What is the official website of BNP Paribas REIM ?

The official website of BNP Paribas REIM is https://reim.bnpparibas.com/en.

What is BNP Paribas REIM's cybersecurity risk score?

BNP Paribas REIM has an AI-generated cybersecurity risk score of 757 out of 1000, indicating a Fair security posture according to Rankiteo's assessment.

How many security incidents has BNP Paribas REIM experienced?

According to Rankiteo, BNP Paribas REIM currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.

Has BNP Paribas REIM been affected by any supply chain cyber incidents ?

According to Rankiteo, BNP Paribas REIM has not been affected by any supply chain cyber incidents, and no incident IDs are currently listed for the organization.

Does BNP Paribas REIM have SOC 2 Type 1 certification ?

According to Rankiteo, BNP Paribas REIM is not certified under SOC 2 Type 1.

Does BNP Paribas REIM have SOC 2 Type 2 certification ?

According to Rankiteo, BNP Paribas REIM does not hold a SOC 2 Type 2 certification.

Does BNP Paribas REIM comply with GDPR ?

According to Rankiteo, BNP Paribas REIM is not listed as GDPR compliant.

Does BNP Paribas REIM have PCI DSS certification ?

According to Rankiteo, BNP Paribas REIM does not currently maintain PCI DSS compliance.

Does BNP Paribas REIM comply with HIPAA ?

According to Rankiteo, BNP Paribas REIM is not compliant with HIPAA regulations.

Does BNP Paribas REIM have ISO 27001 certification ?

According to Rankiteo,BNP Paribas REIM is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.

Which industry does BNP Paribas REIM operate in ?

BNP Paribas REIM operates primarily in the Financial Services industry.

How many employees does BNP Paribas REIM have ?

BNP Paribas REIM employs approximately None employees people worldwide.

Does BNP Paribas REIM own any subsidiaries ?

BNP Paribas REIM presently has no subsidiaries across any sectors.

How many LinkedIn followers does BNP Paribas REIM have ?

BNP Paribas REIM's official LinkedIn profile has approximately 8,775 followers.

What is the NAICS classification code for BNP Paribas REIM ?

BNP Paribas REIM is classified under the NAICS code 52, which corresponds to Finance and Insurance.

Does BNP Paribas REIM have a Crunchbase profile ?

No, BNP Paribas REIM does not have a profile on Crunchbase.

Does BNP Paribas REIM have a LinkedIn profile ?

Yes, BNP Paribas REIM maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/bnp-paribas-reim.

How many cybersecurity incidents has BNP Paribas REIM experienced ?

As of June 14, 2026, Rankiteo reports that BNP Paribas REIM has experienced 8 cybersecurity incidents.

How many peer or competitor companies does BNP Paribas REIM have ?

BNP Paribas REIM has an estimated 32,081 peer or competitor companies worldwide.

What types of cybersecurity incidents has BNP Paribas REIM faced ?

Incident Types: The types of cybersecurity incidents that have occurred include Breach.

NEWRankiteo Cyber Underwriting Desktop - Score, price, and bind from your desktop

WindowsmacOSLinux

Download

Badge your company to reduce your risk score and your cyber insurance costs!

Link verified badges to your company page to build trust with insurers and customers.

Apply now and get your badge!

Internal validation & live display

Insurers and partners see a safer profile

Faster underwriting decisions

Trusted by insurers. Chosen by leaders.

Proud contributor to the Society of Actuaries.

BPR

Boost Score +25 with badge (5 left)

757

/1000

Fair

782

/1000

Fair

BNP Paribas REIM Vendor Cyber Rating & Cyber Score

bnpparibas.com

Add Your Compliance Badge

BNP Paribas Real Estate Investment Management (BNP Paribas REIM) manages more than €23.7B* of European commercial real estate. This makes us one of the market’s most significant players. Our expertise spans the entire life cycle of a commercial property investment. For more than 60 years, BNP Paribas REIM has provided opportunities to invest in unlisted real estate in Europe. To date, more than 230 international institutional investors and some 140,000 private individuals have entrusted us to invest on their behalf. We are European in our investment focus and governance, with a presence in seven countries: France, Germany, Italy, the United Kingdom, Spain, Belgium, and Luxembourg. This gives us a deep knowledge of Europe’s diverse markets

