Lucene search
K

42 matches found

RedhatCVE
RedhatCVE
added 2025/10/05 3:37 a.m.14 views

CVE-2025-9886

The Trinity Audio – Text to Speech AI audio player to convert content into audio plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 5.20.2. This is due to missing or incorrect nonce validation in the '/admin/inc/post-management.php' file. This...

4.3CVSS5.3AI score0.00184EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/04 6:30 a.m.13 views

EUVD-2025-32406

The Trinity Audio – Text to Speech AI audio player to convert content into audio plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'range-date' parameter in all versions up to, and including, 5.20.2 due to insufficient input sanitization and output escaping. This makes ...

6.1CVSS5.2AI score0.00257EPSS
Exploits0References5
NVD
NVD
added 2025/10/04 4:16 a.m.32 views

CVE-2025-9886

The Trinity Audio – Text to Speech AI audio player to convert content into audio plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 5.20.2. This is due to missing or incorrect nonce validation in the '/admin/inc/post-management.php' file. This...

4.3CVSS0.00184EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/10/04 3:33 a.m.34 views

CVE-2025-9886 Trinity Audio <= 5.20.2 - Cross-Site Request Forgery

The Trinity Audio – Text to Speech AI audio player to convert content into audio plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 5.20.2. This is due to missing or incorrect nonce validation in the '/admin/inc/post-management.php' file. This...

4.3CVSS0.00184EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/10/04 3:33 a.m.4 views

CVE-2025-9886 Trinity Audio <= 5.20.2 - Cross-Site Request Forgery

The Trinity Audio – Text to Speech AI audio player to convert content into audio plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 5.20.2. This is due to missing or incorrect nonce validation in the '/admin/inc/post-management.php' file. This...

4.3CVSS5AI score0.00184EPSS
Exploits0References3
CVE
CVE
added 2025/10/04 3:33 a.m.24 views

CVE-2025-9886

CVE-2025-9886 : Trinity Audio – Text to Speech AI audio player for WordPress has a Cross-Site Request Forgery vulnerability up to version 5.20.2 caused by missing nonce validation in admin/inc/post-management.php. This allows unauthenticated attackers to activate/deactivate posts via forged reque...

4.3CVSS5AI score0.00184EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/10/04 3:33 a.m.23 views

CVE-2025-9952 Trinity Audio <= 5.20.2 - Reflected Cross-Site Scripting

The Trinity Audio – Text to Speech AI audio player to convert content into audio plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'range-date' parameter in all versions up to, and including, 5.20.2 due to insufficient input sanitization and output escaping. This makes ...

6.1CVSS0.00257EPSS
Exploits0References4
CVE
CVE
added 2025/10/04 3:33 a.m.23 views

CVE-2025-9952

CVE-2025-9952 refers to a Reflected Cross-Site Scripting vulnerability in the Trinity Audio – Text to Speech AI audio player plugin for WordPress, affecting versions up to and including 5.20.2. The issue arises from insufficient input sanitization and output escaping in the range-date parameter, ...

6.1CVSS5.3AI score0.00257EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/10/04 3:33 a.m.4 views

CVE-2025-9952 Trinity Audio <= 5.20.2 - Reflected Cross-Site Scripting

The Trinity Audio – Text to Speech AI audio player to convert content into audio plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'range-date' parameter in all versions up to, and including, 5.20.2 due to insufficient input sanitization and output escaping. This makes ...

6.1CVSS5.3AI score0.00257EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/10/04 12:0 a.m.5 views

WordPress plugin Trinity Audio 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site request...

4.3CVSS6.4AI score0.00184EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/10/04 12:0 a.m.9 views

PT-2025-40624

Name of the Vulnerable Software and Affected Versions Trinity Audio – Text to Speech AI audio player plugin for WordPress versions prior to 5.20.2 Description The software is susceptible to Cross-Site Request Forgery. This is because of a lack of, or incorrect, nonce validation in the...

4.3CVSS6.4AI score0.00184EPSS
Exploits0References8
CNNVD
CNNVD
added 2025/10/04 12:0 a.m.8 views

WordPress plugin Trinity Audio 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...

6.1CVSS5.9AI score0.00257EPSS
Exploits0References4
Patchstack
Patchstack
added 2025/10/03 11:54 p.m.8 views

WordPress Trinity Audio plugin <= 5.20.2 - Cross-Site Request Forgery vulnerability

Cross-Site Request Forgery vulnerability discovered by Moose Love in WordPress Plugin Trinity Audio versions = 5.20.2...

4.3CVSS6.8AI score0.00184EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2025/10/03 11:54 p.m.6 views

WordPress Trinity Audio plugin <= 5.20.2 - Reflected Cross-Site Scripting vulnerability

Reflected Cross-Site Scripting vulnerability discovered by Moose Love in WordPress Plugin Trinity Audio versions = 5.20.2...

6.1CVSS6.1AI score0.00257EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2025-17280

Malicious code in bioql PyPI...

4.3CVSS5.1AI score0.00241EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/06/08 1:19 p.m.5 views

CVE-2025-49272

Missing Authorization vulnerability in sergiotrinity Trinity Audio trinity-audio allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Trinity Audio: from n/a through = 5.20.0...

4.3CVSS5.9AI score0.00241EPSS
Exploits0References1
NVD
NVD
added 2025/06/06 1:15 p.m.5 views

CVE-2025-49272

Missing Authorization vulnerability in sergiotrinity Trinity Audio trinity-audio allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Trinity Audio: from n/a through = 5.20.0...

4.3CVSS0.00241EPSS
Exploits0References1
CVE
CVE
added 2025/06/06 12:53 p.m.38 views

CVE-2025-49272

CVE-2025-49272 is a Missing Authorization vulnerability in Trinity Audio (sergiotrinity), affecting Trinity Audio versions up to 5.20.0. The issue stems from incorrectly configured access controls. CVSSv3.1 base score is 4.3 (Medium): AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N. Wordfence notes the vulne...

4.3CVSS5.9AI score0.00241EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/06/06 12:53 p.m.4 views

CVE-2025-49272 WordPress Trinity Audio <= 5.20.0 - Broken Access Control Vulnerability

Missing Authorization vulnerability in sergiotrinity Trinity Audio allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Trinity Audio: from n/a through 5.20.0...

4.3CVSS7.1AI score0.00241EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/06/06 12:53 p.m.16 views

CVE-2025-49272 WordPress Trinity Audio plugin <= 5.20.0 - Broken Access Control Vulnerability

Missing Authorization vulnerability in sergiotrinity Trinity Audio trinity-audio allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Trinity Audio: from n/a through = 5.20.0...

4.3CVSS0.00241EPSS
Exploits0References1
Rows per page
Query Builder