What is the official website of Net Reply UK ?

The official website of Net Reply UK is https://www.reply.com/net-reply/en/.

What is Net Reply UK's cybersecurity risk score?

Net Reply UK has an AI-generated cybersecurity risk score of 749 out of 1000, indicating a Moderate security posture according to Rankiteo's assessment.

How many security incidents has Net Reply UK experienced?

According to Rankiteo, Net Reply UK currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.

Has Net Reply UK been affected by any supply chain cyber incidents ?

According to Rankiteo, Net Reply UK has not been affected by any supply chain cyber incidents, and no incident IDs are currently listed for the organization.

Does Net Reply UK have SOC 2 Type 1 certification ?

According to Rankiteo, Net Reply UK is not certified under SOC 2 Type 1.

Does Net Reply UK have SOC 2 Type 2 certification ?

According to Rankiteo, Net Reply UK does not hold a SOC 2 Type 2 certification.

Does Net Reply UK comply with GDPR ?

According to Rankiteo, Net Reply UK is not listed as GDPR compliant.

Does Net Reply UK have PCI DSS certification ?

According to Rankiteo, Net Reply UK does not currently maintain PCI DSS compliance.

Does Net Reply UK comply with HIPAA ?

According to Rankiteo, Net Reply UK is not compliant with HIPAA regulations.

Does Net Reply UK have ISO 27001 certification ?

According to Rankiteo,Net Reply UK is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.

Which industry does Net Reply UK operate in ?

Net Reply UK operates primarily in the IT Services and IT Consulting industry.

How many employees does Net Reply UK have ?

Net Reply UK employs approximately 11 people worldwide.

Does Net Reply UK own any subsidiaries ?

Net Reply UK presently has no subsidiaries across any sectors.

How many LinkedIn followers does Net Reply UK have ?

Net Reply UK's official LinkedIn profile has approximately 855 followers.

Does Net Reply UK have a Crunchbase profile ?

No, Net Reply UK does not have a profile on Crunchbase.

Does Net Reply UK have a LinkedIn profile ?

Yes, Net Reply UK maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/net-reply-uk.

How many cybersecurity incidents has Net Reply UK experienced ?

As of June 14, 2026, Rankiteo reports that Net Reply UK has not experienced any cybersecurity incidents.

How many peer or competitor companies does Net Reply UK have ?

Net Reply UK has an estimated 40,681 peer or competitor companies worldwide.

NEWRankiteo Cyber Underwriting Desktop - Score, price, and bind from your desktop

WindowsmacOSLinux

Download

Badge your company to reduce your risk score and your cyber insurance costs!

Link verified badges to your company page to build trust with insurers and customers.

Apply now and get your badge!

Internal validation & live display

Insurers and partners see a safer profile

Faster underwriting decisions

Trusted by insurers. Chosen by leaders.

Proud contributor to the Society of Actuaries.

NRU

Boost Score +25 with badge (5 left)

749

/1000

Moderate

774

/1000

Fair

Net Reply UK Vendor Cyber Rating & Cyber Score

reply.com

Add Your Compliance Badge

At Net Reply, we specialise in network consultancy and system integration. As a proud member of the Reply Group, we are committed to driving network technology innovation across various industry sectors, including Telco & Media, Financial Services, Retail & CPG, Automotive, and Government. Our Future Networks practice leads advancements in technologies such as SD-WAN, Open-RAN, 5G Mobile Private Networks, Disaggregated Access Networks, and Non-Terrestrial Networks. Our Infrastructure Services practice spans a comprehensive array of technologies and services, including Network Modernisation and Migrations, Network Segmentation, Network Programmability and Automation Services, API Development for System Integration, and Test Automation

NRU A.I CyberSecurity Scoring

Scoring History

NRU

Net Reply UK CyberSecurity News & History

Past Incidents

Attack Types

Entity

Type

Severity

Impact

Seen

Blog Details

Supply Chain Source

Incident Details

View

No data available

Loading…

A.I.

NRU Company Scoring based on AI Models

Cyber Incidents Likelihood 3 - 6 - 9 months

Actual

Prediction

Incident Predictions locked

Access Monitoring Plan

A.I Risk Score Likelihood 3 - 6 - 9 months

Actual

Prediction A

Prediction B

Prediction C

Prediction D

A.I. Risk Score Predictions locked

Access Monitoring Plan

Loading…

Underwriter Stats for NRU

Incidents vs IT Services and IT Consulting Industry Avg (This Year)

No incidents recorded for Net Reply UK in 2026.

