The plugin is vulnerable to IP spoofing if the user makes use of the trusted proxies functionality in the plugin. An attacker can exploit this by banning search engine crawlers, the site’s reverse proxy, or legitimate users at the fail2ban level.