What is the official website of Marriott International ?

The official website of Marriott International is http://www.marriott.com.

What is Marriott International's cybersecurity risk score?

Marriott International has an AI-generated cybersecurity risk score of 707 out of 1000, indicating a Moderate security posture according to Rankiteo's assessment.

How many security incidents has Marriott International experienced?

According to Rankiteo, Marriott International currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.

Has Marriott International been affected by any supply chain cyber incidents ?

According to Rankiteo, Marriott International has been affected by a supply chain cyber incident involving gastrodat GmbH, with the incident ID CHEGAS1776335039.

Does Marriott International have SOC 2 Type 1 certification ?

According to Rankiteo, Marriott International is not certified under SOC 2 Type 1.

Does Marriott International have SOC 2 Type 2 certification ?

According to Rankiteo, Marriott International does not hold a SOC 2 Type 2 certification.

Does Marriott International comply with GDPR ?

According to Rankiteo, Marriott International is not listed as GDPR compliant.

Does Marriott International have PCI DSS certification ?

According to Rankiteo, Marriott International does not currently maintain PCI DSS compliance.

Does Marriott International comply with HIPAA ?

According to Rankiteo, Marriott International is not compliant with HIPAA regulations.

Does Marriott International have ISO 27001 certification ?

According to Rankiteo,Marriott International is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.

Which industry does Marriott International operate in ?

Marriott International operates primarily in the Hospitality industry.

How many employees does Marriott International have ?

Marriott International employs approximately 213,175 people worldwide.

Does Marriott International own any subsidiaries ?

Marriott International presently has no subsidiaries across any sectors.

How many LinkedIn followers does Marriott International have ?

Marriott International's official LinkedIn profile has approximately 3,181,695 followers.

What is the NAICS classification code for Marriott International ?

Marriott International is classified under the NAICS code 7211, which corresponds to Traveler Accommodation.

Does Marriott International have a Crunchbase profile ?

No, Marriott International does not have a profile on Crunchbase.

Does Marriott International have a LinkedIn profile ?

Yes, Marriott International maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/marriott-international.

How many cybersecurity incidents has Marriott International experienced ?

As of June 14, 2026, Rankiteo reports that Marriott International has experienced 6 cybersecurity incidents.

How many peer or competitor companies does Marriott International have ?

Marriott International has an estimated 14,278 peer or competitor companies worldwide.

What types of cybersecurity incidents has Marriott International faced ?

Incident Types: The types of cybersecurity incidents that have occurred include Data Leak and Breach.

NEWRankiteo Cyber Underwriting Desktop - Score, price, and bind from your desktop

WindowsmacOSLinux

Download

Badge your company to reduce your risk score and your cyber insurance costs!

Link verified badges to your company page to build trust with insurers and customers.

Apply now and get your badge!

Internal validation & live display

Insurers and partners see a safer profile

Faster underwriting decisions

Trusted by insurers. Chosen by leaders.

Proud contributor to the Society of Actuaries.

Marriott International

Boost Score +25 with badge (5 left)

707

/1000

Moderate

732

/1000

Moderate

Marriott International Vendor Cyber Rating & Cyber Score

marriott.com

Add Your Compliance Badge

Marriott International, Inc. is based in Bethesda, Maryland, USA, and encompasses a portfolio of approximately 9,000 properties across more than 30 leading brands in 141 countries and territories. Its heritage can be traced to a root beer stand opened in Washington, D.C., in 1927 by J. Willard and Alice S. Marriott. Marriott International is an equal opportunity employer committed to hiring a diverse workforce and sustaining an inclusive culture. Marriott International does not discriminate on the basis of disability, veteran status or any other basis protected under federal, state or local laws. Community Guidelines: We reserve the right to remove without any notice content that we determine in our sole discretion is offensive or

Marriott International A.I CyberSecurity Scoring

Scoring History

Marriott International

Marriott International CyberSecurity News & History

Past Incidents

Attack Types

Entity

Type

Severity

Impact

Seen

Blog Details

Supply Chain Source

Incident Details

View

Marriott Internatio...

