{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-9196", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "state": "PUBLISHED", "assignerShortName": "Wordfence", "dateReserved": "2025-08-19T17:17:55.890Z", "datePublished": "2025-10-11T07:25:57.293Z", "dateUpdated": "2026-04-08T16:57:35.876Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T16:57:35.876Z"}, "affected": [{"vendor": "sergiotrinity", "product": "Trinity Audio \u2013 Text to Speech AI audio player to convert content into audio", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "5.21.0", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "The Trinity Audio \u2013 Text to Speech AI audio player to convert content into audio plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 5.21.0 via the ~/admin/inc/phpinfo.php file that gets created on install. This makes it possible for unauthenticated attackers to extract sensitive data including configuration data."}], "title": "Trinity Audio <= 5.21.0 - Unauthenticated Information Exposure", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/64889659-24d6-40d9-97ba-b448f5205a96?source=cve"}, {"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3373045%40trinity-audio&new=3373045%40trinity-audio&sfp_email=&sfph_mail="}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor", "cweId": "CWE-200", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "baseScore": 5.3, "baseSeverity": "MEDIUM"}}], "credits": [{"lang": "en", "type": "finder", "value": "Moose Love"}], "timeline": [{"time": "2025-09-21T15:23:31.000Z", "lang": "en", "value": "Vendor Notified"}, {"time": "2025-10-10T19:20:55.000Z", "lang": "en", "value": "Disclosed"}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-10-14T13:31:23.432338Z", "id": "CVE-2025-9196", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-10-14T14:12:19.232Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-9196", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-10-14T13:31:23.432338Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-10-14T13:31:25.815Z"}}], "cna": {"title": "Trinity Audio <= 5.21.0 - Unauthenticated Information Exposure", "credits": [{"lang": "en", "type": "finder", "value": "Moose Love"}], "metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}}], "affected": [{"vendor": "sergiotrinity", "product": "Trinity Audio \u2013 Text to Speech AI audio player to convert content into audio", "versions": [{"status": "affected", "version": "*", "versionType": "semver", "lessThanOrEqual": "5.21.0"}], "defaultStatus": "unaffected"}], "timeline": [{"lang": "en", "time": "2025-09-21T15:23:31.000Z", "value": "Vendor Notified"}, {"lang": "en", "time": "2025-10-10T19:20:55.000Z", "value": "Disclosed"}], "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/64889659-24d6-40d9-97ba-b448f5205a96?source=cve"}, {"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3373045%40trinity-audio&new=3373045%40trinity-audio&sfp_email=&sfph_mail="}], "descriptions": [{"lang": "en", "value": "The Trinity Audio \u2013 Text to Speech AI audio player to convert content into audio plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 5.21.0 via the ~/admin/inc/phpinfo.php file that gets created on install. This makes it possible for unauthenticated attackers to extract sensitive data including configuration data."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-200", "description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor"}]}], "providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2025-10-11T07:25:57.293Z"}}}, "cveMetadata": {"cveId": "CVE-2025-9196", "state": "PUBLISHED", "dateUpdated": "2025-10-14T14:12:19.232Z", "dateReserved": "2025-08-19T17:17:55.890Z", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "datePublished": "2025-10-11T07:25:57.293Z", "assignerShortName": "Wordfence"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "The Trinity Audio \u2013 Text to Speech AI audio player to convert content into audio plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 5.21.0 via the ~/admin/inc/phpinfo.php file that gets created on install. This makes it possible for unauthenticated attackers to extract sensitive data including configuration data."}], "id": "CVE-2025-9196", "lastModified": "2026-04-15T00:35:42.020", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 1.4, "source": "security@wordfence.com", "type": "Secondary"}]}, "published": "2025-10-11T08:15:32.353", "references": [{"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3373045%40trinity-audio&new=3373045%40trinity-audio&sfp_email=&sfph_mail="}, {"source": "security@wordfence.com", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/64889659-24d6-40d9-97ba-b448f5205a96?source=cve"}], "sourceIdentifier": "security@wordfence.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-200"}], "source": "security@wordfence.com", "type": "Secondary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-21T18:54:25.327314+00:00", "value": {"mitigation_remediation": ["Upgrade the Trinity Audio plugin to the latest version that removes or protects the phpinfo.php file.", "If upgrading is delayed, delete or rename the admin/inc/phpinfo.php file from the server to eliminate the exposed endpoint.", "Configure the web server or .htaccess rules to block unauthenticated access to the phpinfo.php file or any directory containing sensitive PHP files."], "summary": {"action": "Patch", "impact": "Sensitive Information Exposure"}, "threat_synthesis": {"affected_systems": "All WordPress installations using Trinity Audio 5.21.0 or earlier are affected. The vendor is sergiotrinity; the product is the Trinity Audio \u2013 Text to Speech AI audio player plugin. No specific patch version details are listed in the dataset, but only versions that include the vulnerable phpinfo file need remediation.\n", "description_and_impact": "The Trinity Audio WordPress plugin includes an inc/phpinfo.php file that is created during installation and is improperly exposed. This file allows an external user to view internal configuration data. The vulnerability enables an unauthenticated attacker to retrieve sensitive configuration information without performing further exploitation. It falls under CWE-200 and can compromise confidentiality of site settings.\n", "risk_and_exploitability": "The CVSS score of 5.3 indicates a medium severity. The EPSS score is less than 1%, suggesting that exploitation is currently uncommon. The vulnerability is not present in CISA\u2019s KEV list. Attackers can exploit it by simply accessing the exposed phpinfo.php file via HTTP, without authentication or additional privileges.\n"}}}}, "created": "2025-10-21T13:12:32.267434+00:00", "updated": "2026-04-21T19:00:36.140206+00:00", "vendors": ["sergiotrinity", "sergiotrinity$PRODUCT$trinity_audio", "wordpress", "wordpress$PRODUCT$wordpress"]}