As of April 2026, Balada Fix is a WordPress balada plugin with 0 active installations and a 5/5 rating from 1 reviews. It has been downloaded 53 times in total. Requires WordPress 5.0+ and PHP 7.2+. Available on WordPress.org since 2026. Actively maintained — updated within the last month.
5/51 reviews
0active installs
53total downloads
1 monthsince 2026
Overview
Balada Fix protects your site from unauthenticated abuse of specific WordPress REST API endpoints. Such endpoints (for example the tagDiv theme’s wp-json/tdw/save_css) are often targeted by the “Balada Injector” and similar campaigns to inject malicious scripts.
- Add one or more REST path patterns in Settings → Balada Fix (one per line).
- Only logged-in administrators with the
edit_theme_optionscapability can access those paths. - Unauthenticated or unauthorized requests receive a 403 Forbidden response.
Default protected path: tdw/save_css (tagDiv / Newspaper theme vulnerability).
Screenshots
Ratings & Reviews
51 reviews
5 ★
1
4 ★
0
3 ★
0
2 ★
0
1 ★
0
Compatibility
| WordPress | 5.0+ requiredTested up to 6.9.4 |
| PHP | 7.2+ required |
Frequently Asked Questions
Changelog
1.1.0
- Added Settings → Balada Fix page to configure blocked paths.
- Support for multiple paths (one per line).
- Default path: tdw/save_css.
Contributors
Plugin data sourced from WordPress.org. Analysis and metrics by PluginSift.