Incidents vs All-Companies Average (This Year)

No incidents recorded for Net Reply UK in 2026.

Incident Types NRU vs IT Services and IT Consulting Industry Avg (This Year)

No incidents recorded for Net Reply UK in 2026.

Incident History - NRU (X = Date, Y = Severity)

Loading…

SUBSIDIARY

Net Reply UK Subsidiaries

NRU

IT Services and IT Consulting

Website: https://www.reply.com/net-reply/en/

Company Size: 11

124

ReplyIT Services and IT Consulting

Blue Reply ITIT Services and IT Consulting

Airwalk ReplyIT Services and IT Consulting

Machine Learning ReplyIT Services and IT Consulting

Concept Quality ReplyIT Services and IT Consulting

Open Reply ITIT Services and IT Consulting

Communication Valley ReplyComputer and Network Security

Like ReplyAdvertising Services

e*finance consulting ReplyFinancial Services

Spike ReplyIT Services and IT Consulting

Data Reply UKIT Services and IT Consulting

Concept Reply GmbHInformation Technology & Services

Concept Reply USInformation Technology & Services

Sprint Reply ITInformation Technology & Services

Liquid ReplyIT Services and IT Consulting

Life At ReplyIT Services and IT Consulting

Nexi DigitalFinancial Services

Valorem ReplyIT Services and IT Consulting

Valorem Reply - Technology Industry SolutionsIT Services and IT Consulting

CLUSTER REPLYIT Services and IT Consulting

Avantage ReplyFinancial Services

IFRS 9Financial Services

Compliance and Conduct RiskFinancial Services

Xister ReplyAdvertising Services

BitmamaAdvertising Services

Threepipe ReplyAdvertising Services

Lynx RecruitmentStaffing and Recruiting

Storm ReplyIT Services and IT Consulting

Machine Learning Reply GmbHIT Services and IT Consulting

ATLAS REPLYIT Services and IT Consulting

Syskoplan Reply USIT Services and IT Consulting

Wemanity BelgiumInformation Technology & Services

Cloud9 ReplyIT Services and IT Consulting

Technology ReplySoftware Development

Mansion House ConsultingBusiness Consulting and Services

WM ReplyIT Services and IT Consulting

Net ReplyIT Services and IT Consulting

Go ReplyIT Services and IT Consulting

Cluster Reply DEIT Services and IT Consulting

Concept Engineering ReplyIT Services and IT Consulting

TD ReplyBusiness Consulting and Services

Comsysto Reply GmbHIT Services and IT Consulting

Wemanity MarocIT Services and IT Consulting

Data Reply FRInformation Technology & Services

Graymatter ReplyAdvertising Services

Graymatter REPLY DigitalAdvertising Services

Business ReplySoftware Development

Syskoplan Reply DACHInformation Technology & Services

Whitehall ReplyIT Services and IT Consulting

Laife ReplyInformation Technology & Services

Technology Reply RomaniaIT Services and IT Consulting

Canvas ReplyIT Services and IT Consulting

Sytel ReplyIT Services and IT Consulting

ARLANIS REPLY ITIT Services and IT Consulting

Triplesense ReplyTechnology, Information and Internet

Connect ReplyIT Services and IT Consulting

Pay ReplyInformation Technology & Services

Accelerator 365 by ReplySoftware Development

Shield ReplyIT Services and IT Consulting

4brands ReplyInformation Technology & Services

Blue Reply DEIT Services and IT Consulting

Cortex Reply DEIT Services and IT Consulting

Logistics Reply DESoftware Development

Aktive ReplyInformation Technology & Services

Spike Reply LuxembourgIT Services and IT Consulting

Light ReplyIT Services and IT Consulting

Autonomous Reply FRIT Services and IT Consulting

Cortex Reply UKTechnology, Information and Internet

Target Reply RomeIT Services and IT Consulting

Wemanity Learning CenterDéveloppement professionnel et coaching

Sprint Reply BEIT Services and IT Consulting

Sprint Reply DEIT Services and IT Consulting

KI ReplyInformation Technology & Services

Solidsoft ReplyIT Services and IT Consulting

Starbytes.itInformation Technology & Services

Spur ReplyBusiness Consulting and Services

Open Reply UKInformation Technology & Services

Sense ReplyIT Services and IT Consulting

Reply ChallengesFornitori di e-learning

Data Reply ITIT Services and IT Consulting

Wemanity NetherlandsProfessional Training and Coaching

Target ReplyData Infrastructure and Analytics

