What is the official website of Axis ?

The official website of Axis is http://www.axis-wt.com.

What is Axis's cybersecurity risk score?

Axis has an AI-generated cybersecurity risk score of 747 out of 1000, indicating a Moderate security posture according to Rankiteo's assessment.

How many security incidents has Axis experienced?

According to Rankiteo, Axis currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.

Has Axis been affected by any supply chain cyber incidents ?

According to Rankiteo, Axis has not been affected by any supply chain cyber incidents, and no incident IDs are currently listed for the organization.

Does Axis have SOC 2 Type 1 certification ?

According to Rankiteo, Axis is not certified under SOC 2 Type 1.

Does Axis have SOC 2 Type 2 certification ?

According to Rankiteo, Axis does not hold a SOC 2 Type 2 certification.

Does Axis comply with GDPR ?

According to Rankiteo, Axis is not listed as GDPR compliant.

Does Axis have PCI DSS certification ?

According to Rankiteo, Axis does not currently maintain PCI DSS compliance.

Does Axis comply with HIPAA ?

According to Rankiteo, Axis is not compliant with HIPAA regulations.

Does Axis have ISO 27001 certification ?

According to Rankiteo,Axis is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.

Which industry does Axis operate in ?

Axis operates primarily in the Oil and Gas industry.

How many employees does Axis have ?

Axis employs approximately 472 people worldwide.

Does Axis own any subsidiaries ?

Axis presently has no subsidiaries across any sectors.

How many LinkedIn followers does Axis have ?

Axis's official LinkedIn profile has approximately 7,169 followers.

What is the NAICS classification code for Axis ?

Axis is classified under the NAICS code 211, which corresponds to Oil and Gas Extraction.

Does Axis have a Crunchbase profile ?

No, Axis does not have a profile on Crunchbase.

Does Axis have a LinkedIn profile ?

Yes, Axis maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/axis-well-technology.

How many cybersecurity incidents has Axis experienced ?

As of June 14, 2026, Rankiteo reports that Axis has experienced 1 cybersecurity incidents.

How many peer or competitor companies does Axis have ?

Axis has an estimated 10,943 peer or competitor companies worldwide.

What types of cybersecurity incidents has Axis faced ?

Incident Types: The types of cybersecurity incidents that have occurred include Cyber Attack.

NEWRankiteo Cyber Underwriting Desktop - Score, price, and bind from your desktop

WindowsmacOSLinux

Download

Badge your company to reduce your risk score and your cyber insurance costs!

Link verified badges to your company page to build trust with insurers and customers.

Apply now and get your badge!

Internal validation & live display

Insurers and partners see a safer profile

Faster underwriting decisions

Trusted by insurers. Chosen by leaders.

Proud contributor to the Society of Actuaries.

Axis

Boost Score +25 with badge (5 left)

747

/1000

Moderate

772

/1000

Fair

Axis Vendor Cyber Rating & Cyber Score

axis-wt.com

Add Your Compliance Badge

Based in Aberdeen, Axis is an independent consultancy providing specialist Exploration and Production, Decommissioning and Low Carbon expertise to the global energy industry and beyond. Founded in 2001, our highly regarded multidisciplinary reservoir, wells and facilities team is recognised for delivering the highest quality integrated studies and well services support. Please visit our website www.axis-wt.com for more details of our extensive range of services.

Axis A.I CyberSecurity Scoring

Scoring History

Axis

Axis CyberSecurity News & History

Past Incidents

Attack Types

Entity

Type

Severity

Impact

Seen

Blog Details

Supply Chain Source

Incident Details

View

Axis

Cyber Attack

10/2025

JEN273212710242...

Loading…

A.I.

Axis Company Scoring based on AI Models

Cyber Incidents Likelihood 3 - 6 - 9 months

Actual

Prediction

Incident Predictions locked

Access Monitoring Plan

A.I Risk Score Likelihood 3 - 6 - 9 months

Actual

Prediction A

Prediction B

Prediction C

Prediction D

A.I. Risk Score Predictions locked

Access Monitoring Plan

Loading…

Underwriter Stats for Axis

Incidents vs Oil and Gas Industry Avg (This Year)

No incidents recorded for Axis in 2026.

