Comparison Overview

Expedia

None

Last Update: 2025-12-17

Between 750 and 799

http://www.expedia.com

Expedia is one of the world's leading full-service travel brands, helping travelers get the most out of every trip they take by making the travel process seamless. With Expedia, travelers can plan and book flights, hotels, vacation packages, and car rentals in one complete marketplace. Expedia offers intelligent tools, personalized recommendations, and a booking experience that saves you money – making it easier to explore the world. Use our mobile app or visit www.expedia.com to start your next adventure. Why choose Expedia? Expedia is your all-in-one travel shop, providing access to a large inventory of flights, hotels, vacation packages, activities and car rentals, with savings for every part of your trip.Our smart recommendation and comparison tools make for thoughtful travel planning. And with Expedia, you can bundle now or later and still get savings towards your trip, for a travel planning experience that moves with you. For Partners Expedia connects travel businesses with millions of engaged travelers worldwide. Our partner solutions help hotels, airlines, and service providers grow bookings, optimize visibility, and deliver exceptional guest experiences. Expedia is the flagship travel brand of Expedia Group.

NAICS: 5615

NAICS Definition: Travel Arrangement and Reservation Services

Employees: None

Subsidiaries: 10

12-month incidents

0

Known data breaches

3

Attack type number

1

View Profile

Hertz

8501 Williams Road, Estero, FL, US, 33928

Last Update: 2025-12-19

Between 650 and 699

http://www.hertz.com

Hertz is one of the world’s largest mobility companies, and through its indirect subsidiary, The Hertz Corporation, operates the Hertz, Dollar, and Thrifty vehicle rental brands throughout North America, Europe, the Caribbean, Latin America, Africa, the Middle East, Asia, Australia, and New Zealand. Hertz pioneered the car rental industry, and the Hertz brand is one of the most recognized brands globally. For more than a century, Hertz has offered innovative, differentiated products in an effort to make every rental experience seamless and special. Customers choose Hertz for its wide selection of top-rated vehicles, for its free Hertz Gold Plus Rewards® loyalty program, and because of Hertz’s thousands of convenient locations. Hertz also operates the Firefly car rental brand and Hertz 24/7 car sharing business in international markets and additionally rents vehicles to rideshare drivers through dedicated partnerships with Uber, Lyft, and others. Hertz also sells vehicles to consumers at Hertz Car Sales locations throughout the United States.

NAICS: 5615

NAICS Definition: Travel Arrangement and Reservation Services

Employees: 19,330

Subsidiaries: 0

12-month incidents

1

Known data breaches

1

Attack type number

2

Expedia

—

ISO 27001

Not verified

—

SOC2 Type 1

Not verified

—

SOC2 Type 2

Not verified

—

GDPR

Not verified

—

PCI DSS

Not verified

—

HIPAA

Not verified

Hertz

—

ISO 27001

Not verified

—

SOC2 Type 1

Not verified

—

SOC2 Type 2

Not verified

—

GDPR

Not verified

—

PCI DSS

Not verified

—

HIPAA

Not verified

Incidents vs Travel Arrangements Industry Average (This Year)

No incidents recorded for Expedia in 2025.

Incidents vs Travel Arrangements Industry Average (This Year)

Hertz has 0.0% fewer incidents than the average of same-industry companies with at least one recorded incident.

Incident History — Expedia (X = Date, Y = Severity)

Expedia cyber incidents detection timeline including parent company and subsidiaries

Incident History — Hertz (X = Date, Y = Severity)

Hertz cyber incidents detection timeline including parent company and subsidiaries

Expedia

Incidents

Date Detected: 07/2022

Type:Breach

Attack Vector: Website Hacking

Blog: Blog

Date Detected: 3/2021

Type:Breach

Blog: Blog

Date Detected: 6/2016

Type:Breach

Blog: Blog

Hertz

Incidents

Date Detected: 12/2025

Type:Breach

Blog: Blog

Date Detected: 10/2024

Type:Vulnerability

Attack Vector: Unauthorized Access

Blog: Blog

Expedia company demonstrates a stronger AI Cybersecurity Score compared to Hertz company, reflecting its advanced cybersecurity posture governance and monitoring frameworks.

Expedia company has faced a higher number of disclosed cyber incidents historically compared to Hertz company.

In the current year, Hertz company has reported more cyber incidents than Expedia company.

Neither Hertz company nor Expedia company has reported experiencing a ransomware attack publicly.

Both Hertz company and Expedia company have disclosed experiencing at least one data breach.

Neither Hertz company nor Expedia company has reported experiencing targeted cyberattacks publicly.

Hertz company has disclosed at least one vulnerability, while Expedia company has not reported such incidents publicly.

Neither Expedia nor Hertz holds any compliance certifications.

Neither company holds any compliance certifications.

Expedia company has more subsidiaries worldwide compared to Hertz company.

Neither Expedia nor Hertz holds SOC 2 Type 1 certification.

Neither Expedia nor Hertz holds SOC 2 Type 2 certification.

Neither Expedia nor Hertz holds ISO 27001 certification.

Neither Expedia nor Hertz holds PCI DSS certification.

Neither Expedia nor Hertz holds HIPAA certification.

Neither Expedia nor Hertz holds GDPR certification.

Description

A vulnerability has been found in SeaCMS up to 13.3. The affected element is an unknown function of the file js/player/dmplayer/dmku/class/mysqli.class.php. Such manipulation of the argument page/limit leads to sql injection. The attack can be executed remotely. The exploit has been disclosed to the public and may be used.

