Is this All In One Security & Firewall Plugin GDPR compliant?

Web logs in this context are not a punishable offence under the GDPR, if you have a legal basis for retaining those logs and reasonable retention and data minimisation policies.
When storing IP’s for security reasons you have a legitimate interest (one of the six legal bases under the GDPR) to combat fraud and maintain information security (blocking IP’s to prevent brute force attacks).

It really boils down to;
If you are retaining the IP’s purely for security reasons that you should be fine (as long as you minimisation and retention policies).
If you are using any of the IP’s in your logs for analytics or marketing/sales without user consent then you are not GDPR compliant.

If you have any concerns I would advise that you consult your Data Protection Officer (DPO) or GDPR advisor who should be able to advise you further.