Incidents vs All-Companies Average (This Year)

No incidents recorded for Axis in 2026.

Incident Types Axis vs Oil and Gas Industry Avg (This Year)

No incidents recorded for Axis in 2026.

Incident History - Axis (X = Date, Y = Severity)

Loading…

SUBSIDIARY

Axis Subsidiaries

Axis

Oil and Gas

Website: http://www.axis-wt.com

Company Size: 51-200 employees

124

RSK GroupEnvironmental Services

BinniesCivil Engineering

Binnies DCWWCivil Engineering

ADASEnvironmental Services

RSK Habitat ManagementEnvironmental Services

ADAS ArboricultureEnvironmental Services

FarmPEPFarming

MWH TreatmentConstruction

CANCivil Engineering

RSK Middle EastEnvironmental Services

Copper ConsultancyPublic Relations and Communications Services

RSK AfricaEnvironmental Services

CAN RenewablesServices for Renewable Energy

RSK GeosciencesEnvironmental Services

RSK Geophysics and SafegroundEnvironmental Services

RSK GeospatialSurveying and Mapping Services

Carbon Zero ConsultingServices for Renewable Energy

CS2 Chartered SurveyorsConstruction

Nature PositiveEnvironmental Services

Cambridge Environmental Assessments, part of RSK ADAS LtdChemical Manufacturing

RSK EnvironmentEnvironmental Services

Absolute Solar and Wind LtdRenewable Energy Semiconductor Manufacturing

Envireau WaterEnvironmental Services

BMG ResearchMarket Research

Inis Environmental Consultants Ltd.Environmental Services

RSK International Projects GroupEnvironmental Services

GeocoreCivil Engineering

The MSS GroupEnvironmental Services

Spencer Quantum LtdConstruction

Proeon Systems Ltd.Automation Machinery Manufacturing

The Woodhouse Partnership Ltd (TWPL)Business Consulting and Services

Woodhouse AustralasiaBusiness Consulting and Services

CX Utilities Ltd (An RSK Company)Utilities

EDP Consultants AustraliaEnvironmental Services

Stephenson HallidayEnvironmental Services

C J Associates Geotechnical LtdConstruction

cbec eco-engineering UK & EuropeEnvironmental Services

RSK WildingEnvironmental Services

Salix River and WetlandEnvironmental Services

Richard Irvin FM LimitedFacilities Services

ADAS LandscapeArchitecture and Planning

RSK APACEnvironmental Services

WatertrainEducation

Silcock Leedham Group LimitedConstruction

HydrofixServices for Renewable Energy

RSK ResponseEnvironmental Services

W Crowder & Sons LtdWholesale

Ian Farmer Associates (1998) LimitedCivil Engineering

RSK AcousticsArchitecture and Planning

RSK AsbestosEnvironmental Services

RSK NetherlandsEnvironmental Services

MG Scaffolding LtdConstruction

Calibrate Energy LtdRenewable Energy Semiconductor Manufacturing

RSK EnvironnementBusiness Consulting and Services

Aurora Health Physics Services LtdEnvironmental Services

Pharos Generator Services LimitedMechanical Or Industrial Engineering

RSK EcologyEnvironmental Services

CR Civil EngineeringCivil Engineering

Nicholas O'Dwyer LtdEnvironmental Services

Civil Engineering InternationalCivil Engineering

Amphos 21Environmental Services

WRc GroupResearch Services

Structural SoilsCivil Engineering

WGM Engineering LtdEngineering Services

Headland Archaeology (UK) LtdEnvironmental Services

PellingsConstruction

Centara Ltd - Surveying, Engineering and CADUtilities

EcologiaEnvironmental Services

RSK Ireland Ltd.Environmental Services

Jennings O'Donovan & PartnersCivil Engineering

FR ConsultantsConstruction

RSK BiocensusEnvironmental Services

Central AllianceConstruction

SCPCivil Engineering

COGNICAConstruction

RSK AustraliaEnvironmental Services

ADAS PlanningArchitecture and Planning

Leap EnvironmentalEnvironmental Services

Non Destructive Testing Services LtdConstruction

RoC ConsultingConstruction