Published

Date

2025-12-21

Updated

Date

2025-12-21

Risk Information

cvss2

Base: 7.5

Severity: LOW

AV:N/AC:L/Au:N/C:P/I:P/A:P

cvss3

Base: 7.3

Severity: LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

cvss4

Base: 6.9

Severity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

References

Description

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in HappyDevs TempTool allows Stored XSS.This issue affects TempTool: from n/a through 1.3.1.

Published

Date

2025-12-21

Updated

Date

2025-12-21

Risk Information

cvss3

Base: 6.5

Severity: LOW

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L

References

https://vdp.patchstack.com/database/wordpress/plugin/current-template-name/vulnerability/wordpress-temptool-show-current-template-info-plugin-1-3-1-cross-site-scripting-xss-vulnerability?_s_id=cve

Description

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Tormorten WP Microdata allows Stored XSS.This issue affects WP Microdata: from n/a through 1.0.

Published

Date

2025-12-21

Updated

Date

2025-12-21

Risk Information

cvss3

Base: 6.5

Severity: LOW

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L

References

https://vdp.patchstack.com/database/wordpress/plugin/wp-microdata/vulnerability/wordpress-wp-microdata-plugin-1-0-cross-site-scripting-xss-vulnerability?_s_id=cve

Description

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in HappyDevs TempTool allows Retrieve Embedded Sensitive Data.This issue affects TempTool: from n/a through 1.3.1.

Published

Date

2025-12-21

Updated

Date

2025-12-21

Risk Information

cvss3

Base: 4.3

Severity: LOW

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

References

https://vdp.patchstack.com/database/wordpress/plugin/current-template-name/vulnerability/wordpress-temptool-show-current-template-info-plugin-1-3-1-sensitive-data-exposure-vulnerability?_s_id=cve

Description

A vulnerability has been found in Tenda FH1201 1.2.0.14(408). Affected is the function sprintf of the file /goform/SetIpBind. Such manipulation of the argument page leads to stack-based buffer overflow. The attack may be performed from remote. The exploit has been disclosed to the public and may be used.

Published

Date

2025-12-21

Updated

Date

2025-12-21

Risk Information

cvss2

Base: 9.0

Severity: LOW

AV:N/AC:L/Au:S/C:C/I:C/A:C

cvss3

Base: 8.8

Severity: LOW

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

cvss4

Base: 7.4

Severity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

References

Badge your company to reduce your risk score and your cyber insurance costs!

Comparison Overview

Expedia

VS

Hertz

Expedia

Hertz

Compliance Badges Comparison

Benchmark & Cyber Underwriting Signals

Incidents vs Travel Arrangements Industry Average (This Year)

Incidents vs Travel Arrangements Industry Average (This Year)

Incident History — Expedia (X = Date, Y = Severity)

Incident History — Hertz (X = Date, Y = Severity)

Notable Incidents

FAQ

Latest Global CVEs (Not Company-Specific)

CVE-2025-15002

Risk Information

CVE-2025-62926

Risk Information

CVE-2025-62901

Risk Information

CVE-2025-62955

Risk Information

CVE-2025-14995

Risk Information

Badge your company to reduce your risk score and your cyber insurance costs!

Comparison Overview

Expedia

VS

Hertz

Expedia

Hertz

Compliance Badges Comparison

Benchmark & Cyber Underwriting Signals

Incidents vs Travel Arrangements Industry Average (This Year)

Incidents vs Travel Arrangements Industry Average (This Year)

Incident History — Expedia (X = Date, Y = Severity)

Incident History — Hertz (X = Date, Y = Severity)

Notable Incidents

🔒 Incident : Breach TRI946171122

🔒 Incident : Breach EXP1014091725

🔒 Incident : Breach EXP16239622

🔒 Incident : Breach HER1765420281

🔒 Incident : Vulnerability HER047072425

FAQ

Between Expedia company and Hertz company, which one has the best AI Cybersecurity Score ?

Between Expedia company and Hertz company, which one has experienced more cyber incidents in the past ?

Between Expedia company and Hertz company, which one has experienced more cyber incidents this year ?

Between Expedia company and Hertz company, which one has experienced at least one ransomware attack ?

Between Expedia company and Hertz company, which one has experienced at least one data breach ?

Between Expedia company and Hertz company, which one has experienced at least one targeted cyberattack ?

Between Expedia company and Hertz company, which one has experienced at least one vulnerability ?

Between Expedia company and Hertz company, which one holds the most compliance certifications ?

Between Expedia company and Hertz company, which one holds the fewest compliance certifications ?

Between Expedia company and Hertz company, which one has the most subsidiaries ?

Between Expedia company and Hertz company, which one has the largest number of employees ?

Between Expedia and Hertz, which company holds both SOC 2 Type 1 certifications ?

Between Expedia and Hertz, which company holds both SOC 2 Type 2 certifications ?

Which company is ISO 27001 certified — Expedia or Hertz ?

Which company is PCI DSS compliant — Expedia or Hertz ?

Between Expedia and Hertz, which company complies with HIPAA regulations for healthcare data ?

Between Expedia and Hertz, which company complies with GDPR requirements ?

Latest Global CVEs (Not Company-Specific)

CVE-2025-15002

Risk Information

CVE-2025-62926

Risk Information

CVE-2025-62901

Risk Information

CVE-2025-62955

Risk Information

CVE-2025-14995

Risk Information