ISO 27001 Certificate
SOC 1 Type I Certificate
SOC 2 Type II Certificate
PCI DSS
HIPAA
RGPD
Internal validation & live display
Multiple badges & continuous verification
Faster underwriting decisions

GoFundMe Company CyberSecurity Posture

gfme.co
ISOSOC2 Type 1SOC2 Type 2PCI DSSHIPAAGDPR

There are a billion good intentions tucked inside each and every one of us. At GoFundMe, we believe that the impulse to help a person, fix a neighborhood, or change a nation should never be ignored. In fact, it should be shared with the entire world. That’s why we make it easy to inspire the world and turn your compassion into action. By giving people the tools they need to capture and share their story far and wide, we have built a community of more than 200 million donors and helped organizers raise over $15 billion for the causes important to them—and we are just getting started. Check out current job openings, join our team, and be a part of the change below. ## GoFundMe has assembled one of the best management teams in the business to build the next leading consumer Internet company, including leaders from LinkedIn, Groupon, and Google. We are also funded by some of Silicon Valley’s best venture capital firms, including Accel, Greylock, and TCV.

GoFundMe A.I CyberSecurity Scoring

GoFundMe

Company Details

Linkedin ID:

gofundme-com

Website:

https://gfme.co/homepage

Employees number:

676

Number of followers:

62,329

NAICS:

561499

Industry Type:

Fundraising

Homepage:

gfme.co

IP Addresses:

0

Company ID:

GOF_3097372

Scan Status:

In-progress

AI scoreGoFundMe Risk Score (AI oriented)

Between 750 and 799

https://images.rankiteo.com/companyimages/gofundme-com.jpeg
GoFundMe Fundraising
Updated:
  • Powered by our proprietary A.I cyber incident model
  • Insurance preferes TPRM score to calculate premium
globalscoreGoFundMe Global Score (TPRM)

XXXX

https://images.rankiteo.com/companyimages/gofundme-com.jpeg
GoFundMe Fundraising
  • Instant access to detailed risk factors
  • Benchmark vs. industry & size peers
  • Vulnerabilities
  • Findings

GoFundMe Company CyberSecurity News & History

Past Incidents
0
Attack Types
0
No data available
Ailogo

GoFundMe Company Scoring based on AI Models

Cyber Incidents Likelihood 3 - 6 - 9 months

🔒
Incident Predictions locked
Access Monitoring Plan

A.I Risk Score Likelihood 3 - 6 - 9 months

🔒
A.I. Risk Score Predictions locked
Access Monitoring Plan
statics

Underwriter Stats for GoFundMe

Incidents vs Fundraising Industry Average (This Year)

No incidents recorded for GoFundMe in 2025.

Incidents vs All-Companies Average (This Year)

No incidents recorded for GoFundMe in 2025.

Incident Types GoFundMe vs Fundraising Industry Avg (This Year)

No incidents recorded for GoFundMe in 2025.

Incident History — GoFundMe (X = Date, Y = Severity)

GoFundMe cyber incidents detection timeline including parent company and subsidiaries

GoFundMe Company Subsidiaries

SubsidiaryImage

There are a billion good intentions tucked inside each and every one of us. At GoFundMe, we believe that the impulse to help a person, fix a neighborhood, or change a nation should never be ignored. In fact, it should be shared with the entire world. That’s why we make it easy to inspire the world and turn your compassion into action. By giving people the tools they need to capture and share their story far and wide, we have built a community of more than 200 million donors and helped organizers raise over $15 billion for the causes important to them—and we are just getting started. Check out current job openings, join our team, and be a part of the change below. ## GoFundMe has assembled one of the best management teams in the business to build the next leading consumer Internet company, including leaders from LinkedIn, Groupon, and Google. We are also funded by some of Silicon Valley’s best venture capital firms, including Accel, Greylock, and TCV.

similarCompanies

GoFundMe Similar Companies

Goettler Associates
goettler.com

Goettler Associates’ professional services will: > elevate your organization’s Fund Raising to its maximum potential through a Full Circle of development programs and appeals > keep you Moving Ahead through careful and deliberate Planning > keep you Rising to the Challenge, through Leade

Security Report Compare
Pledge It
pledgeit.org

Pledge It is designed for nonprofit fundraising professionals who need comprehensive event management without the learning curve. Our intuitive platform maximizes success for galas, golf tournaments, peer-to-peer fundraising, auctions, and donation forms. Built-in automations recruit previous attend

Security Report Compare
University of Mississippi Foundation
umfoundation.com

The University of Mississippi Foundation is a nonprofit corporation chartered in 1973 by the State of Mississippi to operate primarily for the benefit of the University of Mississippi. The Foundation is responsible for receiving, receipting, investing and distributing all gifts for the benefit of th