EDPBusiness Consulting and Services

Southern Ecological Solutions (SES)Environmental Services

Virtus EnergyComputers and Electronics Manufacturing

1stinrailCivil Engineering

Optisol Services LtdRenewable Energy Semiconductor Manufacturing

FishtekEnvironmental Services

MilestoneConstruction

Richard Allitt Associates LtdCivil Engineering

Remote Aerial SurveysPhotography

rsim Remote SimulationsCivil Engineering

RemedX LtdEnvironmental Services

Streetwise UK Management LtdConstruction

TWIG GroupEnvironmental Services

B-Line and Easy2PlotPrinting Services

RSK LDE (Land and Development Engineering)Civil Engineering

RSK DACH-RegionEnvironmental Services

WaldramsReal Estate

Milner AssociatesConstruction

LARSEN WATER MANAGEMENT LTDUtilities

RSK BENELUX BVEnvironmental Services

RSK CreativeDesign Services

Up and UnderCivil Engineering

HI-LINEEnvironmental Services

Advantage RSKAlternative Dispute Resolution

Smith + Kennedy ArchitectsArchitecture and Planning

Acies Civil and Structural LtdCivil Engineering

Minerex Environmental Ltd.Environmental Services

ADEV ENVIRONNEMENTEnvironmental Services

ATV Contract Services LtdEnvironmental Services

RGM Environmental, Science and Technical support servicesEnvironmental Services

Travis BakerCivil Engineering

RSK Consents SolutionsUtilities

Kirton Water Treatment ServicesUtilities

RSK RadiologicalEnvironmental Services

Brown & May Marine LtdFisheries

RSK IWS Integrated Waste Solutions LtdUtilities

Dermot Casey Tree Care Ltd.Consumer Services

ATP Architects & Building SurveyorsArchitecture and Planning

Treefellers LtdEnvironmental Services

Hawkins Electrical LtdAppliances, Electrical, and Electronics Manufacturing

Technik GSConstruction

Enviroflow Management LimitedUtilities

EDP Singapore PTEBusiness Consulting and Services

Homer Burgess LtdIndustrial Machinery Manufacturing

Loading…

Axis Similar Companies

NOV

nov.com

NOV delivers technology-driven solutions to empower the global energy industry. For more than 150 years, NOV has pioneered innovations that enable its customers to safely produce abundant energy while minimizing environmental impact. The energy industry depends on NOV’s deep expertise and technology to continually improve oilfield operations and assist in efforts to advance the energy transition towards a more sustainable future. NOV powers the industry that powers the world.

ExxonMobil

exxonmobil.com

The need for energy is universal. That's why ExxonMobil scientists and engineers are pioneering new research and pursuing new technologies to reduce emissions while creating more efficient fuels. We're committed to responsibly meeting the world's energy needs. We aim to achieve #netzero emissions from our operated assets by 2050 (for Scope 1 and 2 greenhouse gas emissions) and are taking a comprehensive approach to create emission-reduction roadmaps for major operated assets. Find us also on: YouTube.com/ExxonMobil Find our latest Privacy Policy at https://corporate.exxonmobil.com/Global-legal-pages/privacy-policy See our terms and conditions at https://corporate.exxonmobil.com/global-legal-pages/terms-and-conditions Find resources on our GHG emission reduction efforts here: https://corporate.exxonmobil.com/resources

Hindustan Petroleum Corporation Limited

hindustanpetroleum.com

Hindustan Petroleum Corporation Limited (HPCL) is a Maharatna Central Public Sector Enterprise (CPSE) and a S&P Global Platts Top 250 Global Energy Company. HPCL has a strong presence in downstream hydrocarbon sector of the country with a sizable share in petroleum product marketing and also has business footprints across other energy verticals & various overseas geographies.

