全新外掛
安裝啟用
★★★★★
5/5 分(1 則評價)
21 天前
最後更新
—
問題解決
WordPress 5.0+ PHP 7.2+ v1.1.0 上架:2026-03-25
內容簡介
Balada Fix 外掛可保護您的網站免受未經身份驗證的特定 WordPress REST API 端點的濫用,防止惡意腳本的注入攻擊,確保網站安全。
【主要功能】
• 保護特定 REST API 端點
• 僅允許已登入的管理員訪問
• 對未經授權的請求回應 403 Forbidden
• 可自訂多個 REST 路徑模式
外掛標籤
開發者團隊
原文外掛簡介
Balada Fix protects your site from unauthenticated abuse of specific WordPress REST API endpoints. Such endpoints (for example the tagDiv theme’s wp-json/tdw/save_css) are often targeted by the “Balada Injector” and similar campaigns to inject malicious scripts.
Add one or more REST path patterns in Settings → Balada Fix (one per line).
Only logged-in administrators with the edit_theme_options capability can access those paths.
Unauthenticated or unauthorized requests receive a 403 Forbidden response.
Default protected path: tdw/save_css (tagDiv / Newspaper theme vulnerability).