Security Report Compare
Broadway Cares/Equity Fights AIDS
broadwaycares.org

Broadway Cares/Equity Fights AIDS, the philanthropic heart of Broadway, is one of the nation’s leading industry-based, nonprofit AIDS fundraising and grant-making organizations. By drawing upon the talents, resources and generosity of the American theatre community, since 1988 Broadway Cares has rai

Security Report Compare
Fund Your Org
fundyourorg.com

Are you planning a fundraising event for your non-profit organization? Pulling off a successful fundraising event takes more than pure luck. With the right people, the right items and the right energy, you can plan the most successful charity event that will benefit your non-profit organization's mi

Security Report Compare
Insightful philanthropy
insightfulphilanthropy.com

Insightful Philanthropy is a donor intelligence platform designed to help nonprofits build stronger relationships through timely, relevant engagement. By automatically delivering curated news and updates about donors, board members, and key stakeholders, Insightful empowers fundraisers to act on mea

Security Report Compare
newsone

GoFundMe CyberSecurity News

December 06, 2025 10:57 AM
Cyber Security Professional from Telangana Dies in US Fire Accident

Sahaja Reddy Udumala completed her Masters in Cyber Security in the US and began working there a few months ago.

Read Article
November 28, 2025 08:04 AM
CF Musicale to have scholarship fundraiser

CRYSTAL FALLS — The Crystal Falls Musicale will host its annual Christmas Tea Scholarship Fundraiser at 1:30 p.m. Saturday, Dec.

Read Article
November 17, 2025 08:00 AM
James City County medical and dental center launches emergency fundraiser

The medical clinic, which helps underinsured and uninsured people in the Williamsburg area, needs extra funding after a cyber attack earlier...

Read Article
November 14, 2025 03:51 PM
Rapid City Rhoden fundraiser on 11/18

The day before his fundraiser in Pierre, the PAC supporting Governor Larry Rhoden will be hosting a fundraiser at the arrowhead country club in Rapid City.

Read Article
October 13, 2025 07:00 AM
Milford's Anthony Yannella, 22, Dies After 2-Week Battle With Pneumonia

A Connecticut community is mourning the loss of Anthony Yannella, a 22-year-old Milford native and University of New Haven graduate who...

Read Article
October 05, 2025 07:00 AM
Cyberscammers are cashing in by exploiting cancer patients — we must stop them

Learn how cybercriminals are exploiting childhood cancer awareness to steal identities and scam donors. Protect yourself and others from...

Read Article
September 15, 2025 07:00 AM
Google scraps Gmail ‘blacklist’ that labeled GOP fundraiser emails ‘dangerous’ — and sent them directly to spam

Google has scrapped Gmail's controversial use of a “blacklist” that had been flagging Republican fundraising emails as “dangerous” -- and...

Read Article
August 30, 2025 07:00 AM
Fish fry fundraiser held in Niskayuna to raise money for cybersecurity industry

Fish on the fryer at the fundraiser. (Brendan Wettergreen / WNYT). There was a lot of fish fry for people to enjoy Saturday in Niskayuna. The...

Read Article
August 25, 2025 07:00 AM
How to Avoid Charity Scams

When disaster strikes, we want to give – but scammers move quickly to take advantage of your generosity. Here's how to protect yourself when...

Read Article
faq

Frequently Asked Questions

Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.

GoFundMe CyberSecurity History Information

Official Website of GoFundMe

The official website of GoFundMe is https://gfme.co/homepage.

GoFundMe’s AI-Generated Cybersecurity Score

According to Rankiteo, GoFundMe’s AI-generated cybersecurity score is 764, reflecting their Fair security posture.

How many security badges does GoFundMe’ have ?

According to Rankiteo, GoFundMe currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.

Does GoFundMe have SOC 2 Type 1 certification ?

According to Rankiteo, GoFundMe is not certified under SOC 2 Type 1.

Does GoFundMe have SOC 2 Type 2 certification ?

According to Rankiteo, GoFundMe does not hold a SOC 2 Type 2 certification.

Does GoFundMe comply with GDPR ?

According to Rankiteo, GoFundMe is not listed as GDPR compliant.

Does GoFundMe have PCI DSS certification ?

According to Rankiteo, GoFundMe does not currently maintain PCI DSS compliance.

Does GoFundMe comply with HIPAA ?

According to Rankiteo, GoFundMe is not compliant with HIPAA regulations.

Does GoFundMe have ISO 27001 certification ?

According to Rankiteo,GoFundMe is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.

Industry Classification of GoFundMe

GoFundMe operates primarily in the Fundraising industry.

Number of Employees at GoFundMe

GoFundMe employs approximately 676 people worldwide.