BPR A.I CyberSecurity Scoring

Scoring History

BPR

BNP Paribas REIM CyberSecurity News & History

Past Incidents

Attack Types

Entity

Type

Severity

Impact

Seen

Blog Details

Supply Chain Source

Incident Details

View

BNP Paribas REIM

Breach

11/2021

BAN038090625

BNP Paribas REIM

Breach

12/2018

BAN632080525

BNP Paribas REIM

Breach

100

05/2018

BMO2351281022

BNP Paribas REIM

Breach

3/2018

BAN421080525

BNP Paribas REIM

Breach

5/2017

BMO532072625

BNP Paribas REIM

Breach

2/2017

BAN235072825

BNP Paribas REIM

Breach

5/2014

BAN358080425

BNP Paribas REIM

Breach

12/2013

BAN049072425

Loading…

A.I.

BPR Company Scoring based on AI Models

Cyber Incidents Likelihood 3 - 6 - 9 months

Actual

Prediction

Incident Predictions locked

Access Monitoring Plan

A.I Risk Score Likelihood 3 - 6 - 9 months

Actual

Prediction A

Prediction B

Prediction C

Prediction D

A.I. Risk Score Predictions locked

Access Monitoring Plan

Loading…

Underwriter Stats for BPR

Incidents vs Financial Services Industry Avg (This Year)

No incidents recorded for BNP Paribas REIM in 2026.

Incidents vs All-Companies Average (This Year)

No incidents recorded for BNP Paribas REIM in 2026.

Incident Types BPR vs Financial Services Industry Avg (This Year)

No incidents recorded for BNP Paribas REIM in 2026.

Incident History - BPR (X = Date, Y = Severity)

