cleantalk
Vulnerabilities and Security Researches

Trinity Audio – Text to Speech AI audio player to convert content into audio, CVE-2025-9196

CVE, Research URL

CVE-2025-9196

Home page URL

Security reports for Trinity Audio – Text to Speech AI audio player to convert content into audio

Application

Trinity Audio – Text to Speech AI audio player to convert content into audio

Published on
Oct 11, 2025
Research Description
The Trinity Audio – Text to Speech AI audio player to convert content into audio plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 5.21.0 via the ~/admin/inc/phpinfo.php file that gets created on install. This makes it possible for unauthenticated attackers to extract sensitive data including configuration data.
Affected versions
max 5.22.0.
Status
vulnerable
Previous vulnerability researches
One Click Accessibility (CVE-2025-32640) , Apr 10, 2025
One Click Accessibility (CVE-2025-10700) , Nov 10, 2025
New vulnerability
Event post (CVE-2025-62042) , Nov 10, 2025
Rock Convert (CVE-2025-62911) , Nov 10, 2025
Wp tabber widget (CVE-2025-10730) , Nov 10, 2025
Flex QR Code Generator (CVE-2025-10041) , Nov 10, 2025
DominoKit (CVE-2025-12350) , Nov 10, 2025