Enbridge

cb enbridge.com

At Enbridge, our goal is to be the first-choice energy delivery company in North America and beyond—for customers, communities, investors, regulators and policymakers, and employees. We also recognize the importance of a secure, reliable and affordable supply of energy, which we deliver every day through our four core businesses: -Liquids pipelines -Natural gas pipelines -Gas utilities and storage -Renewable energy There has been an increase in fraudulent activity related to recruitment and employment offers targeting potential candidates for companies like Enbridge. Learn how we accept job applications by visiting the careers section of our website.

Halliburton

halliburton.com

We collaborate and engineer solutions to maximize asset value for our customers. Founded in 1919, Halliburton is one of the world's largest providers of products and services to the energy industry. With more than 45,000 employees, representing 130 nationalities in more than 80 countries, the company helps its customers maximize value throughout the lifecycle of the reservoir – from locating hydrocarbons and managing geological data, to drilling and formation evaluation, well construction and completion, and optimizing production throughout the life of the asset.

CB&I

cb cbi.com

CB&I is the world’s leading designer and builder of storage facilities, tanks, and terminals. With more than 60,000 structures completed throughout its 135+ year history, CB&I has the global expertise and strategically located operations to provide its customers world-class storage solutions for even the most complex energy infrastructure projects. CB&I is owned by a consortium of financial investors led by Mason Capital Management LLC. To learn more, visit www.cbi.com.

Chevron

chevron.com

Our greatest resource is our people. Their ingenuity, creativity and collaboration have met the complex challenges of energy’s past. Together, we’ll take on the future. We support the LinkedIn Terms of Use (User Agreement), and we expect visitors to our page to do the same. We encourage open, lively conversation with a few simple rules: --We reserve the right to correct factual errors. --We will reply to comments when appropriate. --If we disagree with other opinions, we will do so respectfully. --You may not post anything that is spam or that is abusive, profane, or defamatory toward a person, entity, belief, or symbol. --We will delete any posts that contain personal information such as email addresses, phone numbers and physical addresses, and other third party intellectual property material, when that information does not belong to the author of the post. --You may not post job listings for non-Chevron positions. --While we support lively, open discussion, we reserve the right to delete comments.

Oxy

cb oxy.com

Oxy is an international energy company with assets primarily in the United States, the Middle East and North Africa. We are one of the largest oil producers in the U.S., including a leading producer in the Permian and DJ basins, and offshore Gulf of Mexico. Our midstream and marketing segment provides flow assurance and maximizes the value of our oil and gas. Our Oxy Low Carbon Ventures subsidiary is advancing leading-edge technologies and business solutions that economically grow our business while reducing emissions. We are committed to using our global leadership in carbon management to advance a lower-carbon world. Visit oxy.com for more information.

Tenaris

tenaris.com

Tenaris is a leading supplier of tubes and related services for the world’s energy industry and certain other industrial applications. Our mission is to deliver value to our customers through product development, manufacturing excellence, and supply chain management. Tenaris employees around the world are committed to continuous improvement by sharing knowledge across a single global organization. Our customers include most of the world’s leading oil and gas companies as well as engineering companies engaged in constructing oil and gas gathering, transportation and processing facilities. Our principal products include casing, tubing, line pipe, and mechanical and structural pipes. Tenaris employs around 29,000 people from more than 25 countries. From the moment they enter the company, our employees follow a career plan specially designed to meet their professional goals. TenarisUniversity, Tenaris’s corporate university, offers high-quality, job-specific curricula and development plans that help them succeed in the many challenging assignments faced during their careers. Our employees work in a culturally diverse setting that enriches their professional as well as their personal lives. As part of our fundamental corporate values, Tenaris offers our employee an active participation in a long-term, sustainable industrial project. RECRUITMENT FRAUD: We’ve received reports that unauthorized individuals are fraudulently recruiting and extending fake job offers on behalf of Tenaris. We encourage prospective candidates to remain vigilant. Additional information on how to recognize recruitment fraud or scams can be found at: https://www.tenaris.com/en/careers/recruitment-fraud Please remember that Tenaris never asks job applicants to pay a fee as part of the recruitment process.

Loading…

NEWS

Axis CyberSecurity News

Latest updates, reports, and threat intel affecting the global network.

