The plugin is wide open to IP spoofing, which an attacker can exploit to permanently ban search engine crawlers, the site’s reverse proxy, or legitimate users locally and in CleanTalk’s remote WAF.