Breach

4/2026

gastrodat GmbH

CHEGAS177633503...

Marriott Internatio...

Breach

10/2025

MAR080220810112...

Marriott Internatio...

Breach

100

07/2022

MAR1318722

Marriott Internatio...

Breach

06/2022

MAR13023722

Marriott Internatio...

Data Leak

09/2019

MAR81730423

Marriott Internatio...

Breach

6/2016

MAR019090625

Loading…

A.I.

Marriott International Company Scoring based on AI Models

Cyber Incidents Likelihood 3 - 6 - 9 months

Actual

Prediction

Incident Predictions locked

Access Monitoring Plan

A.I Risk Score Likelihood 3 - 6 - 9 months

Actual

Prediction A

Prediction B

Prediction C

Prediction D

A.I. Risk Score Predictions locked

Access Monitoring Plan

Loading…

Underwriter Stats for Marriott International

Incidents vs Hospitality Industry Avg (This Year)

Marriott International has 32.43% fewer incidents than the average of same-industry companies with at least one recorded incident.

Incidents vs All-Companies Average (This Year)

Marriott International has 6.54% fewer incidents than the average of all companies with at least one recorded incident.

Incident Types Marriott International vs Hospitality Industry Avg (This Year)

Marriott International reported 1 incidents this year: 0 cyber attacks, 0 ransomware, 0 vulnerabilities, 1 data breaches, compared to industry peers with at least 1 incident.

Incident History - Marriott International (X = Date, Y = Severity)

Loading…

SUBSIDIARY

Marriott International Subsidiaries

Marriott International

Hospitality

Website: http://www.marriott.com

Company Size: 10,000+ employees

Marriott BonvoyHospitality

JW MarriottHospitality

JW Marriott Bucharest Grand HotelHospitality

Marriott HotelsHospitality

Sheraton Hotels & ResortsHospitality

JW Marriott Marquis Hotel DubaiHospitality

Courtyard by MarriottHospitality

Le Méridien Hotels & ResortsHospitality

The Athenee Hotel, a Luxury Collection Hotel, BangkokHospitality

Le Méridien BangkokHospitality

Fairfield by MarriottHospitality

EDITIONHospitality

Renaissance HotelsHospitality

Aloft HotelsHospitality

Aloft RiyadhHospitality

Aloft DhahranHospitality

Design HotelsHospitality

Gaylord HotelsHospitality

Westin Hotels & ResortsHospitality

The Westin Kuala LumpurHospitality

Revenue Management Advisory Services (RMAS)Hospitality

Residence Inn by MarriottHospitality

Marriott U.S. Sales OrganizationHospitality

Marriott Executive ApartmentsHospitality

Residence InnHospitality

TownePlace Suites by MarriottHospitality

Delta Hotels and Resorts®Hospitality

Autograph CollectionHospitality

SpringHill Suites by MarriottHospitality

W HotelsHospitality

Four Points by SheratonHospitality

Marriott Bonvoy EventsEvents Services

Overheard@MarriottLeisure, Travel & Tourism

Marriott DevelopmentHospitality

The Ritz-Carlton Hotel Company, L.L.C.Hospitality

Starwood Preferred Guest (SPG)Hospitality

Loading…

Marriott International Similar Companies

Landry's

landrysinc.com

Landry's is a multinational, diversified restaurant, hospitality, gaming, and entertainment leader based in Houston, Texas. The company operates more than 600 establishments around the world, including well-known concepts, such as Landry’s Seafood House, Bubba Gump Shrimp Co., Rainforest Cafe, Morton’s The Steakhouse, The Oceanaire Seafood Room, McCormick & Schmick’s, Chart House, Saltgrass Steak House, Del Frisco’s Double Eagle Steakhouse, Palm Restaurants, and Mastro’s Restaurants. The company also operates a group of signature restaurants, including Vic & Anthony’s Steakhouse, Grotto, Willie G’s, and others. The gaming division includes the renowned Golden Nugget Hotel and Casino concept, with locations in Las Vegas and Laughlin, NV, Atlantic City, NJ, Biloxi, MS, and Lake Charles, LA. The entertainment and hospitality divisions encompass popular destinations, including the Galveston Island Historic Pleasure Pier, Kemah Boardwalk, Aquarium Restaurants, and other exciting attractions, coupled with deluxe accommodations throughout the Houston and Galveston area, including The Post Oak Hotel at Uptown Houston, Westin Houston Downtown, Kemah Boardwalk Inn and The San Luis Resort, including the Hilton Galveston Island Resort and Holiday Inn Galveston on the Beach located on Galveston Island.