February 25, 2026 08:00 AM

Boost for Longford! 80 new jobs are announced by cybersecurity firm

Longford received a major boost when it was announced recently that Irish cybersecurity company ZeroRisk is to create 80 new jobs with a...

Read Article

February 17, 2026 08:00 AM

Axis Communications Launches Inaugural Axis Perspectives Report on Intelligent Video’s Evolving Role

The Axis Perspectives Report quantifies how intelligent video is enhancing security and driving operational efficiency and business...

Read Article

February 17, 2026 08:00 AM

Axis Communications achieves SOC 2 Type 2 for cloud security

The independent audit evaluated Axis' controls over an extended period, validating that security, availability, and confidentiality...

Read Article

January 29, 2026 08:00 AM

Axis unveils AI video cameras & AV1 overlay feature

Axis debuts AI-powered PTZ and anti-ligature corner cameras plus an AV1 overlay feature to cut bandwidth and sharpen evidential workflows.

Read Article

January 20, 2026 08:00 AM

AI makes bosses boost cyber budgets — and eye job cuts

82% plan to lift cyber spend while 75.2% expect to trim security staff as AI tools spread, AXIS survey shows U.S. bosses more trusting than...

Read Article

January 20, 2026 08:00 AM

CEOs and CISOs differ on AI’s security value and risks

A new report also found that American executives are more bullish on AI's potential than their British counterparts.

Read Article

January 16, 2026 08:00 AM

CEOs, security executives are divided on cyber risks of AI, survey finds

A survey released Friday by Axis Capital shows there's a growing divide across how c-suite executives view the risks, rewards and impact of...

Read Article

January 14, 2026 08:00 AM

Global Company in Network Video & Surveillance Joins CISA’s Secure by Design Program

Axis Communications has signed the United States Cybersecurity & Infrastructure Security Agency's (CISA) Secure by Design pledge,...

Read Article

December 23, 2025 08:00 AM

Cyprus, Israel and Greece frame cooperation as gateway to broader IMEC infrastructure initiative

The 10th trilateral summit produced commitments on maritime cybersecurity, Gaza reconstruction logistics and US partnership revival ahead of...

Read Article

Loading…

CVE

Latest

Global CVEs (Not Company-Specific)

CVE-2026-12175

SUMMARY

A vulnerability was detected in CodeAstro Student Attendance Management System 1.0. Impacted is an unknown function of the file /attendance-php/Admin/createStudents.php. Performing a manipulation of the argument admissionNumber results in sql injection. Remote exploitation of the attack is possible. The exploit is now public and may be used.

Published

Date2026-06-13

Updated

Date2026-06-13

RISK INFORMATION (Score: 4.7)

cvss2

Base Score: 5.8

Complexity: LOW

AV:N/AC:L/Au:M/C:P/I:P/A:P

cvss3

Base Score: 4.7

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L

cvss4

Base Score: 2.0

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

3.4

Exploitability

1.2

REFERENCES

CVE-2026-12174

SUMMARY

A security vulnerability has been detected in D-Link DCS-935L 1.10.01. This issue affects the function snprintf of the file /web/cgi-bin/greece/rhea of the component HTTP Handler. Such manipulation of the argument data leads to format string. The attack may be launched remotely. The exploit has been disclosed publicly and may be used.

Published

Date2026-06-13

Updated

Date2026-06-13

RISK INFORMATION (Score: 8.8)

cvss2

Base Score: 9.0

Complexity: LOW

AV:N/AC:L/Au:S/C:C/I:C/A:C

cvss3

Base Score: 8.8

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

cvss4

Base Score: 7.4

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

5.9

Exploitability

2.8

REFERENCES

CVE-2026-12183

SUMMARY

Nefteprodukttekhnika BUK TS-G Gas Station Automation System 2.9.1 through 2.10.2 on Linux contains an Improper Authentication vulnerability (CWE-287) in the system configuration module. The /php/ajax-login.php endpoint returns userid=1 (administrator) in response to any HTTP POST request that supplies arbitrary credentials (e.g., action=dologin&login=<any_value>&pwd=<any_value>), and subsequent privileged endpoints under /php/ajax-main.php and /modules/* do not validate a server-side session. A remote unauthenticated attacker can invoke any administrative action exposed by the configuration module, including reading and modifying user rules, fuel tank gauges, fuel dispensers, relays, cash registers, bank terminals, fuel cards, price and customer displays, cash collection, and pricing rules.

