Title: Balada Fix
Author: vladanrs
Published: <strong>Ẹrẹ́nà 26, 2026</strong>
Last modified: Ẹrẹ́nà 26, 2026

---

Ṣàwárí àwọn plugin

![](https://ps.w.org/balada-fix/assets/icon-256x256.png?rev=3491702)

# Balada Fix

 Láti ọwọ́ [vladanrs](https://profiles.wordpress.org/vladanrs/)

[Ṣe ìgbàsílẹ̀](https://downloads.wordpress.org/plugin/balada-fix.1.1.0.zip)

 * [Àwọn àlàyé](https://yor.wordpress.org/plugins/balada-fix/#description)
 * [Àwọn àgbéyẹ̀wò](https://yor.wordpress.org/plugins/balada-fix/#reviews)
 *  [Ìgbéwọlẹ̀](https://yor.wordpress.org/plugins/balada-fix/#installation)
 * [Ìdàgbàsókè](https://yor.wordpress.org/plugins/balada-fix/#developers)

 [Ìrànlọ́wọ́](https://wordpress.org/support/plugin/balada-fix/)

## Àpèjúwe

Balada Fix protects your site from unauthenticated abuse of specific WordPress REST
API endpoints. Such endpoints (for example the tagDiv themeÌtumọ̀ Yorùbá: ’s `wp-
json/tdw/save_css`) are often targeted by the “Balada Injector” and similar campaigns
to inject malicious scripts.

 * Add one or more REST path patterns in **Settings  Balada Fix** (one per line).
 * Only logged-in administrators with the `edit_theme_options` capability can access
   those paths.
 * Unauthenticated or unauthorized requests receive a 403 Forbidden response.

Default protected path: `tdw/save_css` (tagDiv / Newspaper theme vulnerability).

## Àwọn àwòrán ìbòjú

 * [[
 * Screenshot installed plugin

## Ìgbéwọlẹ̀

 1. Upload the plugin files to `/wp-content/plugins/balada-fix/`, or install through
    WordPress Plugins  Add New  Upload.
 2. Activate the plugin through the Plugins screen.
 3. Go to Settings  Balada Fix to review or add blocked paths (one per line, e.g. `
    wp-json/tdw/save_css` or `tdw/save_css`).

## FAQ

### Which paths should I add?

Add the REST path that is known to be vulnerable and should only be used by admins.
Example: `tdw/save_css` for the tagDiv Composer / Newspaper theme. You can use the
full path like `wp-json/tdw/save_css` or the short form `tdw/save_css`.

### Will this break my theme?

No. Legitimate use (when you are logged in as an administrator) continues to work.
Only unauthenticated or non-admin access to the listed paths is blocked.

## Àwọn àgbéyẹ̀wò

![](https://secure.gravatar.com/avatar/39818c0d4d0fcdb8b3915ef9a94e24d47d1d0b9cc0ddf54e7eb2bd38f211d1aa?
s=60&d=retro&r=g)

### 󠀁[Clean and easy](https://wordpress.org/support/topic/clean-and-easy-34/)󠁿

 [vladan92](https://profiles.wordpress.org/vladan92/) Ẹrẹ́nà 26, 2026

Works perfect!

 [ Ka gbogbo àgbéyẹ̀wò 1 ](https://wordpress.org/support/plugin/balada-fix/reviews/)

## Àwọn Olùkópa & Olùgbéejáde

“Balada Fix” jẹ́ ètò ìṣàmúlò orísun ṣíṣí sílẹ̀. Àwọn ènìyàn wọ̀nyí ti ṣe ìkópa sí
plugin yìí.

Àwọn Olùkópa

 *   [ vladanrs ](https://profiles.wordpress.org/vladanrs/)

[Túmọ̀ “Balada Fix” sí èdè rẹ.](https://translate.wordpress.org/projects/wp-plugins/balada-fix)

### Ṣe o nífẹ̀ẹ́ sí ìdàgbàsókè?

[Ṣàwárí koodu](https://plugins.trac.wordpress.org/browser/balada-fix/), ṣàyẹ̀wò 
[ibi ìpamọ́ SVN](https://plugins.svn.wordpress.org/balada-fix/), tàbí ṣe àgbékalẹ̀
sí [àkọsílẹ̀ ìdàgbàsókè](https://plugins.trac.wordpress.org/log/balada-fix/) nípasẹ̀
[RSS](https://plugins.trac.wordpress.org/log/balada-fix/?limit=100&mode=stop_on_copy&format=rss).

## Àkọsílẹ̀ àwọn àyípadà

#### 1.1.0

 * Added Settings  Balada Fix page to configure blocked paths.
 * Support for multiple paths (one per line).
 * Default path: tdw/save_css.

#### 1.0.0

 * Initial release. Blocked unauthenticated access to tdw/save_css.

## Àkójọpọ̀ Meta

 *  Ẹ̀yà **1.1.0**
 *  Ìgbàgbọ́hùn tó kẹ́yìn **oṣù 2 sẹ́yìn**
 *  Àwọn ìgbéwọlẹ̀ tó ṣiṣẹ́ **10+**
 *  Ẹ̀yà WordPress ** 5.0 tàbí ju bẹ́ẹ̀ lọ **
 *  Dánwò dé **6.9.4**
 *  Ẹ̀yà PHP ** 7.2 tàbí ju bẹ́ẹ̀ lọ **
 *  Èdè
 * [English (US)](https://wordpress.org/plugins/balada-fix/)
 * Àwọn àmì
 * [injector](https://yor.wordpress.org/plugins/tags/injector/)[rest-api](https://yor.wordpress.org/plugins/tags/rest-api/)
   [security](https://yor.wordpress.org/plugins/tags/security/)[wp-json](https://yor.wordpress.org/plugins/tags/wp-json/)
 *  [Ìwòye Tó Péye](https://yor.wordpress.org/plugins/balada-fix/advanced/)

## Àwọn ìbò

 5 lára àwọn ìràwọ̀ 5.

 *  [  1 5-star review     ](https://wordpress.org/support/plugin/balada-fix/reviews/?filter=5)
 *  [  0 4-star reviews     ](https://wordpress.org/support/plugin/balada-fix/reviews/?filter=4)
 *  [  0 3-star reviews     ](https://wordpress.org/support/plugin/balada-fix/reviews/?filter=3)
 *  [  0 2-star reviews     ](https://wordpress.org/support/plugin/balada-fix/reviews/?filter=2)
 *  [  0 1-star reviews     ](https://wordpress.org/support/plugin/balada-fix/reviews/?filter=1)

[Your review](https://wordpress.org/support/plugin/balada-fix/reviews/#new-post)

[See all reviews](https://wordpress.org/support/plugin/balada-fix/reviews/)

## Àwọn Olùkópa

 *   [ vladanrs ](https://profiles.wordpress.org/vladanrs/)

## Ìrànlọ́wọ́

Nǹkan wà tí o fẹ́ sọ? Ṣé o nílò ìrànlọ́wọ́?

 [Wo àpéjọ ìrànlọ́wọ́](https://wordpress.org/support/plugin/balada-fix/)