VYPR
Medium severity5.3NVD Advisory· Published Oct 11, 2025· Updated Apr 15, 2026

CVE-2025-9196

CVE-2025-9196

Description

The Trinity Audio – Text to Speech AI audio player to convert content into audio plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 5.21.0 via the ~/admin/inc/phpinfo.php file that gets created on install. This makes it possible for unauthenticated attackers to extract sensitive data including configuration data.

Affected products

2

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.