Boon Supply
Company Details
Linkedin ID:
boon-supply
Website:
Employees number:
3
Number of followers:
1,070
NAICS:
561
Industry Type:
Homepage:
boonsupply.com
IP Addresses:
0
Company ID:
BOO_9758898
Scan Status:
In-progress
Boon Supply Company CyberSecurity Posture
boonsupply.com
The Boon Story - We believe that the world needs more #Doers — more people working on the thousands of little things that add up to big differences in our communities. Boon Supply is for the everyday heroes who take action when they see an opportunity to make things better. Boon brings communities together to dream big and get big results. We power the #Doers to achieve more and inspire others to step up and join in. We believe that together, we can make good things happen. Within minutes, you can have your fundraiser page live and ready to share for any cause you are passionate about. The moment it launches, 40% of every purchase made on your page will go directly to your fundraiser. Find a cause you’d like to support and shop from their fundraiser page, or shop first and then choose a fundraiser. Either way, 40% of your purchase will go to the cause of your choice. Join the Boon Supply community, and together we can grow the good we want to see in the world. Visit www.boonsupply.com to shop and find or create fundraisers. We are certified by #climateneutral.org and doing our part for the planet.
Boon Supply A.I CyberSecurity Scoring
Boon Supply Risk Score (AI oriented)Between 750 and 799
Boon Supply
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
Boon Supply Global Score (TPRM)XXXX
Boon Supply
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
Boon Supply Company CyberSecurity News & History
Past Incidents
0
Attack Types
0
No data available
Boon Supply Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for Boon Supply
Incidents vs Fundraising Industry Average (This Year)
No incidents recorded for Boon Supply in 2025.
Incidents vs All-Companies Average (This Year)
No incidents recorded for Boon Supply in 2025.
Incident Types Boon Supply vs Fundraising Industry Avg (This Year)
No incidents recorded for Boon Supply in 2025.
Incident History — Boon Supply (X = Date, Y = Severity)
Boon Supply cyber incidents detection timeline including parent company and subsidiaries
Boon Supply Company Subsidiaries
The Boon Story - We believe that the world needs more #Doers — more people working on the thousands of little things that add up to big differences in our communities. Boon Supply is for the everyday heroes who take action when they see an opportunity to make things better. Boon brings communities together to dream big and get big results. We power the #Doers to achieve more and inspire others to step up and join in. We believe that together, we can make good things happen. Within minutes, you can have your fundraiser page live and ready to share for any cause you are passionate about. The moment it launches, 40% of every purchase made on your page will go directly to your fundraiser. Find a cause you’d like to support and shop from their fundraiser page, or shop first and then choose a fundraiser. Either way, 40% of your purchase will go to the cause of your choice. Join the Boon Supply community, and together we can grow the good we want to see in the world. Visit www.boonsupply.com to shop and find or create fundraisers. We are certified by #climateneutral.org and doing our part for the planet.
Loading...
Boon Supply Similar Companies
Tiffany Circle UK
The Tiffany Circle is a network of philanthropic women who support the work of the British Red Cross. Our members support those affected by crisis and disaster around the world, most notably women and girls due to their capacity to be powerful agents for change in their communities. If you are in
Lawn Summer Nights
Lawn Summer Nights is a lawn bowling fundraiser held cities across Canada, benefitting Cystic Fibrosis Canada. We have raised over $3,400,000 since the event began in Vancouver in 2009, growing the annual donation total year-on-year, along with the number of supporters who have engaged with the even
Children's Miracle Network at Orlando Health Arnold Palmer Hospital for Children
Children’s Miracle Network Hospitals is a non-profit organization dedicated to saving lives by raising funds for 170 children’s hospitals that provide 32 million treatments each year to kids across the U.S. and Canada. In Orlando, Orlando Health Arnold Palmer Hospital for Children benefits from the
Volunteers of America Delaware Valley
Volunteers of America Delaware Valley is the Greater Philadelphia regional affiliate of Volunteers of America, a national, faith-based nonprofit founded in 1896. Volunteers of America Delaware Valley is a professional human services organization that annually serves more than 11,000 men, women an
As the preeminent resource for all donor and provider services in philanthropy, the Jewish Federation of Greater Pittsburgh is at the heart of Jewish giving. Giving care to those in need, giving deeper engagement in quality of life, and giving strength to the community, in Pittsburgh, Israel and aro
The Parkinson Council
The Parkinson Council is the premier local organization dedicated to improving the quality of life for patients, caregivers, and their families impacted by Parkinson’s disease. We invest in research, education and services provided by world renowned institutions and innovative service organizatio
.png)
Boon Supply CyberSecurity News
June 13, 2025 07:00 AM
CISA warns of supply chain risks as ransomware attacks exploit SimpleHelp flaws
Ransomware gangs have exploited a vulnerability in the SimpleHelp remote support program to breach customers of a utility billing software...
