exploitDog

CVE-2025-9196

Опубликовано: 11 окт. 2025

Источник: nvd

CVSS3: 5.3

EPSS Низкий

Описание

The Trinity Audio – Text to Speech AI audio player to convert content into audio plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 5.21.0 via the ~/admin/inc/phpinfo.php file that gets created on install. This makes it possible for unauthenticated attackers to extract sensitive data including configuration data.

Ссылки

EPSS

Процентиль: 75%

0.00871

Низкий

5.3 Medium

CVSS3

Дефекты

CWE-200

Связанные уязвимости

GHSA-4c4v-q7vw-5qgg

CVSS3: 5.3

github

23 дня назад

The Trinity Audio – Text to Speech AI audio player to convert content into audio plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 5.21.0 via the ~/admin/inc/phpinfo.php file that gets created on install. This makes it possible for unauthenticated attackers to extract sensitive data including configuration data.

EPSS

Процентиль: 75%

0.00871

Низкий

5.3 Medium

CVSS3

Дефекты

CWE-200