CVE-2026-13250
Solace Extra (WordPress) up to version 1.5.3 is affected by an authorization bypass in the delete_previously_imported AJAX action. The issue allows unauthenticated users to permanently delete content imported via the Starter Template (posts, pages, media, WooCommerce products, terms, sitebuilder ...