DoubleTree by Hilton

cb doubletree.com

DoubleTree by Hilton hotels are distinctively designed properties that provide true comfort to today’s business and leisure travelers. From the millions of delighted hotel guests who are welcomed with the brand’s legendary, warm chocolate chip cookies at check-in to the advantages of the award-winning Hilton HHonors® guest reward program, each DoubleTree by Hilton guest receives a satisfying stay wherever their travels take them. With a growing collection of contemporary, upscale accommodations in more than 375+ gateway cities, metropolitan areas and vacation destinations worldwide. DoubleTree by Hilton is part of Hilton Worldwide (NYSE: HLT), a leading global hospitality company spanning the lodging sector from luxury and full-service hotels and resorts to extended-stay suites and focused-service hotels. For 95 years, Hilton Worldwide has been dedicated to continuing its tradition of providing exceptional guest experiences. The company’s portfolio of eleven world-class global brands is comprised of more than 4,100 managed, franchised, owned and leased hotels and timeshare properties, with more than 685,000 rooms in 92 countries and territories, including Hilton Hotels & Resorts, Waldorf Astoria Hotels & Resorts, Conrad Hotels & Resorts, Curio – A Collection by Hilton, DoubleTree by Hilton, Embassy Suites Hotels, Hilton Garden Inn, Hampton Hotels, Homewood Suites by Hilton, Home2 Suites by Hilton and Hilton Grand Vacations. The company also manages an award-winning customer loyalty program, Hilton Honors.

SHRW, LLC

marriott.com

In 2016, Starwood Hotels and Resorts was acquired by Marriott International… In 2025, the Starwood Hotels was relaunched as the branding and hotel management company behind 1 Hotels & Homes, Baccarat Hotels & Residences and Treehouse Hotels. If you are looking for the latest Starwood Hotels company information, please visit linkedin.com/company/starwoodhotels .

Jumeirah

jumeirah.com

Jumeirah, a global leader in luxury hospitality and a member of Dubai Holding, operates an exceptional portfolio of 31 properties, including 33 signature F&B restaurants, across the Middle East, Europe, Asia and Africa. In 1999, Jumeirah changed the face of luxury hospitality with the opening of the iconic Jumeirah Burj Al Arab and the brand is now renowned worldwide for its distinguished beachfront resorts, esteemed city hotels and luxury residences. From the contemporary Maldivian island paradise at Jumeirah Olhahali Island to the art-inspired Jumeirah Capri Palace in Italy and the modern twist on a British classic at Jumeirah Carlton Tower in London, the brand has become synonymous with warm and generous service and the ability to craft distinctive and purposeful experiences that bring joy to guests from across the world.

Travel + Leisure Co.

travelandleisureco.com

Travel + Leisure Co., the world's leading vacation ownership and membership travel company, provides more than six million vacations to travelers every year. The company’s extensive Vacation Ownership portfolio includes trusted and iconic vacation club brands with a combined 270+ resorts worldwide, offering quality, flexibility, and value to more than 800,000 timeshare owners. Through its Travel and Membership business line, the company unlocks even more travel inspiration and opportunities via its signature subscription travel club, Travel + Leisure GO, and pioneering timeshare exchange network, RCI. With hospitality and responsible tourism at its heart, the company’s 19,000+ dedicated associates around the globe help the company achieve its mission to put the world on vacation.

