Does Failed Login Firewall reporting have any unpatched vulnerabilities?

No. All known vulnerabilities in Failed Login Firewall reporting have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Failed Login Firewall reporting compatible with WordPress 5.9.13?

According to WordPress.org data, Failed Login Firewall reporting 0.32 has been tested up to WordPress 5.9.13. Check the plugin's changelog for the latest compatibility information.

How often is Failed Login Firewall reporting updated?

Failed Login Firewall reporting was last updated on Mar 3, 2022. Frequent updates are generally a positive security signal.

What is Failed Login Firewall reporting's security score?

Failed Login Firewall reporting has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Failed Login Firewall reporting Security & Risk Analysis

wordpress.org/plugins/failed-login-firewall

Report failed logins to centralized database and block IPs on firewall level!

50 active installs v0.32 PHP + WP 3.0.1+ Updated Mar 3, 2022

apfcsffirewallloginsecurity

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Failed Login Firewall reporting Safe to Use in 2026?

Generally Safe

Score 85/100

Failed Login Firewall reporting has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 4yr ago

Risk Assessment

The plugin 'failed-login-firewall' v0.32 demonstrates a generally good security posture based on the static analysis. The absence of any attack surface points, dangerous functions, raw SQL queries, or identified taint flows is a significant strength. The plugin also boasts no known historical vulnerabilities, indicating a history of secure development or prompt patching.

However, there are notable areas for improvement. The most concerning finding is that 0% of the 2 total output escape checks passed. This suggests that data output by the plugin might not be properly sanitized, potentially leading to cross-site scripting (XSS) vulnerabilities if user-supplied data is included in the output. While the plugin only makes one external HTTP request, the lack of information on whether this request is secured or validated warrants further investigation.

In conclusion, 'failed-login-firewall' v0.32 has a solid foundation with no identified critical flaws in its entry points or data handling. The primary concern lies with output escaping, which needs immediate attention to prevent potential XSS attacks. The lack of historical vulnerabilities is a positive indicator, but the current output escaping issue introduces a tangible risk.

Key Concerns

Output escaping is not properly implemented

Vulnerabilities

None known

Failed Login Firewall reporting Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Failed Login Firewall reporting Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

0 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

0% escaped2 total outputs

Attack Surface

Failed Login Firewall reporting Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 4

actionadmin_menuclass.failed_login_firewall.admin.php:21

actionwp_login_failedclass.failed_login_firewall.php:21

actioninitfailed-login-firewall.php:26

actioninitfailed-login-firewall.php:33

Maintenance & Trust

Failed Login Firewall reporting Maintenance & Trust

Maintenance Signals

WordPress version tested5.9.13

Last updatedMar 3, 2022

PHP min version

Downloads2K

Community Trust

Rating100/100

Number of ratings2

Active installs50

Alternatives

Failed Login Firewall reporting Alternatives

Limit Login Attempts Reloaded – Login Security, Brute Force Protection, Firewall

limit-login-attempts-reloaded

Block excessive login attempts and protect your site against brute force attacks. Simple, yet powerful tools to improve site performance.

2.0M 4 CVEs

All-In-One Security (AIOS) – Security and Firewall

all-in-one-wp-security-and-firewall

Protect your website investment with All-In-One Security (AIOS) – a comprehensive and easy to use security plugin designed especially for WordPress.

1.0M 26 CVEs

Security Optimizer – The All-In-One Protection Plugin

sg-security

Secure your WordPress site from brute-force attacks, threats, malware, and bots. Free to use and easy to set up.

1.0M 5 CVEs

WP Ghost (Hide My WP Ghost) – Security & Firewall

hide-my-wp

Hide and Secure WP paths, wp-login, wp-admin, and more. Hack Prevention, Security, Brute Force protection, 8G Firewall, 2FA Passkey Login, and more.

100K 7 CVEs

Defender Security – Malware Scanner, Login Security & Firewall

defender-security

WordPress security plugin with malware scanner, IP blocking, audit logs, antivirus scans, firewall, 2FA, brute force login security, and more.

90K 7 CVEs

Developer Profile

Failed Login Firewall reporting Developer Profile

Anton Aleksandrov

2 plugins · 4K total installs

trust score

Avg Security Score

92/100

Avg Patch Time

7 days

View full developer profile

Detection Fingerprints

How We Detect Failed Login Firewall reporting

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Version Parameters

failed-login-firewall/style.css?ver=failed-login-firewall/script.js?ver=

HTML / DOM Fingerprints

FAQ