April 24, 2025 07:00 AM
Could Trump’s focus on ‘economic security’ be a boon for the Dominican Republic?
The US is looking to work with partners in Latin America and the Caribbean to create reliable supply-chain environments for critical...
October 28, 2024 07:00 AM
Third-Party Identities: The Weakest Link in Your Cybersecurity Supply Chain
Long supply chain adds third-party risks, as each partner's security affects your own, making identity and access management more...
August 29, 2024 05:47 AM
SEBI's Cybersecurity Framework: A Boon for the Indian Tech Industry
SEBI-regulated entities will soon need to implement a framework to improve cyber security and cyber resilience, announced the market regulator in June 2024.
July 20, 2024 07:00 AM
A global IT outage brought supply chains to their knees – we need to be better prepared next time
Friday's global IT outage – caused by a faulty software update from cybersecurity firm Crowdstrike – wrought havoc on business operations around the world.
June 26, 2023 07:00 AM
India’s Cybersecurity Industry Faces Demand-Supply Gap: 40k Open Job Opportunities
India's cybersecurity industry is grappling with a big challenge - an ongoing shortage of skilled professionals. Cybersecurity jobs in...
January 03, 2022 08:00 AM
Opinion | The cybersecurity risk to our water supply is real. We need to prepare.
Mark Montgomery is senior director of the Center on Cyber and Technology Innovation (CCTI) at the Foundation for Defense of Democracies and...
November 12, 2021 08:00 AM
Is AI a boon or bane for cybersecurity?
Artificial intelligence, along with machine learning and other deep analytics strategies, is seeing a resurgence among enterprise technology...
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
Boon Supply CyberSecurity History Information
Official Website of Boon Supply
The official website of Boon Supply is http://www.boonsupply.com.
Boon Supply’s AI-Generated Cybersecurity Score
According to Rankiteo, Boon Supply’s AI-generated cybersecurity score is 755, reflecting their Fair security posture.
How many security badges does Boon Supply’ have ?
According to Rankiteo, Boon Supply currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Does Boon Supply have SOC 2 Type 1 certification ?
According to Rankiteo, Boon Supply is not certified under SOC 2 Type 1.
Does Boon Supply have SOC 2 Type 2 certification ?
According to Rankiteo, Boon Supply does not hold a SOC 2 Type 2 certification.
Does Boon Supply comply with GDPR ?
According to Rankiteo, Boon Supply is not listed as GDPR compliant.
Does Boon Supply have PCI DSS certification ?
According to Rankiteo, Boon Supply does not currently maintain PCI DSS compliance.
Does Boon Supply comply with HIPAA ?
According to Rankiteo, Boon Supply is not compliant with HIPAA regulations.
Does Boon Supply have ISO 27001 certification ?
According to Rankiteo,Boon Supply is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of Boon Supply
Boon Supply operates primarily in the Fundraising industry.
Number of Employees at Boon Supply
Boon Supply employs approximately 3 people worldwide.
Subsidiaries Owned by Boon Supply
Boon Supply presently has no subsidiaries across any sectors.
Boon Supply’s LinkedIn Followers
Boon Supply’s official LinkedIn profile has approximately 1,070 followers.
Boon Supply’s Presence on Crunchbase
Yes, Boon Supply has an official profile on Crunchbase, which can be accessed here: https://www.crunchbase.com/organization/bonvee.
Boon Supply’s Presence on LinkedIn
Yes, Boon Supply maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/boon-supply.
Cybersecurity Incidents Involving Boon Supply
As of December 21, 2025, Rankiteo reports that Boon Supply has not experienced any cybersecurity incidents.
Number of Peer and Competitor Companies
Boon Supply has an estimated 1,146 peer or competitor companies worldwide.