Whitbread

cb whitbreadcareers.com

Whitbread PLC is the owner of the UK’s favourite hotel chain, Premier Inn, as well as restaurant brands, Beefeater, Brewers Fayre, Table Table, Bar + Block and Cookhouse and Pub. Whitbread employs more than 35,000 people in more than 1,200 Premier Inn hotels and restaurants across the UK and Germany, serving over five million customers every month. At Whitbread we are committed to being a force for good in the communities in which we operate. Our Sustainability programme, ‘Force for Good’ is focused on enabling people to live and work well and is built around three pillars of Opportunity, Community and Responsibility. Whitbread PLC is listed on the London Stock Exchange and is a constituent of the FTSE 100. It is also a member of the FTSE4Good Index.

Holiday Inn Express

holidayinnexpress.com

An IHG hotel. IHG Hotels & Resorts [LON:IHG, NYSE:IHG (ADRs)] is a global hospitality company, with a purpose to provide True Hospitality for Good. At Holiday Inn Express, we strive to make every interaction you have with us simple, smart and refreshingly engaging. With over 3,000 hotels in 75 different countries, Holiday Inn Express is IHG’s largest brand and one of the fastest growing hotel brands in the industry. Holiday Inn Express offers affordable hotels, high speed internet access, free breakfast and a comfortable room that will leave you relaxed and recharged. InterContinental Hotels Group PLC is the Group’s holding company and is incorporated in Great Britain and registered in England and Wales. Approximately 350,000 people work across IHG's hotels and corporate offices globally. Visit https://www.ihg.com/holidayinnexpress/hotels/us/en/reservation for hotel information and reservations and www.ihgrewards.com for more on IHG One Rewards. For our latest news, follow us on LinkedIn, Facebook, Instagram, TikTok and Twitter.

MGM Resorts International

cb mgmresorts.com

The resorts and casinos of MGM Resorts International™ are some of the most famous in the world. Our 28 destinations are renowned for their winning combination of quality entertainment, luxurious facilities, and exceptional customer service. We are actively expanding our presence globally, with potential developments in a number of domestic and international markets. At MGM Resorts International, we are all striving together to deliver an enticing blend of entertainment to every corner of the world. Many of our resorts are located in Las Vegas. Las Vegas features three of the largest convention centers in the U.S., spectacular entertainment, attractions, shopping, and world-famous resorts. Whether dancing fountains, incredible stage productions, casino action, museums or natural attractions such as Lake Mead, Vegas offers something for everyone. A stroll down our streets takes you around the globe, with recreations like climbing to the top of the Eiffel Tower or taking a Venetian gondola ride. From shimmering resort pools and spa rejuvenation to nonstop nightlife, Las Vegas promises an unforgettable career destination. With all of our unique and spectacular resorts and casinos, MGM Resorts International has a world of opportunities for you to discover excitement and rewards as you provide our guests with a wonderful and memorable experience. Take a closer look at our properties. We think you'll find an opportunity that's right for you. The 81,000 global employees of MGM Resorts are proud to be recognized as one of FORTUNE® Magazine’s World’s Most Admired Companies®.

Kerzner International

kerzner.com

Kerzner International has built a diverse collection of iconic brands and luxury properties, earning international acclaim for pioneering destination-defining hospitality, delivering unrivalled service, and curating transformative guest experiences. We are renowned for creating hospitality brands that are distinct and disruptive. Through Atlantis, One&Only, SIRO, and Rare Finds, our portfolio provides unforgettable and immersive experiences for guests in search of extraordinary moments. From authentic cultural exploration to innovative luxury concepts, every brand we build challenges convention to create unique journeys of discovery. We are a company that never settles. Because of this, we attract colleagues who share our desire to push until the next level is achieved, and then to keep going. We invest in our colleagues and our communities by working proactively to create jobs, training, education and opportunities that enrich lives. Our colleagues are at the heart of who we are and what we do. International resorts go hand in hand with an international team. In fact, we have more than 16,000 colleagues representing over 120 nationalities. And although we come from all over the world, we are united by the drive to create amazing experiences and everlasting memories for all.

Loading…

NEWS

Marriott International CyberSecurity News

Latest updates, reports, and threat intel affecting the global network.

