, remove plug-ins that are hardly being used, and to completely delete plug-ins that are no longer in the WordPress plug-in repository.

Although Defiant’s study did not indicate that the latest versions of WordPress plug-ins are vulnerable to these types of attacks, having Wordfence and its Web Application Firewall installed will give you reinforced protection in case there are lingering vulnerabilities in your XSS that have not been resolved.


As you have read, a cyber-criminal can increase the frequency of attacks rapidly within a matter of days. You don’t know if your website is being targeted so it is always safe to err on the side of caution. 

Downloading Wordfence will provide your WordPress website with a line of defense that will keep cyber-criminals from infiltrating your XSS through vulnerable channels. 

Extreme WordPress care - what types of plans we offer