WP-Safety

Easy IP Blocker Security & Risk Analysis

wordpress.org/plugins/easy-ip-blocker

Easily blocks IPs from the WP dashboard

200 active installs v1.0.4 PHP + WP 5.0+ Updated Oct 24, 2022
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Easy IP Blocker Safe to Use in 2026?

Generally Safe

Score 85/100

Easy IP Blocker has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 3yr ago
Risk Assessment

The easy-ip-blocker v1.0.4 plugin exhibits a generally good security posture based on the provided static analysis. The absence of identified dangerous functions, raw SQL queries, and external HTTP requests is commendable. Furthermore, the high percentage of properly escaped output and the presence of nonce checks suggest developers have implemented some common security best practices.

However, a notable concern arises from the taint analysis, which revealed one flow with an unsanitized path. While no critical or high severity issues were flagged, an unsanitized path presents a potential vector for manipulation, especially if user-supplied input reaches this point. The lack of identified capability checks on any entry points is also a weakness, as it means authorization might not be granularly enforced, though the absence of entry points mitigates this immediate risk.

With no recorded historical vulnerabilities, the plugin's past indicates a stable security record. In conclusion, while the plugin has strengths in its sanitized SQL and output escaping, the single unsanitized path flow and the absence of capability checks represent areas that could be strengthened to achieve a more robust security profile.

Key Concerns

  • Flow with unsanitized path found
  • No capability checks on entry points
Vulnerabilities
None known

Easy IP Blocker Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

Easy IP Blocker Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
2
20 escaped
Nonce Checks
1
Capability Checks
0
File Operations
0
External Requests
0
Bundled Libraries
0

Output Escaping

91% escaped22 total outputs
Data Flows
1 unsanitized

Data Flow Analysis

2 flows1 with unsanitized paths
settings_page (includes\class-easy-ip-blocker-settings.php:291)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

Easy IP Blocker Attack Surface

Entry Points0
Unprotected0
WordPress Hooks 5
actioninitincludes\class-easy-ip-blocker-settings.php:64
actionadmin_initincludes\class-easy-ip-blocker-settings.php:67
actionadmin_menuincludes\class-easy-ip-blocker-settings.php:70
actioninitincludes\class-easy-ip-blocker.php:153
actioninitincludes\class-easy-ip-blocker.php:155
Maintenance & Trust

Easy IP Blocker Maintenance & Trust

Maintenance Signals

WordPress version tested6.0.11
Last updatedOct 24, 2022
PHP min version
Downloads6K

Community Trust

Rating100/100
Number of ratings1
Active installs200
Alternatives

Easy IP Blocker Alternatives

No alternatives data available yet.

Developer Profile

Easy IP Blocker Developer Profile

Carl Alberto

6 plugins · 400 total installs

86
trust score
Avg Security Score
88/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Easy IP Blocker

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/easy-ip-blocker/includes/css/settings.css/wp-content/plugins/easy-ip-blocker/includes/js/settings.js
Script Paths
/wp-content/plugins/easy-ip-blocker/includes/js/settings.js
Version Parameters
easy-ip-blocker/includes/js/settings.js?ver=1.0.0

HTML / DOM Fingerprints

Data Attributes
data-token="easy-ip-blocker"
JS Globals
easy_ip_blocker_settings_params
FAQ

Frequently Asked Questions about Easy IP Blocker