February 07, 2026 04:40 AM

FTC and Coalition of State Attorneys General Announce Settlements with Marriott over Guest Data Breaches

Categories: Cybersecurity, Enforcement, Information Security, U.S. Federal Law, U.S. State Law. On October 9, 2024, both the Federal Trade Commission and a...

Read Article

January 25, 2026 08:00 AM

Hackers Use ‘rn’ Typo Trick to Impersonate Microsoft and Marriott in New Phishing Attack

A sophisticated "homoglyph" phishing campaign targeting customers of Marriott International and Microsoft. Attackers are registering domains...

Read Article

January 06, 2026 08:00 AM

5 Interns Share Their Best Tips to Land a Marriott Internship

Discover practical tips and career insights from real Marriott interns on how to land and succeed in a hospitality internship.

Read Article

December 18, 2025 11:33 PM

Marriott International confirms data breach of up to 5.2 million guests

Marriott International has today announced that it has suffered a data breach affecting up to 5.2 million people.

Read Article

December 07, 2025 08:00 AM

LockBit 5.0 Targets Marriott International

LockBit 5.0 ransomware strikes Marriott International, threatening data leak unless terms are met.

Read Article

November 21, 2025 08:00 AM

Cybersecurity and Data Privacy Implications When a Services Partner Fails

On November 10, 2025, Sonder Holdings Inc. (“Sonder”), a company operating apartment‑style and boutique hotel accommodations,...

Read Article

September 10, 2025 07:00 AM

Marriott Focuses on AI and Cybersecurity in Technology Overhaul

Marriott International is implementing a digital transformation plan that focuses on AI and cloud technologies to enhance its operations and...

Read Article

September 04, 2025 07:00 AM

Marriott checks out AI agents amid technology transformation

Marriott International is executing a multiyear digital and technology transformation plan that aims to retool the company, replace systems...

Read Article

August 13, 2025 07:46 AM

How Marriott Vacations Safeguards Its Data and Secures Global Operations with Illumio | Illumio Customers

Seamless vacations, trusted security at every destination. Marriott Vacations Worldwide isn't just a hospitality brand. It's a global business built around...

Read Article

Loading…

CVE

Latest

Global CVEs (Not Company-Specific)

CVE-2026-12175

SUMMARY

A vulnerability was detected in CodeAstro Student Attendance Management System 1.0. Impacted is an unknown function of the file /attendance-php/Admin/createStudents.php. Performing a manipulation of the argument admissionNumber results in sql injection. Remote exploitation of the attack is possible. The exploit is now public and may be used.

Published

Date2026-06-13

Updated

Date2026-06-13

RISK INFORMATION (Score: 4.7)

cvss2

Base Score: 5.8

Complexity: LOW

AV:N/AC:L/Au:M/C:P/I:P/A:P

cvss3

Base Score: 4.7

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L

cvss4

Base Score: 2.0

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

3.4

Exploitability

1.2

REFERENCES

CVE-2026-12174

SUMMARY

A security vulnerability has been detected in D-Link DCS-935L 1.10.01. This issue affects the function snprintf of the file /web/cgi-bin/greece/rhea of the component HTTP Handler. Such manipulation of the argument data leads to format string. The attack may be launched remotely. The exploit has been disclosed publicly and may be used.

Published

Date2026-06-13

Updated

Date2026-06-13

RISK INFORMATION (Score: 8.8)

cvss2

Base Score: 9.0

Complexity: LOW

AV:N/AC:L/Au:S/C:C/I:C/A:C

cvss3

Base Score: 8.8

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

cvss4

Base Score: 7.4

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

5.9

Exploitability

2.8

REFERENCES

CVE-2026-12183

SUMMARY

Nefteprodukttekhnika BUK TS-G Gas Station Automation System 2.9.1 through 2.10.2 on Linux contains an Improper Authentication vulnerability (CWE-287) in the system configuration module. The /php/ajax-login.php endpoint returns userid=1 (administrator) in response to any HTTP POST request that supplies arbitrary credentials (e.g., action=dologin&login=<any_value>&pwd=<any_value>), and subsequent privileged endpoints under /php/ajax-main.php and /modules/* do not validate a server-side session. A remote unauthenticated attacker can invoke any administrative action exposed by the configuration module, including reading and modifying user rules, fuel tank gauges, fuel dispensers, relays, cash registers, bank terminals, fuel cards, price and customer displays, cash collection, and pricing rules.

