WordPress plugin HTML5 Audio Player 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A code issue...

CVE-2025-67466

CVE-2025-67466 (Trinity Audio WordPress plugin) is a Missing Authorization / Broken Access Control vulnerability in the Trinity Audio plugin for WordPress (trinity-audio). Affected software: Trinity Audio ≤ 5.23.3. Root cause: misconfigured access control security levels, enabling unauthorized ac...

CVE-2025-67466 WordPress Trinity Audio plugin <= 5.23.3 - Broken Access Control vulnerability

Missing Authorization vulnerability in sergiotrinity Trinity Audio trinity-audio allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Trinity Audio: from n/a through = 5.23.3...

CVE-2025-67466 WordPress Trinity Audio plugin <= 5.23.3 - Broken Access Control vulnerability

Missing Authorization vulnerability in sergiotrinity Trinity Audio trinity-audio allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Trinity Audio: from n/a through = 5.23.3...

WordPress plugin Trinity Audio 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

CVE-2025-9196

The Trinity Audio – Text to Speech AI audio player to convert content into audio plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 5.21.0 via the /admin/inc/phpinfo.php file that gets created on install. This makes it possible for...

CVE-2025-9196

The Trinity Audio – Text to Speech AI audio player to convert content into audio plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 5.21.0 via the /admin/inc/phpinfo.php file that gets created on install. This makes it possible for...

CVE-2025-9196

Summary of CVE-2025-9196 (Trinity Audio WordPress plugin) : The Trinity Audio Text to Speech AI plugin (WordPress) versions up to 5.21.0 allows unauthenticated information exposure via the file path ~/admin/inc/phpinfo.php created on install. The vulnerability enables retrieval of sensitive data,...

PT-2025-41645

Name of the Vulnerable Software and Affected Versions Trinity Audio – Text to Speech AI plugin for WordPress versions prior to 5.21.1 Description The software is susceptible to exposure of sensitive information. An unauthenticated attacker can extract configuration data through the...

WordPress plugin Trinity Audio 信息泄露漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. An information...

EUVD-2025-32406

The Trinity Audio – Text to Speech AI audio player to convert content into audio plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'range-date' parameter in all versions up to, and including, 5.20.2 due to insufficient input sanitization and output escaping. This makes ...

CVE-2025-9886 Trinity Audio <= 5.20.2 - Cross-Site Request Forgery

The Trinity Audio – Text to Speech AI audio player to convert content into audio plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 5.20.2. This is due to missing or incorrect nonce validation in the '/admin/inc/post-management.php' file. This...

CVE-2025-9952 Trinity Audio <= 5.20.2 - Reflected Cross-Site Scripting

The Trinity Audio – Text to Speech AI audio player to convert content into audio plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'range-date' parameter in all versions up to, and including, 5.20.2 due to insufficient input sanitization and output escaping. This makes ...

WordPress plugin Trinity Audio 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...

WordPress plugin Responsive HTML5 Audio Player PRO With Playlist 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

WordPress plugin Trinity Audio 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

CVE-2024-51573 WordPress ML Responsive Audio plugin <= 0.2 - Stored Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ersatzpole ML Responsive Audio player with playlist Shortcode mlr-audio allows Stored XSS.This issue affects ML Responsive Audio player with playlist Shortcode: from n/a through = 0.2...

CVE-2024-25098 WordPress PB oEmbed HTML5 Audio Plugin <= 2.6 is vulnerable to Cross Site Scripting (XSS)

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Pascal Bajorat PB oEmbed HTML5 Audio – with Cache Support allows Stored XSS.This issue affects PB oEmbed HTML5 Audio – with Cache Support: from n/a through 2.6...

WordPress 插件 跨站脚本漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language. The platform supports the erection of personal blog sites on PHP and MySQL servers. WordPress plugin is a WordPress open source application plugin. WordPress Html5 Audio Player plugin in versions...

The vulnerability of the plugins\codec\libflacplugin.dll library in the VideoLAN VLC media player allows a hacker to execute arbitrary code or cause a service failure.

The vulnerability of the plugins\codec\libflacplugin.dll library in the VideoLAN VLC media player is related to the execution of operations outside of the buffer in memory. Exploiting this vulnerability could allow an attacker to execute arbitrary code or cause a service failure using a specially...