It is a continuing bad sign for the overall security of WordPress plugins that so many security plugins have security vulnerabilities of their own. We ran across one such plugin, Deny All Firewall, due to our monitoring of changelog entries of plugins to keep customer of our service aware of vulnerabilities that were or are in the plugins they use. The plugin is described as:

This plugin examines your WordPress installation and allows you to inject rules into your .htaccess file which completely block access to everything except genuine site content. [Read more]