Loading…

SUBSIDIARY

BNP Paribas REIM Subsidiaries

BPR

Financial Services

Website: https://reim.bnpparibas.com/en

Company Size: 51-200 employees

BNP ParibasBanking

BNP Paribas CIBFinancial Services

BNP Paribas Corporate FinanceFinancial Services

TEBBanking

CEPTETEBBankacılık

BNP Paribas CardifInsurance

CardifAssurances

BNP Paribas Epargne & Retraite EntreprisesServices financiers

Cardif Lux VieAssurances

The Cardif Lab'Assurances

La retraite en clairAssurances

Cardif MéxicoSeguros

KarapassInsurance

BNP Paribas Asset ManagementFinancial Services

BMCI Groupe BNP ParibasBanking

BNP Paribas Personal FinanceBanking

CetelemBanking

Findomestic BancaFinancial Services

AlphaCreditFinancial Services

Express BankBanking

SevenDay BankBanking

RCSFinancial Services

Observatoire CetelemÉtudes de marché

Sygma BNP Paribas Personal FinanceServices financiers

Echangeur BNP Paribas Personal FinanceServices et conseil en informatique

Fondation CetelemServices financiers

Bank of the WestBanking

BMOFinancial Services

BMO Capital MarketsInvestment Banking

BMO U.S.Banking

BMO Commercial BankFinancial Services

BMO Private WealthFinancial Services

BMO Nesbitt BurnsInvestment Management

BMO Business BankingFinancial Services

BMO Groupe financierFinancial Services

BMO Family OfficeFinancial Services

AIR MILES Reward ProgramAdvertising Services

BMO Learning InstituteFinancial Services

Services de gestion de patrimoine de BMO – CanadaBanking

BNP Paribas Wealth ManagementBanking

BNP Paribas Wealth Management LuxembourgServices bancaires

BNP Paribas Wealth Management GermanyBankwesen

BGL BNP ParibasBanking

BGL BNP Paribas Banque PrivéeServices bancaires

UBCIBanking

Fondation BNP ParibasServices bancaires

BNP Paribas FortisBanking

BNP Paribas Fortis Private Banking & Wealth ManagementFinancial Services

Hello bank! BelgiumBanking

BNP Paribas Cash Management & Trade SolutionsFinancial Services

BNP Paribas EntreprisesBanking

WAI by BNP ParibasServices bancaires

B-School by BNP ParibasEnseignement supérieur

BNP Paribas Bank PolskaBanking

Fundacja BNP ParibasOrganizacje non-profit

Banca Agevolarti BNP ParibasFinancial Services

B! UP ExploreFinancial Services

B! UP AccelerateFinancial Services

BNP Paribas in SwitzerlandBanking

BNP Paribas Swiss FoundationBankwesen

BNP Paribas AbilityServices bancaires

Entre Pros avec BNP ParibasServices bancaires

BNP Paribas FactoringFinancial Services

BNP Paribas Factor FranceServices financiers

BNP Paribas Factor PortugalAtividades de serviços financeiros

Ifitalia SpA - (BNP Paribas Group)Servizi finanziari

BNP Paribas Faktoring Sp. z o.o.Financial Services

BNP Paribas Factor GmbHFinanzdienstleistungen

BNP Paribas Factor NordicsFinansielle tjenesteydelser

BNP Paribas Factor EspañaServicios financieros

BNP Paribas Leasing SolutionsBanking

BNP Paribas ArtegyServices financiers

MonDemainServices bancaires

EnjoyDigitAllServices bancaires

Banca Agevolarti BNP ParibasServizi finanziari

BivwAk!Services bancaires

BNP Paribas - Securities ServicesFinancial Services

Arval BNP Paribas GroupFinancial Services

TEB ARVAL Araç Filo KiralamaFinansal Hizmetler

Arval MotorTradeMotor Vehicle Manufacturing

Arval SuomiFinancial Services

Arval NorgeFinanstjenester

BNL BNP ParibasBanking

BNL BNP Paribas Private Banking & Wealth ManagementBanking

BNL BNP Paribas Life BankerBanking

BNP Paribas Banque PrivéeBanking

BNP Paribas dans la région Sud-EstServices bancaires

BNP Paribas dans la région NordServices bancaires

BNP Paribas Real EstateReal Estate

BNP Paribas Real Estate Transaction FranceImmobilier commercial

Loading…

BNP Paribas REIM Similar Companies

Sparkasse

sparkasse.de

Sparkassen: Nah, präsent und persönlich Als verlässliche Hausbank stehen wir immer und überall an der Seite unserer Kund:innen und Mitarbeitenden. Mit den Sparkassen können Sie auf exzellente Beratung und einen echten Finanzverbund zählen, der nicht nur Ihre persönlichen Finanzen, sondern auch die finanziellen Belange des Unternehmens berücksichtigt. Ob im Tagesgeschäft, bei großen Investitionsvorhaben oder bei der erfolgreichen Abwicklung von In- und Auslandsgeschäften: Wir schaffen Lösungen für den Unternehmenserfolg und unterstützen als verlässliche Arbeitgeberin unsere Mitarbeitenden.

Sanlam

sanlam.co.za

We’ve finally given a name to that special something a person exudes when they have a plan for their finances. It’s called The F Factor – and now that you know its name, it’s time you feel it too. Let's unlock your financial confidence, together. Our team is online weekdays 8:30 – 16:00

Morgan Stanley

morganstanley.com

Morgan Stanley (NYSE: MS) is a leading global financial services firm providing a wide range of investment banking, securities, wealth management and investment management services. With offices in 42 countries, our firm's employees serve clients worldwide including corporations, governments, institutions and individuals. We are committed to maintaining the first-class service and high standard of excellence that have always defined the firm and everything we do is guided by our five core values: Do the right thing, put clients first, lead with exceptional ideas, commit to diversity and inclusion, and give back. All interactions on/with this account are subject to the Social Media Important Information https://www.morganstanley.com/disclosures/social-media-important-information which includes Morgan Stanley’s Privacy Pledge and relevant disclaimers/disclosures. By interacting with this account, you consent to the retention and monitoring of your interactions.