Subsidiaries Owned by GoFundMe

GoFundMe presently has no subsidiaries across any sectors.

GoFundMe’s LinkedIn Followers

GoFundMe’s official LinkedIn profile has approximately 62,329 followers.

NAICS Classification of GoFundMe

GoFundMe is classified under the NAICS code 561499, which corresponds to All Other Business Support Services.

GoFundMe’s Presence on Crunchbase

Yes, GoFundMe has an official profile on Crunchbase, which can be accessed here: https://www.crunchbase.com/organization/gofundme.

GoFundMe’s Presence on LinkedIn

Yes, GoFundMe maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/gofundme-com.

Cybersecurity Incidents Involving GoFundMe

As of December 21, 2025, Rankiteo reports that GoFundMe has not experienced any cybersecurity incidents.

Number of Peer and Competitor Companies

GoFundMe has an estimated 1,146 peer or competitor companies worldwide.

GoFundMe CyberSecurity History Information

How many cyber incidents has GoFundMe faced ?

Total Incidents: According to Rankiteo, GoFundMe has faced 0 incidents in the past.

What types of cybersecurity incidents have occurred at GoFundMe ?

Incident Types: The types of cybersecurity incidents that have occurred include .

Incident Details

What are the most common types of attacks the company has faced ?

Additional Questions

cve

Latest Global CVEs (Not Company-Specific)

Description

Versa SASE Client for Windows versions released between 7.8.7 and 7.9.4 contain a local privilege escalation vulnerability in the audit log export functionality. The client communicates user-controlled file paths to a privileged service, which performs file system operations without impersonating the requesting user. Due to improper privilege handling and a time-of-check time-of-use race condition combined with symbolic link and mount point manipulation, a local authenticated attacker can coerce the service into deleting arbitrary directories with SYSTEM privileges. This can be exploited to delete protected system folders such as C:\\Config.msi and subsequently achieve execution as NT AUTHORITY\\SYSTEM via MSI rollback techniques.

Published
Date
2025-12-20
Updated
Date
2025-12-20
Risk Information
cvss4
Base: 8.5
Severity: LOW
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

The WP JobHunt plugin for WordPress, used by the JobCareer theme, is vulnerable to unauthorized modification of data due to a missing capability check on the 'cs_update_application_status_callback' function in all versions up to, and including, 7.7. This makes it possible for authenticated attackers, with Candidate-level access and above, to inject cross-site scripting into the 'status' parameter of applied jobs for any user.

Published
Date
2025-12-20
Updated
Date
2025-12-20
Risk Information
cvss3
Base: 7.6
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L
References
Description

The WP JobHunt plugin for WordPress, used by the JobCareer theme, is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 7.7 via the 'cs_update_application_status_callback' due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with Candidate-level access and above, to send a site-generated email with injected HTML to any user.

Published
Date
2025-12-20
Updated
Date
2025-12-20
Risk Information
cvss3
Base: 4.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
References
Description

The FiboSearch – Ajax Search for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's `thegem_te_search` shortcode in all versions up to, and including, 1.32.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This vulnerability requires TheGem theme (premium) to be installed with Header Builder mode enabled, and the FiboSearch "Replace search bars" option enabled for TheGem integration.

Published
Date
2025-12-20
Updated
Date
2025-12-20
Risk Information
cvss3
Base: 5.4
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
References
Description

The Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.11.0 via the ajax_get_members function. This is due to the use of a predictable low-entropy token (5 hex characters derived from md5 of post ID) to identify member directories and insufficient authorization checks on the unauthenticated AJAX endpoint. This makes it possible for unauthenticated attackers to extract sensitive data including usernames, display names, user roles (including administrator accounts), profile URLs, and user IDs by enumerating predictable directory_id values or brute-forcing the small 16^5 token space.

Published
Date
2025-12-20
Updated
Date
2025-12-20
Risk Information
cvss3
Base: 5.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
References

Access Data Using Our API

SubsidiaryImage

Get company history

curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=gofundme-com' -H 'apikey: YOUR_API_KEY_HERE'
Try It API Documentation rapidRapid

What Do We Measure ?

revertimgrevertimgrevertimgrevertimg
Incident
revertimgrevertimgrevertimgrevertimg
Finding
revertimgrevertimgrevertimgrevertimg
Grade
revertimgrevertimgrevertimgrevertimg
Digital Assets

Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.

These are some of the factors we use to calculate the overall score:

Network Security

Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.

SBOM (Software Bill of Materials)

Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.

CMDB (Configuration Management Database)

Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.

Threat Intelligence

Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.

Top LeftTop RightBottom LeftBottom Right
Rankiteo
By Rankiteo
View on G2.com
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
View latest reports → View all security reports →
Users Love Us Badge