Leadvise ReplyBusiness Consulting and Services

Digital Transformation der Regulatory AffairsUnternehmensberatung

Blockchain ReplyIT Services and IT Consulting

Data Reply DEInformation Technology & Services

HERMES REPLYInformation Technology & Services

Roboverse Reply DEIT Services and IT Consulting

Comwrap Reply DACHTechnology, Information and Internet

Logistics Reply USSoftware Development

Business Elements ReplyIT Services and IT Consulting

Up ReplyIT Services and IT Consulting

AIM ReplyIT Services and IT Consulting

Glue ReplyIT Services and IT Consulting

Infinity Reply ITIT Services and IT Consulting

ARLANIS REPLYIT Services and IT Consulting

Arlanis Reply UKIT Services and IT Consulting

Fincon Reply GmbHInformation Services

Red Reply DEIT Services and IT Consulting

Air ReplyIT Services and IT Consulting

Open ReplyInformation Technology & Services

Live Reply ItalyIT Services and IT Consulting

Logistics Reply UKSoftware Development

Sprint Reply UKIT Services and IT Consulting

Live Reply DEIT Services and IT Consulting

Brick Reply | IT Solutions and Services for ManufacturingSoftware Development

Storm Reply DEIT Services and IT Consulting

Neo ReplyIT Services and IT Consulting

Core ReplyInformation Technology & Services

Macros Reply GmbHIT Services and IT Consulting

Ki Reply UKIT Services and IT Consulting

Alpha ReplyIT Services and IT Consulting

Infinity Reply DEIT Services and IT Consulting

Open Reply Benelux - FranceBusiness Consulting and Services

Storm Reply, Inc.Professional Services

Spike Reply UKTechnology, Information and Internet

Eos ReplyIT Services and IT Consulting

Sytel Reply NorthInformation Technology & Services

Atomic ReplyBusiness Consulting and Services

Industrie Reply USMotor Vehicle Manufacturing

Cluster Reply PLIT Services and IT Consulting

Nimbus ReplyIT Services and IT Consulting

Zest ReplyIT Services and IT Consulting

Affinity ReplyIT Services and IT Consulting

Loading…

Net Reply UK Similar Companies

Swisscom

swisscom.ch

As No. 1, we inspire people in the connected world. With the latest technologies and innovations, together we have the opportunity to shape the future. To do this, we are and act trustworthy, committed and curious. Are you with us? Join us on this exciting journey and work with us or in one of the DevOps Centres in Riga or Rotterdam in different business areas on the latest technological trends. Find out more about us and our vacancies on our careers page: www.swisscom.ch/career We look forward to hearing from you!

FPT Software

cb fptsoftware.com

FPT Software, a subsidiary of FPT Corporation, is a global technology and IT services provider headquartered in Vietnam, with USD 1.22 billion in revenue (2024) and over 33,000 employees in 30 countries. Embracing an AI-first approach, FPT Software enables breakthrough speed, scalability and quality through AI-powered services and solutions and an AI-augmented workforce. It has partnered with over 1,100 clients worldwide, more than 130 of which are Fortune Global 500 companies in Aviation, Automotive, Banking, Financial Services and Insurance, Healthcare, Logistics, Manufacturing, Utilities, and more. For more information, please visit https://fptsoftware.com/.

Neobpo

www.neobpo

Somos especializados em integrar tecnologia com inteligência humana, oferecendo soluções digitais que promovem transformação e eficiência operacional. Nosso foco é gerar valor por meio de resultados reais, utilizando inteligência digital para atender às necessidades específicas de cada cliente. Mergulhamos nos desafios de empresas que buscam inovação, modernização e escalabilidade, oferecendo soluções seguras e personalizadas para impulsionar seu crescimento. Adotamos uma abordagem consultiva ao longo de toda a jornada, identificando oportunidades estratégicas desde o primeiro contato, proporcionando soluções sob medida que combinam dados, automação e atendimento dedicado. O impacto que geramos vai além da entrega de resultados. Transformamos a forma como nossos clientes operam, melhorando sua produtividade, segurança e escalabilidade, garantindo um crescimento sustentável e criando valor mensurável para seus negócios.

