WP-Safety

Dolutech Blacklist Protect Security & Risk Analysis

wordpress.org/plugins/dolutech-blacklist-protect

Proteção avançada WordPress: blacklists automáticas, bloqueio por país (MaxMind), anti força bruta, reCAPTCHA e proteção XML-RPC.

40 active installs v0.7.0 PHP 8.2+ WP 6.7+ Updated Unknown
blacklistbrute-forcegeolocationip-blocksecurity
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Download
Safety Verdict

Is Dolutech Blacklist Protect Safe to Use in 2026?

Generally Safe

Score 100/100

Dolutech Blacklist Protect has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs
Risk Assessment

The "dolutech-blacklist-protect" plugin v0.7.0 exhibits a generally strong security posture based on the provided static analysis. The plugin demonstrates good practices by not exposing any direct AJAX handlers or REST API routes without proper authentication or permission checks, and it effectively utilizes prepared statements for all its SQL queries. The significant number of nonce checks and the high percentage of properly escaped output further contribute to its security. However, the analysis does highlight potential areas for concern. The presence of unsanitized paths in 3 out of 5 analyzed taint flows, even without critical or high severity, warrants attention as it could indicate potential for path traversal vulnerabilities or insecure file handling. Furthermore, the single cron event, while not explicitly detailed, could be a point of vulnerability if not carefully implemented. The absence of any recorded vulnerabilities (CVEs) in its history is a positive indicator, suggesting a history of secure development, but this does not negate the risks identified in the static analysis.

Key Concerns

  • Unsanitized paths in taint flows
  • File operations detected
  • External HTTP requests detected
  • Cron events detected
Vulnerabilities
None known

Dolutech Blacklist Protect Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

Dolutech Blacklist Protect Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
21
135 escaped
Nonce Checks
19
Capability Checks
0
File Operations
1
External Requests
4
Bundled Libraries
0

Output Escaping

87% escaped156 total outputs
Data Flows
3 unsanitized

Data Flow Analysis

5 flows3 with unsanitized paths
<functions> (includes\functions.php:0)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

Dolutech Blacklist Protect Attack Surface

Entry Points0
Unprotected0
WordPress Hooks 16
actionadmin_menuincludes\admin-page.php:3
actionblwp_update_blacklist_hookincludes\cron-jobs.php:2
actioninitincludes\functions.php:232
actioninitincludes\functions.php:573
actionblwp_update_blacklist_hookincludes\functions.php:783
actionwp_authenticateincludes\functions.php:800
actionauthenticateincludes\functions.php:801
actionwp_login_failedincludes\functions.php:895
filterlogin_errorsincludes\functions.php:962
actionblwp_update_blacklist_hookincludes\functions.php:1049
actioninitincludes\functions.php:1070
filterxmlrpc_methodsincludes\functions.php:1136
actioninitincludes\integration-security-plugins.php:3
actionsecurity_plugin_ip_blockedincludes\integration-security-plugins.php:9
actioninitincludes\maxmind-integration.php:212
actionblwp_update_blacklist_hookincludes\maxmind-integration.php:325

Scheduled Events 1

blwp_update_blacklist_hook
Maintenance & Trust

Dolutech Blacklist Protect Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5
Last updatedUnknown
PHP min version8.2
Downloads729

Community Trust

Rating100/100
Number of ratings4
Active installs40
Alternatives

Dolutech Blacklist Protect Alternatives

Advanced Country Blocker

Advanced Country Blocker

advanced-country-blocker

A
99

An advanced security plugin that blocks website visitors by country, with additional features like blacklisting, logging blocked attempts, admin bypas &hellip;

2K 1 CVE
AIS: IP Blocker

AIS: IP Blocker

ais-ip-blocker

A
100

Blocks malicious IP Addresses, Spammers and Hackers from accessing page without compromising the performance of your WordPress Website.

10 No CVEs
Guardify Firewall

Guardify Firewall

guardify

A
100

Guardify is a powerful WordPress firewall plugin designed to protect your website from a wide range of threats, including brute force attacks, SQL inj &hellip;

10 No CVEs
Limit Login Attempts Reloaded – Login Security, Brute Force Protection, Firewall

Limit Login Attempts Reloaded – Login Security, Brute Force Protection, Firewall

limit-login-attempts-reloaded

A
98

Block excessive login attempts and protect your site against brute force attacks. Simple, yet powerful tools to improve site performance.

2.0M 4 CVEs
Solid Security – Password, Two Factor Authentication, and Brute Force Protection

Solid Security – Password, Two Factor Authentication, and Brute Force Protection

better-wp-security

A
93

Harden your site security with Login Security, Two-Factor Authentication (2FA), Vulnerability Scanner, Firewall, and more. Formerly iThemes Security.

700K 19 CVEs
Developer Profile

Dolutech Blacklist Protect Developer Profile

Lucas Catão Moraes

3 plugins · 40 total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Dolutech Blacklist Protect

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/dolutech-blacklist-protect/assets/css/admin-style.css/wp-content/plugins/dolutech-blacklist-protect/assets/js/admin-script.js
Script Paths
/wp-content/plugins/dolutech-blacklist-protect/assets/js/admin-script.js
Version Parameters
dolutech-blacklist-protect/assets/css/admin-style.css?ver=dolutech-blacklist-protect/assets/js/admin-script.js?ver=

HTML / DOM Fingerprints

CSS Classes
blwp-admin-wrap
FAQ

Frequently Asked Questions about Dolutech Blacklist Protect