Boon Supply CyberSecurity History Information
How many cyber incidents has Boon Supply faced ?
Total Incidents: According to Rankiteo, Boon Supply has faced 0 incidents in the past.
What types of cybersecurity incidents have occurred at Boon Supply ?
Incident Types: The types of cybersecurity incidents that have occurred include .
Incident Details
What are the most common types of attacks the company has faced ?
Additional Questions
.png)
Latest Global CVEs (Not Company-Specific)
Description
Versa SASE Client for Windows versions released between 7.8.7 and 7.9.4 contain a local privilege escalation vulnerability in the audit log export functionality. The client communicates user-controlled file paths to a privileged service, which performs file system operations without impersonating the requesting user. Due to improper privilege handling and a time-of-check time-of-use race condition combined with symbolic link and mount point manipulation, a local authenticated attacker can coerce the service into deleting arbitrary directories with SYSTEM privileges. This can be exploited to delete protected system folders such as C:\\Config.msi and subsequently achieve execution as NT AUTHORITY\\SYSTEM via MSI rollback techniques.
Risk Information
cvss4
Base: 8.5
Severity: LOW
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
The WP JobHunt plugin for WordPress, used by the JobCareer theme, is vulnerable to unauthorized modification of data due to a missing capability check on the 'cs_update_application_status_callback' function in all versions up to, and including, 7.7. This makes it possible for authenticated attackers, with Candidate-level access and above, to inject cross-site scripting into the 'status' parameter of applied jobs for any user.
Risk Information
cvss3
Base: 7.6
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L
Description
The WP JobHunt plugin for WordPress, used by the JobCareer theme, is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 7.7 via the 'cs_update_application_status_callback' due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with Candidate-level access and above, to send a site-generated email with injected HTML to any user.
Risk Information
cvss3
Base: 4.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Description
The FiboSearch – Ajax Search for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's `thegem_te_search` shortcode in all versions up to, and including, 1.32.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This vulnerability requires TheGem theme (premium) to be installed with Header Builder mode enabled, and the FiboSearch "Replace search bars" option enabled for TheGem integration.
Risk Information
cvss3
Base: 5.4
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
References
- https://plugins.trac.wordpress.org/browser/ajax-search-for-woocommerce/tags/1.32.0/partials/themes/thegem-elementor.php#L104
- https://plugins.trac.wordpress.org/browser/ajax-search-for-woocommerce/tags/1.32.0/partials/themes/thegem-elementor.php#L94
- https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3420841%40ajax-search-for-woocommerce%2Ftrunk&old=3398612%40ajax-search-for-woocommerce%2Ftrunk&sfp_email=&sfph_mail=#file136
- https://wordpress.org/plugins/ajax-search-for-woocommerce
- https://www.wordfence.com/threat-intel/vulnerabilities/id/8149103e-105d-401d-8a15-b07d131baaac?source=cve
Description
The Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.11.0 via the ajax_get_members function. This is due to the use of a predictable low-entropy token (5 hex characters derived from md5 of post ID) to identify member directories and insufficient authorization checks on the unauthenticated AJAX endpoint. This makes it possible for unauthenticated attackers to extract sensitive data including usernames, display names, user roles (including administrator accounts), profile URLs, and user IDs by enumerating predictable directory_id values or brute-forcing the small 16^5 token space.
Risk Information
cvss3
Base: 5.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
References
- https://plugins.trac.wordpress.org/browser/ultimate-member/tags/2.10.6/includes/class-functions.php#L41
- https://plugins.trac.wordpress.org/browser/ultimate-member/tags/2.10.6/includes/core/class-ajax-common.php#L61
- https://plugins.trac.wordpress.org/browser/ultimate-member/tags/2.10.6/includes/core/class-member-directory.php#L205
- https://plugins.trac.wordpress.org/browser/ultimate-member/tags/2.10.6/includes/core/class-member-directory.php#L2795
- https://plugins.trac.wordpress.org/browser/ultimate-member/tags/2.10.6/templates/members.php#L26
- https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3421362%40ultimate-member%2Ftrunk&old=3408617%40ultimate-member%2Ftrunk&sfp_email=&sfph_mail=
- https://www.wordfence.com/threat-intel/vulnerabilities/id/61337d2d-d15a-45f2-b730-fc034eb3cd31?source=cve
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=boon-supply' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