Sicoob

sicoob.com.br

O Sicoob é o maior sistema financeiro cooperativo do país, com mais de 9 milhões de cooperados e mais de 4,6 mil pontos de atendimento distribuídos em todo o Brasil. Somos uma cooperativa financeira que oferece aos cooperados serviços de conta corrente, crédito, investimento, cartões, previdência, consórcio, seguros, cobrança bancária, adquirência de meios eletrônicos de pagamento, entre outros. Ou seja, temos um portfólio completo para atender o nosso público. Somos reconhecidos como a terceira melhor instituição financeira do Brasil segundo o ranking “Melhores Bancos do Mundo 2024”, realizado pela Forbes em parceria com a empresa de estudos de mercado Statista. Para oferecer esse atendimento, não abrimos mão do nosso propósito de conectar pessoas para promover justiça financeira e prosperidade. Acreditamos que, para promover uma nova economia, temos que ser uma instituição diferente, é por isso que aqui cada colaborador e cooperado tem voz ativa para crescermos juntos! Deseja falar com a gente? Confira nossos números para contato: Central de Atendimento: Capitais e regiões metropolitanas: 4000 1111* Demais localidades: 0800 642 0000 *Caso a localidade não possua o serviço 4000 ou 4007, informe o número da operadora mais o DDD 61: (0xx61 4000 1111). Para informações, dúvidas, reclamações e comunicação de ocorrência de fraude, ligue para o nosso SAC 24 horas: 0800 724 4420 Deseja falar com a Ouvidoria? Para reclamações, elogios e sugestões: 0800 725 0996 (de segunda a sexta, das 8h às 20h) Deficientes auditivos ou de fala: 0800 940 0458 (de segunda a sexta, das 8h às 20h)

Fidelity National Financial

cb fnf.com

Fidelity National Financial, Inc. (NYSE: FNF) is a leading provider of title insurance and transaction services to the real estate and mortgage industries. Ranked #359 on the FORTUNE 500(r) list for 2023, FNF is the nation's largest title insurance company through our title insurance underwriters (Fidelity National Title, Chicago Title, Commonwealth Land Title, Alamo Title and National Title Insurance of New York) that collectively issue more title insurance policies than any other title company in the United States. Our mission is to advance, expand, and protect the experience of property ownership by making the safety of our customers our primary focus. We pride ourselves on being extremely customer-oriented, motivated, and quick to provide solutions for all of your title insurance needs. We strongly encourage employee ownership of company stock so our FNF family can share in our company’s continuous growth and be a valuable part of something bigger than themselves.

Indiabulls Group

cb indiabulls.com

Founded in the year 2000, the Indiabulls Group is one of the country’s leading business houses with interest across sectors like financial services, real estate, pharmaceutical and LED. Headquartered in Gurgaon, all the group companies are listed on the Bombay Stock Exchange, and the National Stock Exchange. The group had combined revenues of over Rs. 22,114.9 Cr. and PAT of over Rs. 6,072.2 Cr. As on 31st March 2018. Complementing its efforts at the business end, the Group also places strong focus on its CSR Arm – The Indiabulls Foundation. Through the foundation the Group can support its aim for inclusive growth in the country and give back to the society with initiatives in areas such as Health, Education, Sanitation, Nutrition, Disaster Relief and Sustainable Livelihood.

Barclays

home.barclays

Barclays is a British universal bank. Our vision is to be the UK-centred leader in global finance. We are a diversified bank with comprehensive UK consumer, corporate and wealth and private banking franchises, a leading investment bank and a strong, specialist US consumer bank. Through these five divisions, we are working together for a better financial future for our customers, clients and communities. With over 325 years of history and expertise in banking, Barclays operates in over 40 countries and employs approximately 83,500 people. Barclays moves, lends, invests and protects money for customers and clients worldwide. Barclays is a trading name of Barclays Bank PLC and its subsidiaries. Barclays Bank PLC is registered in England and is authorised by the Prudential Regulation Authority and regulated by the Financial Conduct Authority and the Prudential Regulation Authority. Registered in England. Registered No. 1026167. Registered office: 1 Churchill Place, London E14 5HP.

