42 matches found
CVE-2025-9886
The Trinity Audio – Text to Speech AI audio player to convert content into audio plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 5.20.2. This is due to missing or incorrect nonce validation in the '/admin/inc/post-management.php' file. This...
EUVD-2025-32406
The Trinity Audio – Text to Speech AI audio player to convert content into audio plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'range-date' parameter in all versions up to, and including, 5.20.2 due to insufficient input sanitization and output escaping. This makes ...
CVE-2025-9886
The Trinity Audio – Text to Speech AI audio player to convert content into audio plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 5.20.2. This is due to missing or incorrect nonce validation in the '/admin/inc/post-management.php' file. This...
CVE-2025-9886 Trinity Audio <= 5.20.2 - Cross-Site Request Forgery
The Trinity Audio – Text to Speech AI audio player to convert content into audio plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 5.20.2. This is due to missing or incorrect nonce validation in the '/admin/inc/post-management.php' file. This...
CVE-2025-9886 Trinity Audio <= 5.20.2 - Cross-Site Request Forgery
The Trinity Audio – Text to Speech AI audio player to convert content into audio plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 5.20.2. This is due to missing or incorrect nonce validation in the '/admin/inc/post-management.php' file. This...
CVE-2025-9886
CVE-2025-9886 : Trinity Audio – Text to Speech AI audio player for WordPress has a Cross-Site Request Forgery vulnerability up to version 5.20.2 caused by missing nonce validation in admin/inc/post-management.php. This allows unauthenticated attackers to activate/deactivate posts via forged reque...
CVE-2025-9952 Trinity Audio <= 5.20.2 - Reflected Cross-Site Scripting
The Trinity Audio – Text to Speech AI audio player to convert content into audio plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'range-date' parameter in all versions up to, and including, 5.20.2 due to insufficient input sanitization and output escaping. This makes ...
CVE-2025-9952
CVE-2025-9952 refers to a Reflected Cross-Site Scripting vulnerability in the Trinity Audio – Text to Speech AI audio player plugin for WordPress, affecting versions up to and including 5.20.2. The issue arises from insufficient input sanitization and output escaping in the range-date parameter, ...
CVE-2025-9952 Trinity Audio <= 5.20.2 - Reflected Cross-Site Scripting
The Trinity Audio – Text to Speech AI audio player to convert content into audio plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'range-date' parameter in all versions up to, and including, 5.20.2 due to insufficient input sanitization and output escaping. This makes ...
WordPress plugin Trinity Audio 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site request...
PT-2025-40624
Name of the Vulnerable Software and Affected Versions Trinity Audio – Text to Speech AI audio player plugin for WordPress versions prior to 5.20.2 Description The software is susceptible to Cross-Site Request Forgery. This is because of a lack of, or incorrect, nonce validation in the...
WordPress plugin Trinity Audio 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...
WordPress Trinity Audio plugin <= 5.20.2 - Cross-Site Request Forgery vulnerability
Cross-Site Request Forgery vulnerability discovered by Moose Love in WordPress Plugin Trinity Audio versions = 5.20.2...
WordPress Trinity Audio plugin <= 5.20.2 - Reflected Cross-Site Scripting vulnerability
Reflected Cross-Site Scripting vulnerability discovered by Moose Love in WordPress Plugin Trinity Audio versions = 5.20.2...
EUVD-2025-17280
Malicious code in bioql PyPI...
CVE-2025-49272
Missing Authorization vulnerability in sergiotrinity Trinity Audio trinity-audio allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Trinity Audio: from n/a through = 5.20.0...
CVE-2025-49272
Missing Authorization vulnerability in sergiotrinity Trinity Audio trinity-audio allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Trinity Audio: from n/a through = 5.20.0...
CVE-2025-49272
CVE-2025-49272 is a Missing Authorization vulnerability in Trinity Audio (sergiotrinity), affecting Trinity Audio versions up to 5.20.0. The issue stems from incorrectly configured access controls. CVSSv3.1 base score is 4.3 (Medium): AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N. Wordfence notes the vulne...
CVE-2025-49272 WordPress Trinity Audio <= 5.20.0 - Broken Access Control Vulnerability
Missing Authorization vulnerability in sergiotrinity Trinity Audio allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Trinity Audio: from n/a through 5.20.0...
CVE-2025-49272 WordPress Trinity Audio plugin <= 5.20.0 - Broken Access Control Vulnerability
Missing Authorization vulnerability in sergiotrinity Trinity Audio trinity-audio allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Trinity Audio: from n/a through = 5.20.0...