Does Fense Proxy & VPN Blocker have any unpatched vulnerabilities?

No. All known vulnerabilities in Fense Proxy & VPN Blocker have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Fense Proxy & VPN Blocker compatible with WordPress 6.8.5?

According to WordPress.org data, Fense Proxy & VPN Blocker 2.9.0 has been tested up to WordPress 6.8.5. Check the plugin's changelog for the latest compatibility information.

Is Fense Proxy & VPN Blocker compatible with PHP 7.4+?

Fense Proxy & VPN Blocker requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Fense Proxy & VPN Blocker updated?

Fense Proxy & VPN Blocker was last updated on Aug 15, 2025. Frequent updates are generally a positive security signal.

What is Fense Proxy & VPN Blocker's security score?

Fense Proxy & VPN Blocker has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Fense Proxy & VPN Blocker Security & Risk Analysis

wordpress.org/plugins/fense-block-vpn-proxy

Blocks Proxies, VPN's, IP's, Ranges & ASN's accessing your site login or commenting on pages & posts using the Fense.in API.

90 active installs v2.9.0 PHP 7.4+ WP 4.9+ Updated Aug 15, 2025

adsensedevozonfenseproxyproxy-blocker

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Fense Proxy & VPN Blocker Safe to Use in 2026?

Generally Safe

Score 100/100

Fense Proxy & VPN Blocker has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 7mo ago

Risk Assessment

The "fense-block-vpn-proxy" plugin v2.9.0 exhibits a mixed security posture. On the positive side, the plugin demonstrates good practices by utilizing prepared statements for all SQL queries and has no recorded history of vulnerabilities, which suggests a potentially stable and well-maintained codebase. However, a significant concern is the presence of four unprotected AJAX handlers, representing the entire attack surface. This lack of authentication and authorization on all entry points is a critical weakness that could allow unauthenticated users to trigger potentially harmful actions within the plugin.

While the static analysis did not reveal any critical taint flows or dangerous functions, the absence of proper checks on AJAX endpoints creates a substantial risk. The 41% of improperly escaped output also presents a risk of Cross-Site Scripting (XSS) vulnerabilities, especially when combined with the unprotected AJAX handlers. The plugin's reliance on external HTTP requests, though not inherently a vulnerability, could be a vector for other attacks if the target endpoints are compromised or if the data transmitted is not handled securely.

In conclusion, the plugin's strength lies in its clean SQL handling and lack of historical vulnerabilities. However, the unprotected AJAX handlers are a glaring security flaw that overshadows these strengths. The risk of XSS due to imperfect output escaping, combined with the exposed AJAX endpoints, makes this plugin a potential target for exploitation. Further investigation into the functionality of these AJAX handlers is highly recommended.

Key Concerns

Unprotected AJAX handlers
Significant unescaped output

Vulnerabilities

None known

Fense Proxy & VPN Blocker Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Fense Proxy & VPN Blocker Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

114 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

59% escaped192 total outputs

Attack Surface

4 unprotected

Fense Proxy & VPN Blocker Attack Surface

Entry Points4

Unprotected4

AJAX Handlers 4

noprivwp_ajax_fense_bpvt_save_settingsincludes\system\fense-bpvt-header-code.php:48

authwp_ajax_fense_bpvt_save_settingsincludes\system\fense-bpvt-header-code.php:49

noprivwp_ajax_FENSE_BPVT_get_Fense_dataincludes\system\fense-bpvt-load-stats.php:25

authwp_ajax_FENSE_BPVT_get_Fense_dataincludes\system\fense-bpvt-load-stats.php:26