SoftServe

softserveinc.com

SoftServe is a premier IT consulting and digital services provider. We expand the horizon of new technologies to solve today's complex business challenges and achieve meaningful outcomes for our clients. Our boundless curiosity drives us to explore and reimagine the art of the possible. Clients confidently rely on SoftServe to architect and execute mature and innovative capabilities, such as digital engineering, data and analytics, cloud, and AI/ML. Our global reputation is gained from more than 30 years of experience delivering superior digital solutions at exceptional speed by top-tier engineering talent to enterprise industries, including high tech, financial services, healthcare, life sciences, retail, energy, and manufacturing. At SoftServe, we live by our values. Trust, teamwork, growth, innovation, willingness to help, and exceeding expectations are engrained in everything we do. We partner with major technology players, such as Google Cloud Platform, Amazon Web Services, Microsoft Azure, Salesforce, NVIDIA, MuleSoft, VMware, and Odoo, to give clients a competitive advantage in the market. Founded in 1993, our global firm is headquartered in Austin, Texas, USA, and Lviv, Ukraine. Visit our website, blog, media, and news pages for more information. Blog: softserveinc.com/blog Media: softserveinc.com/media News: softserveinc.com/news

LexisNexis

cb lexisnexis.com

LexisNexis is a leading innovator of private, secure, and authoritative Legal AI solutions that help legal and business professionals draft full documents with ease, make informed decisions faster, and deliver outstanding work and improved outcomes, all powered by trusted content. LexisNexis Legal & Professional serves customers in more than 150 countries with 11,800 employees worldwide, and is part of RELX, a global provider of information-based analytics and decision tools for professional and business customers.

Tietoevry

tietoevry.com

In a rapidly changing world, technology is everything. It's in the fabric of society. In every part of every business. At the very heart of human evolution. It’s a great power that comes with great responsibility. At Tietoevry, we believe it’s time to shift perspective. It’s not about what technology can do anymore — but what it should. So that the futures of businesses, societies, and humanity can live and thrive. Side by side. This is why we're making it our business to create purposeful technology that reinvents the world for good. https://www.tietoevry.com/en/ #purposefultechnology #Tietoevry

AlmavivA Experience

almavivaexperience.com.br

Líder em transformação digital nos mercados de Customer Experience e Debt Collection na América Latina. Combinamos tecnologia, inteligência e excelência operacional para entregar soluções completas que antecipam as necessidades dos nossos Clientes. São mais de 530 milhões de interações anuais, metade em canais digitais, para um portfólio de 60+ clientes. Siga-nos e acompanhe como transformamos experiências em resultados.

Zebra Technologies

zebra.com

Zebra provides the foundation for intelligent operations with an award-winning portfolio of connected frontline, asset visibility and automation solutions. Organizations globally across retail, manufacturing, transportation, logistics, healthcare, and other industries rely on us to deliver outcomes today while driving innovation for what’s next. Together with our partners, we create new ways of working that improve productivity and empower organizations to be better every day. Learn more at www.zebra.com.

Hitachi

hitachi.com

For over 100 years, Hitachi has been committed to developing innovations that improve lives. Today, this means creating superior technology and products that balance environment, well-being, and economic growth. We integrate IT, operational technology (OT), and products to transform critical infrastructure and industrial systems. Through Hitachi’s process for creating value from data, which we call Lumada, we combine rich industry insight and infrastructure expertise to create measurable, positive change. We operate across four global sectors – Digital Systems & Services, Energy, Mobility, and Connective Industries – plus a Strategic Social Innovation Business Unit developing next-generation solutions. With over 280,000 employees across 618 consolidated subsidiaries in over 140 countries, we partner with our customers to create a harmonized society and build what’s next for people and planet.

Loading…

NEWS

Net Reply UK CyberSecurity News

Latest updates, reports, and threat intel affecting the global network.

December 09, 2025 08:00 AM

Patient and staff data stolen in Barts Health cyber attack

Barts Health NHS Trust is warning patients and staff after hackers exploited a software vulnerability to steal personal information.

Read Article

November 14, 2025 08:00 AM

Cyber Security Bill introduced to Parliament to help protect NHS

New laws have been introduced in Parliament to help protect the NHS and other sectors from the threat of cyber attacks.

Read Article

November 13, 2025 08:00 AM

Comment & Analysis on UK Govt Cyber Security Bill -

Explore the UK cyber security bill and its impact on large IT companies and public sector suppliers in enhancing cyber resilience.

Read Article

November 11, 2025 08:00 AM

Yutong and Pelican respond to electric vehicle cybersecurity reports

Yutong and UK dealer Pelican Bus and Coach have responded to mainstream media claims on cybersecurity alleging that the marque's...

