CVE-2025-9196: Trinity Audio <= 5.21.0 - Information Exposure

id: CVE-2025-9196

info:
  name: Trinity Audio <= 5.21.0 - Information Exposure
  author: Kazgangap
  severity: medium
  description: |
    The Trinity Audio Text to Speech AI audio player to convert content into audio plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 5.21.0 via the ~/admin/inc/phpinfo.php file that gets created on install. This makes it possible for unauthenticated attackers to extract sensitive data including configuration data.
  impact: |
    Unauthenticated attackers can extract sensitive configuration data, potentially aiding further attacks.
  remediation: |
    Update to the latest version beyond 5.21.0.
  reference:
    - https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/trinity-audio/trinity-audio-5210-unauthenticated-information-exposure
    - https://nvd.nist.gov/vuln/detail/CVE-2025-9196
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
    cvss-score: 5.3
    cve-id: CVE-2025-9196
    cwe-id: CWE-200
    epss-score: 0.01486
    epss-percentile: 0.80421
  metadata:
    verified: true
    max-request: 1
    vendor: sergiotrinity
    product: trinity-audio
    framework: wordpress
    fofa-query: body="/wp-content/plugins/trinity-audio"
  tags: cve,cve2025,wp-plugin,wordpress,trinity-audio,exposure,vuln

http:
  - raw:
      - |
        GET /wp-content/plugins/trinity-audio/admin/inc/phpinfo.php HTTP/1.1
        Host: {{Hostname}}

    host-redirects: true

    matchers:
      - type: dsl
        dsl:
          - 'contains_all(body, "PHP Version", "PHP Extension","trinity-audio")'
          - 'status_code == 200'
        condition: and
# digest: 490a0046304402202b16d207d2ef28d4fe58562ef794986963e588962ade3ab902db189fee6b3fb902204922c18a7fe6eaf48aa111262456f2f3fca75305bf8a8668099f1a539177089c:922c64590222798bb761d5b6d8e72950