WordPress Hooks 16

actionadmin_menuadmin\class-fense-bpvt-admin.php:47

actionadmin_initadmin\class-fense-bpvt-admin.php:48

actionadmin_noticesadmin\class-fense-bpvt-admin.php:171

actionplugins_loadedincludes\class-fense-bpvt.php:238

actionadmin_enqueue_scriptsincludes\class-fense-bpvt.php:254

actionadmin_enqueue_scriptsincludes\class-fense-bpvt.php:255

actionwp_enqueue_scriptsincludes\class-fense-bpvt.php:269

actionwp_headincludes\core\class-fense-bpvt-run.php:96

actionwp_headincludes\core\class-fense-bpvt-run.php:307

actionwpincludes\system\fense-bpvt-api-call.php:25

actionlogin_initincludes\system\fense-bpvt-api-call.php:27

actionlogin_formincludes\system\fense-bpvt-api-call.php:29

actionmuplugins_loadedincludes\system\fense-bpvt-api-call.php:31

actionplugins_loadedincludes\system\fense-bpvt-api-call.php:32

actionadmin_noticesincludes\system\fense-bpvt-check-version.php:65

actioninitincludes\system\fense-bpvt-plugin-updates.php:38

Maintenance & Trust

Fense Proxy & VPN Blocker Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5

Last updatedAug 15, 2025

PHP min version7.4

Downloads3K

Community Trust

Rating100/100

Number of ratings1

Active installs90

Alternatives

Fense Proxy & VPN Blocker Alternatives

Proxy & VPN Blocker

proxy-vpn-blocker

Block VPNs, proxies, Tor, and spam on WordPress. Strengthen security and stop fake users with smart IP blocking via proxycheck.io.

1K 1 CVE

Site Kit by Google – Analytics, Search Console, AdSense, Speed

google-site-kit

100

Site Kit is a one-stop solution for WordPress users to use everything Google has to offer to make them successful on the web.

5.0M 1 CVE

Ad Inserter – Ad Manager & AdSense Ads

ad-inserter

Manage Google AdSense ads, banners, ad rotation, sticky widgets, AMP ads, ads.txt, tracking, header and footer code, PHP code, global custom fields

300K 12 CVEs

Advanced Ads – Ad Manager & AdSense

advanced-ads

The only complete toolkit for all ad types. Grow your revenue with AdSense, Amazon—or any affiliate network. Get pinpoint targeting and best support!

100K 8 CVEs

Proxy Cache Purge

varnish-http-purge

100

Automatically empty proxy cached content when your site is modified.

40K No CVEs

Developer Profile

Fense Proxy & VPN Blocker Developer Profile

Devozon

1 plugin · 90 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Fense Proxy & VPN Blocker

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/fense-block-vpn-proxy/theme/css/bootstrap-rtl.min.css/wp-content/plugins/fense-block-vpn-proxy/theme/css/app-rtl.min.css/wp-content/plugins/fense-block-vpn-proxy/theme/css/bootstrap.min.css/wp-content/plugins/fense-block-vpn-proxy/theme/css/app.min.css/wp-content/plugins/fense-block-vpn-proxy/theme/css/icons.min.css/wp-content/plugins/fense-block-vpn-proxy/css/fense-bpvt-admin.css/wp-content/plugins/fense-block-vpn-proxy/css/bootstrap-tagsinput.css/wp-content/plugins/fense-block-vpn-proxy/js/fense-bpvt-options.js+9 more

Script Paths

Version Parameters

fense-bpvt-admin.css?ver=bootstrap-tagsinput.css?ver=fense-bpvt-options.js?ver=fense-bpvt-admin.js?ver=bootstrap.min.js?ver=ms.js?ver=chart.js?ver=bootstrap-tagsinput.min.js?ver=apexcharts.min.js?ver=custom.js?ver=fense-bpvt-admin-settings.js?ver=fense-bpvt.js?ver=

HTML / DOM Fingerprints

CSS Classes

fense_bpvt_contentfense_bpvt_container

HTML Comments

Data Attributes

data-fense-bpvt-option

JS Globals

FENSE_BPVT_ADMIN_DATA

Shortcode Output

[fense_bpvt_settings][fense_bpvt_content]

FAQ