What WordPress plugins block vulnerability scanners? [on hold]

I’m looking for a WordPress plugin which automatically and permanently blocks IP addresses which attempt to access the URLs of known vulnerabilities. In other words, I want to treat known vulnerability addresses like honeypots.

I get hundreds of 404 errors every day from vulnerability scanners, and it seems trivial for a security plugin to identify them by their 404 access attempts.

Examples of 404s that are obviously the result of vulnerability scanning:

  • /408.shtml
  • /wp-content/uploads/settingsimages/2019/04/http:/www.w3.org/1999/xhtml/jsspwned.php

It would be great if it can automatically populate the list of known vulnerable addresses, but if such a program doesn’t exist, I would be open to hearing about plugins which require manually entering a list of URLs. It wouldn’t be too hard to make myself from my 404 logs.