PING AN

cb pingan.com

This is the official Company Page of Ping An Insurance (Group) Company of China, Ltd. (HKEx: 2318; SSE: 601318; ADR: PNGAY). Ping An strives to become a world leading technology-powered financial services group. We believe the way people receive financial services and healthcare in the future will be through intelligent ecosystems enabled by technology. With over 220 million retail customers and nearly 611 million Internet users, Ping An is one of the largest financial services companies in the world. Technology has enabled us to bring changes to the landscape of retail finance and healthcare in China. Supported by the Group’s strong core financials, our continued investment in fintech and healthtech resulted in increasing revenue contributions from our tech units as well as several unicorns. Ping An ranked 6th in the Forbes Global 2000 list and 16th in the Fortune Global 500 list in 2021. Follow us for latest news, events and job opportunities.

Lloyds Banking Group

lloydsbankinggroup.com

Our purpose is Helping Britain Prosper. We do this by creating a more sustainable and inclusive future for people and businesses, shaping finance as a force for good. We're part of an ever-changing industry and are currently on a journey to shape the financial services of the future, whilst supporting our customers’ changing needs. The scale and reach of our Group means we can offer a broad range of opportunities to learn, grow and develop. Our values-led culture and approach to inclusion and diversity means we can all make a real difference together.

Loading…

NEWS

BNP Paribas REIM CyberSecurity News

Latest updates, reports, and threat intel affecting the global network.

December 11, 2025 08:00 AM

BNP Paribas REIM expands HPF Europe

BNP Paribas REIM expands HPF Europe with the €300M VITA portfolio - 23 Italian healthcare assets that reinforce the fund's growth.

Read Article

April 19, 2022 09:16 PM

BNP Paribas REIM : Best Real Estate lnvestment Manager Europe 2022

BNP Paribas Real Estate Investment Management (REIM) is part of BNP Paribas Real Estate, a leading European property and investment manager with a...

Read Article

Loading…

CVE

Latest

Global CVEs (Not Company-Specific)

CVE-2026-12175

SUMMARY

A vulnerability was detected in CodeAstro Student Attendance Management System 1.0. Impacted is an unknown function of the file /attendance-php/Admin/createStudents.php. Performing a manipulation of the argument admissionNumber results in sql injection. Remote exploitation of the attack is possible. The exploit is now public and may be used.

Published

Date2026-06-13

Updated

Date2026-06-13

RISK INFORMATION (Score: 4.7)

cvss2

Base Score: 5.8

Complexity: LOW

AV:N/AC:L/Au:M/C:P/I:P/A:P

cvss3

Base Score: 4.7

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L

cvss4

Base Score: 2.0

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

3.4

Exploitability

1.2

REFERENCES

CVE-2026-12174

SUMMARY

A security vulnerability has been detected in D-Link DCS-935L 1.10.01. This issue affects the function snprintf of the file /web/cgi-bin/greece/rhea of the component HTTP Handler. Such manipulation of the argument data leads to format string. The attack may be launched remotely. The exploit has been disclosed publicly and may be used.

Published

Date2026-06-13

Updated

Date2026-06-13

RISK INFORMATION (Score: 8.8)

cvss2

Base Score: 9.0

Complexity: LOW

AV:N/AC:L/Au:S/C:C/I:C/A:C

cvss3

Base Score: 8.8

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

cvss4

Base Score: 7.4

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

5.9

Exploitability

2.8

REFERENCES

CVE-2026-12183

SUMMARY

Nefteprodukttekhnika BUK TS-G Gas Station Automation System 2.9.1 through 2.10.2 on Linux contains an Improper Authentication vulnerability (CWE-287) in the system configuration module. The /php/ajax-login.php endpoint returns userid=1 (administrator) in response to any HTTP POST request that supplies arbitrary credentials (e.g., action=dologin&login=<any_value>&pwd=<any_value>), and subsequent privileged endpoints under /php/ajax-main.php and /modules/* do not validate a server-side session. A remote unauthenticated attacker can invoke any administrative action exposed by the configuration module, including reading and modifying user rules, fuel tank gauges, fuel dispensers, relays, cash registers, bank terminals, fuel cards, price and customer displays, cash collection, and pricing rules.

