Does Tor Blocker by Inazo have any unpatched vulnerabilities?

No. All known vulnerabilities in Tor Blocker by Inazo have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Tor Blocker by Inazo compatible with WordPress 4.9.29?

According to WordPress.org data, Tor Blocker by Inazo 1.1 has been tested up to WordPress 4.9.29. Check the plugin's changelog for the latest compatibility information.

How often is Tor Blocker by Inazo updated?

Tor Blocker by Inazo was last updated on Unknown. Frequent updates are generally a positive security signal.

What is Tor Blocker by Inazo's security score?

Tor Blocker by Inazo has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Tor Blocker by Inazo Security & Risk Analysis

wordpress.org/plugins/tor-blocker-by-inazo

This plugin blocks Tor users by preventing them from viewing your website.

20 active installs v1.1 PHP + WP 4.5.1+ Updated Unknown

ip-blockip-blockersecuritytortor-blocker

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is Tor Blocker by Inazo Safe to Use in 2026?

Generally Safe

Score 100/100

Tor Blocker by Inazo has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs

Risk Assessment

The "tor-blocker-by-inazo" v1.1 plugin exhibits a mixed security posture. On the positive side, there are no identified CVEs in its history, suggesting a generally stable security record. All identified output operations are properly escaped, and there are no external HTTP requests, reducing the risk of certain injection or data leakage vulnerabilities. However, significant concerns arise from the static analysis.

The plugin's code signals reveal a lack of proper security checks, most notably the complete absence of nonce checks and capability checks. This is compounded by the presence of dangerous functions like 'unserialize', which, when used without proper validation of serialized data, can lead to Remote Code Execution (RCE) vulnerabilities. The taint analysis confirms two high-severity flows with unsanitized paths, indicating potential vulnerabilities where user-controlled data could be processed in a dangerous manner.

Despite the clean vulnerability history, the static analysis flags are critical and cannot be overlooked. The lack of nonces and capability checks on entry points, coupled with the use of 'unserialize' and unsanitized taint flows, presents a substantial risk. While no past vulnerabilities have been publicly disclosed, the current code structure is concerning and could be exploited. Therefore, while the plugin has a good track record, its current codebase requires urgent attention to address the identified security weaknesses.

Key Concerns

Dangerous function unserialize used
High severity unsanitized taint flows found
No nonce checks found
No capability checks found
SQL queries not fully using prepared statements

Vulnerabilities

None known

Tor Blocker by Inazo Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Tor Blocker by Inazo Code Analysis

Dangerous Functions

Raw SQL Queries

4 prepared

Unescaped Output

2 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Dangerous Functions Found

unserialize$decoded = unserialize($data);netdns2-master\Net\DNS2\Cache\File.php:117

unserialize$decoded = unserialize($data);netdns2-master\Net\DNS2\Cache\File.php:195

unserialize$decoded = unserialize($data);netdns2-master\Net\DNS2\Cache\Shm.php:153

unserialize$decoded = unserialize($data);netdns2-master\Net\DNS2\Cache\Shm.php:246

unserializereturn unserialize($this->cache_data[$key]['object']);netdns2-master\Net\DNS2\Cache.php:119

SQL Query Safety

50% prepared8 total queries

Output Escaping

100% escaped2 total outputs

Data Flows

2 unsanitized

Data Flow Analysis

2 flows2 with unsanitized paths

checkIsTorConnexion (inazo.real.tor.blocker.php:160)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Tor Blocker by Inazo Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 2

actionsetup_themeinazo.real.tor.blocker.php:222

actioninazo_tor_clean_logsinazo.real.tor.blocker.php:224

Scheduled Events 1

inazo_tor_clean_logs

Maintenance & Trust

Tor Blocker by Inazo Maintenance & Trust

Maintenance Signals

WordPress version tested4.9.29

Last updatedUnknown

PHP min version

Downloads6K

Community Trust

Rating0/100

Number of ratings0

Active installs20

Alternatives

Tor Blocker by Inazo Alternatives

IP & Country Blocker Lite

ip-blocker-lite

100

Advanced WordPress security plugin with IP/country blocking and two-factor authentication for comprehensive website protection.

300 No CVEs

CrowdSec

crowdsec

100

This plugin blocks detected attackers or displays them a captcha to check they are not bots.

2K No CVEs

Advanced IP Blocker

advanced-ip-blocker

100

A complete WordPress security firewall: blocks IPs, bots & countries. Includes an intelligent WAF, Threat Scoring, Geo-Challenge, 2FA, and Anti-Sp …

1K No CVEs

Proxy & VPN Blocker

proxy-vpn-blocker

Block VPNs, proxies, Tor, and spam on WordPress. Strengthen security and stop fake users with smart IP blocking via proxycheck.io.

1K 1 CVE

Anti Fake Orders & IP Blocker

anti-fake-orders-ip-blocker

100

Protect your WooCommerce store from fake orders by blocking suspicious IPs, emails, and detecting bot checkout activity.

400 No CVEs

Developer Profile

Tor Blocker by Inazo Developer Profile

inazo

3 plugins · 4K total installs

trust score

Avg Security Score

92/100

Avg Patch Time

2695 days

View full developer profile

Detection Fingerprints

How We Detect Tor Blocker by Inazo

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

HTML / DOM Fingerprints

Shortcode Output

<strong>Connections from the Tor network are not allowed on this website.</strong>

FAQ