Published

Date2026-06-13

Updated

Date2026-06-13

RISK INFORMATION (Score: 9.8)

cvss3

Base Score: 9.8

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

cvss4

Base Score: 9.3

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

5.9

Exploitability

3.9

REFERENCES

CVE-2026-6428

SUMMARY

SQL Injection in reports/catalogue_out.pl in Koha Community Koha through 22.11.37, 23.x, 24.x before 24.11.16, 25.05.x before 25.05.11, 25.11.x before 25.11.05, 26.05.x before 26.05.01, and 26.11.x before 26.11.00 allows an authenticated staff user with the Reports module flag to read arbitrary data from the Koha application database via the Filter URL parameter when the Criteria parameter matches /branchcode/. The vulnerable sink in sub calculate concatenates the unmodified Filter request parameter directly into a LIKE clause of the auxiliary $strsth2 statement and executes it via DBI without bound parameters: my $f = @$filters[0]; $f =~ s/\*/%/g; $strsth2 .= " AND $column LIKE '$f' "; This enables error-based SQL injection (e.g., via EXTRACTVALUE) and full read access to sensitive tables including borrowers (password hashes, 2FA secrets, PII), borrower_password_recovery, api_keys, and sessions. Proof of concept (error-based, single request): GET /cgi-bin/koha/reports/catalogue_out.pl?do_it=1&output=screen&Limit=10&Criteria=branchcode&Filter=x'+AND+EXTRACTVALUE(1,CONCAT(0x7e,VERSION(),0x7c,USER(),0x7c,DATABASE(),0x7e))--+- Cookie: CGISESSID=<LIBRARIAN_SESSION> The response body contains the DBI exception leaking the MariaDB version, database user, client IP, and database name, after which arbitrary data can be paged out using LIMIT n,1 / SUBSTRING(...). The vulnerable sink was introduced in commit 6bb77ae3e4 (2008-07-09); CVE-2015-4633 patched the same class in sibling files but did not generalise the fix to reports/catalogue_out.pl. Fixed in Koha 22.11.38, 24.11.16, 25.05.11, 25.11.05, 26.05.01, and 26.11.00 by replacing the raw concatenation with a parameterised placeholder.

Published

Date2026-06-13

Updated

Date2026-06-13

RISK INFORMATION (Score: 7.6)

cvss2

Base Score: 7.5

Complexity: LOW

AV:N/AC:L/Au:S/C:C/I:N/A:P

cvss3

Base Score: 7.6

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L

cvss4

Base Score: 5.6

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:X/V:C/RE:X/U:Amber

Impact Score

4.7

Exploitability

2.8

REFERENCES

CVE-2026-5513

SUMMARY

The Online Scheduling and Appointment Booking System – Bookly plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'bookly-customer-full-name' cookie in versions up to, and including, 27.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Exploitation requires 'Remember personal information in cookies' setting to be enabled (disabled by default).

Published

Date2026-06-13

Updated

Date2026-06-13

RISK INFORMATION (Score: 7.2)

cvss3

Base Score: 7.2

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N

Impact Score

2.7

Exploitability

3.9

REFERENCES

Loading…

API

Access Data Using Our API

Get company history

curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?
linkedin_id=axa' -H 'apikey: YOUR_API_KEY_HERE'

Try It API Documentation Rapid

MEASURE

What Do We Measure ?

Incident

Finding

Grade

Digital Assets

Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.

These are some of the factors we use to calculate the overall score:

Network SecurityIdentify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.

SBOM (Software Bill of Materials)Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.

CMDB (Configuration Management Database)Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.

Threat IntelligenceLeverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.

Rankiteo

By Rankiteo

★ ★ ★ ★ ★

View on G2.com

Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.

View latest plans →View all security reports →

MILESTONEG

Users
Love Us

Loading…