Ctrl + K
/ news / CVE
CVEPublished 2026-05-27Modified 2026-05-270 articles on news5 live referencesNVD data

CVE-2026-9200

Vulnerability data via NVD (ingested)

CVSS v3.1
7.5
HIGH
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS percentile
Weaknesses (CWE)
CWE-98Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')
Description

The Query Shortcode plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 0.2.1 via the shortcode function. This makes it possible for authenticated attackers, with contributor-level access and above, to include and execute arbitrary .php files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where .php file types can be uploaded and included.

Timeline
Published 2026-05-27
Modified 2026-05-27

External references

NVDMITREExploit-DBSploitusVulnCheck

Search for exposed instances

Shodan + Censys queries derived from NVD's CPE data. The vuln tag catches assets Shodan has explicitly linked to this CVE; the product / banner fingerprints find exposed instances even when the vuln tag was never applied (which is common).

Shodan · vuln tag0 hosts
vuln:CVE-2026-9200
Hosts Shodan has explicitly fingerprinted as vulnerable.
More intel sources (5)
Shodan report
vuln:CVE-2026-9200
Country / ASN / product breakdown for the vuln query.
Censys
vulnerabilities.cve_id: CVE-2026-9200
Censys host search filtered to this CVE id.
grep.app
CVE-2026-9200
Public source-code mentions — fast PoC discovery.
GitHub code
CVE-2026-9200
GitHub code search for direct mentions.
Google dork
"CVE-2026-9200" exploit -site:nvd.nist.gov
Write-ups and news, NVD excluded.

Known PoCs on GitHub (8)

CVE-2026-92008 repos
YgorAlberto/ygoralberto.github.ioHTML
★ 28·updated 5d ago
nsasoft/nsauditor-aiJavaScript
NSAuditor AI — Open-source, AI-powered network security scanner. 27 plugins, CVE matching, MITRE ATT&CK mapping, verified vulnerabilities, continuous monitoring, MCP integration. Z…
★ 14·updated 3d ago
domo-monster/HomeSecurityAssistantJavaScript
Home Security Assistant — Network security monitoring for Home Assistant — NetFlow/IPFIX analysis, active host scanning, vulnerability detection, and threat intelligence enrichment…
★ 10·updated 4d ago
hnytgl/CVE-2026-41089Python
CVE-2026-41089 是 Windows Netlogon 服务中一个关键的远程代码执行漏洞
★ 9·updated 2d ago
sercanokur/GhostCatcherEDRGo
A lightweight **Linux endpoint** detection agent written in **Go**. It runs as a CLI or **systemd** service, scans the host on an interval (and optionally watches `authorized_keys`…
★ 7·updated 5d ago
AndrewAltimit/exploitsPython
Security research and exploit development: vulnerability analysis, exploit chain implementation, post-exploitation tradecraft, and defensive assessment tooling. Covers browser engi…
★ 4·updated 3w ago
CoderAwesomeAbhi/nexus-axiomRust
Real-time eBPF security daemon that actually kills exploits. LSM + XDP + AI threat analysis.
★ 4·updated 4w ago
anders-wartoft/LogGeneratorJava
Generate logs from templates, or get logs from files, Elasticsearch or Kafka. Change the logs on the fly to create new, events and finally send the logs to console, file, Elasticse…
★ 4·updated 1mo ago
We haven't classified any articles referencing CVE-2026-9200 yet. The external references above still apply.