Published

Date2026-06-13

Updated

Date2026-06-13

RISK INFORMATION (Score: 9.8)

cvss3

Base Score: 9.8

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

cvss4

Base Score: 9.3

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

5.9

Exploitability

3.9

REFERENCES

CVE-2026-6428

SUMMARY

SQL Injection in reports/catalogue_out.pl in Koha Community Koha through 22.11.37, 23.x, 24.x before 24.11.16, 25.05.x before 25.05.11, 25.11.x before 25.11.05, 26.05.x before 26.05.01, and 26.11.x before 26.11.00 allows an authenticated staff user with the Reports module flag to read arbitrary data from the Koha application database via the Filter URL parameter when the Criteria parameter matches /branchcode/. The vulnerable sink in sub calculate concatenates the unmodified Filter request parameter directly into a LIKE clause of the auxiliary $strsth2 statement and executes it via DBI without bound parameters: my $f = @$filters[0]; $f =~ s/\*/%/g; $strsth2 .= " AND $column LIKE '$f' "; This enables error-based SQL injection (e.g., via EXTRACTVALUE) and full read access to sensitive tables including borrowers (password hashes, 2FA secrets, PII), borrower_password_recovery, api_keys, and sessions. Proof of concept (error-based, single request): GET /cgi-bin/koha/reports/catalogue_out.pl?do_it=1&output=screen&Limit=10&Criteria=branchcode&Filter=x'+AND+EXTRACTVALUE(1,CONCAT(0x7e,VERSION(),0x7c,USER(),0x7c,DATABASE(),0x7e))--+- Cookie: CGISESSID=<LIBRARIAN_SESSION> The response body contains the DBI exception leaking the MariaDB version, database user, client IP, and database name, after which arbitrary data can be paged out using LIMIT n,1 / SUBSTRING(...). The vulnerable sink was introduced in commit 6bb77ae3e4 (2008-07-09); CVE-2015-4633 patched the same class in sibling files but did not generalise the fix to reports/catalogue_out.pl. Fixed in Koha 22.11.38, 24.11.16, 25.05.11, 25.11.05, 26.05.01, and 26.11.00 by replacing the raw concatenation with a parameterised placeholder.

Published

Date2026-06-13

Updated

Date2026-06-13

RISK INFORMATION (Score: 7.6)

cvss2

Base Score: 7.5

Complexity: LOW

AV:N/AC:L/Au:S/C:C/I:N/A:P

cvss3

Base Score: 7.6

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L

cvss4

Base Score: 5.6

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:X/V:C/RE:X/U:Amber

Impact Score

4.7

Exploitability

2.8

REFERENCES

CVE-2026-5513

SUMMARY

The Online Scheduling and Appointment Booking System – Bookly plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'bookly-customer-full-name' cookie in versions up to, and including, 27.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Exploitation requires 'Remember personal information in cookies' setting to be enabled (disabled by default).

Published

Date2026-06-13

Updated

Date2026-06-13

RISK INFORMATION (Score: 7.2)

cvss3

Base Score: 7.2

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N

Impact Score

2.7

Exploitability

3.9

REFERENCES

Loading…

API

Access Data Using Our API

Get company history

curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?
linkedin_id=axa' -H 'apikey: YOUR_API_KEY_HERE'

Try It API Documentation Rapid

MEASURE

What Do We Measure ?

Incident

Finding

Grade

Digital Assets

Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.

These are some of the factors we use to calculate the overall score:

Network SecurityIdentify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.

SBOM (Software Bill of Materials)Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.

CMDB (Configuration Management Database)Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.

Threat IntelligenceLeverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.

Rankiteo

By Rankiteo

★ ★ ★ ★ ★

View on G2.com

Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.

View latest plans →View all security reports →

MILESTONEG

Users
Love Us

Loading…