Published

Date2026-06-13

Updated

Date2026-06-13

RISK INFORMATION (Score: 9.8)

cvss3

Base Score: 9.8

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

cvss4

Base Score: 9.3

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

5.9

Exploitability

3.9

REFERENCES

CVE-2026-6428

SUMMARY

SQL Injection in reports/catalogue_out.pl in Koha Community Koha through 22.11.37, 23.x, 24.x before 24.11.16, 25.05.x before 25.05.11, 25.11.x before 25.11.05, 26.05.x before 26.05.01, and 26.11.x before 26.11.00 allows an authenticated staff user with the Reports module flag to read arbitrary data from the Koha application database via the Filter URL parameter when the Criteria parameter matches /branchcode/. The vulnerable sink in sub calculate concatenates the unmodified Filter request parameter directly into a LIKE clause of the auxiliary $strsth2 statement and executes it via DBI without bound parameters: my $f = @$filters[0]; $f =~ s/\*/%/g; $strsth2 .= " AND $column LIKE '$f' "; This enables error-based SQL injection (e.g., via EXTRACTVALUE) and full read access to sensitive tables including borrowers (password hashes, 2FA secrets, PII), borrower_password_recovery, api_keys, and sessions. Proof of concept (error-based, single request): GET /cgi-bin/koha/reports/catalogue_out.pl?do_it=1&output=screen&Limit=10&Criteria=branchcode&Filter=x'+AND+EXTRACTVALUE(1,CONCAT(0x7e,VERSION(),0x7c,USER(),0x7c,DATABASE(),0x7e))--+- Cookie: CGISESSID=<LIBRARIAN_SESSION> The response body contains the DBI exception leaking the MariaDB version, database user, client IP, and database name, after which arbitrary data can be paged out using LIMIT n,1 / SUBSTRING(...). The vulnerable sink was introduced in commit 6bb77ae3e4 (2008-07-09); CVE-2015-4633 patched the same class in sibling files but did not generalise the fix to reports/catalogue_out.pl. Fixed in Koha 22.11.38, 24.11.16, 25.05.11, 25.11.05, 26.05.01, and 26.11.00 by replacing the raw concatenation with a parameterised placeholder.

Published

Date2026-06-13

Updated

Date2026-06-13

RISK INFORMATION (Score: 7.6)

cvss2

Base Score: 7.5

Complexity: LOW

AV:N/AC:L/Au:S/C:C/I:N/A:P

cvss3

Base Score: 7.6

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L

cvss4

Base Score: 5.6

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:X/V:C/RE:X/U:Amber

Impact Score

4.7

Exploitability

2.8

REFERENCES

CVE-2026-5513

SUMMARY

The Online Scheduling and Appointment Booking System – Bookly plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'bookly-customer-full-name' cookie in versions up to, and including, 27.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Exploitation requires 'Remember personal information in cookies' setting to be enabled (disabled by default).

Published

Date2026-06-13

Updated

Date2026-06-13

RISK INFORMATION (Score: 7.2)

cvss3

Base Score: 7.2

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N

Impact Score

2.7

Exploitability

3.9

REFERENCES

Loading…

API

Access Data Using Our API

Get company history

curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?
linkedin_id=axa' -H 'apikey: YOUR_API_KEY_HERE'

Try It API Documentation Rapid

MEASURE

What Do We Measure ?

Incident

Finding

Grade

Digital Assets

Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.

These are some of the factors we use to calculate the overall score:

Network SecurityIdentify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.

SBOM (Software Bill of Materials)Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.

CMDB (Configuration Management Database)Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.

Threat IntelligenceLeverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.

Rankiteo

By Rankiteo

★ ★ ★ ★ ★

View on G2.com

Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.

View latest plans →View all security reports →

MILESTONEG

Users
Love Us

Loading…