Read Article

October 13, 2025 07:00 AM

Some 43% Of UK Businesses Hit By Cyber Attacks, Says New Survey

Discover alarming insights into cyber attacks, with 43% of UK businesses facing security breaches in the past year.

Read Article

July 29, 2025 07:00 AM

Most Retailers Are Vulnerable to Cyber Attacks, Says New Report -

Explore the latest findings on cyber risks UK retailers face, highlighting critical vulnerabilities and potential impacts.

Read Article

June 04, 2025 07:00 AM

Ransomware group Gunra claims to have exfiltrated 450 million patient records from American Hospital Dubai (1)

Gunra claimed to have exfiltrated the entire Cerner Millenium database (now known as Oracle Health EHR) with about 450 million patient records.

Read Article

May 13, 2025 07:00 AM

How phishing emails are sent from [email protected]

Scammers are exploiting Google services to send fake law enforcement inquiry notifications, making them look like they originate from accounts.google.com.

Read Article

April 25, 2025 07:00 AM

Cyber Security Statistics: Important Data to Know in 2025

Discover the latest cyber security statistics, insights and trends, plus the numbers on cyber attacks in different industries.

Read Article

Loading…

CVE

Latest

Global CVEs (Not Company-Specific)

CVE-2026-12175

SUMMARY

A vulnerability was detected in CodeAstro Student Attendance Management System 1.0. Impacted is an unknown function of the file /attendance-php/Admin/createStudents.php. Performing a manipulation of the argument admissionNumber results in sql injection. Remote exploitation of the attack is possible. The exploit is now public and may be used.

Published

Date2026-06-13

Updated

Date2026-06-13

RISK INFORMATION (Score: 4.7)

cvss2

Base Score: 5.8

Complexity: LOW

AV:N/AC:L/Au:M/C:P/I:P/A:P

cvss3

Base Score: 4.7

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L

cvss4

Base Score: 2.0

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

3.4

Exploitability

1.2

REFERENCES

CVE-2026-12174

SUMMARY

A security vulnerability has been detected in D-Link DCS-935L 1.10.01. This issue affects the function snprintf of the file /web/cgi-bin/greece/rhea of the component HTTP Handler. Such manipulation of the argument data leads to format string. The attack may be launched remotely. The exploit has been disclosed publicly and may be used.

Published

Date2026-06-13

Updated

Date2026-06-13

RISK INFORMATION (Score: 8.8)

cvss2

Base Score: 9.0

Complexity: LOW

AV:N/AC:L/Au:S/C:C/I:C/A:C

cvss3

Base Score: 8.8

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

cvss4

Base Score: 7.4

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

5.9

Exploitability

2.8

REFERENCES

CVE-2026-12183

SUMMARY

Nefteprodukttekhnika BUK TS-G Gas Station Automation System 2.9.1 through 2.10.2 on Linux contains an Improper Authentication vulnerability (CWE-287) in the system configuration module. The /php/ajax-login.php endpoint returns userid=1 (administrator) in response to any HTTP POST request that supplies arbitrary credentials (e.g., action=dologin&login=<any_value>&pwd=<any_value>), and subsequent privileged endpoints under /php/ajax-main.php and /modules/* do not validate a server-side session. A remote unauthenticated attacker can invoke any administrative action exposed by the configuration module, including reading and modifying user rules, fuel tank gauges, fuel dispensers, relays, cash registers, bank terminals, fuel cards, price and customer displays, cash collection, and pricing rules.

Published

Date2026-06-13

Updated

Date2026-06-13

RISK INFORMATION (Score: 9.8)

cvss3

Base Score: 9.8

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

cvss4

Base Score: 9.3

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

5.9

Exploitability

3.9

REFERENCES

CVE-2026-6428

SUMMARY

SQL Injection in reports/catalogue_out.pl in Koha Community Koha through 22.11.37, 23.x, 24.x before 24.11.16, 25.05.x before 25.05.11, 25.11.x before 25.11.05, 26.05.x before 26.05.01, and 26.11.x before 26.11.00 allows an authenticated staff user with the Reports module flag to read arbitrary data from the Koha application database via the Filter URL parameter when the Criteria parameter matches /branchcode/. The vulnerable sink in sub calculate concatenates the unmodified Filter request parameter directly into a LIKE clause of the auxiliary $strsth2 statement and executes it via DBI without bound parameters: my $f = @$filters[0]; $f =~ s/\*/%/g; $strsth2 .= " AND $column LIKE '$f' "; This enables error-based SQL injection (e.g., via EXTRACTVALUE) and full read access to sensitive tables including borrowers (password hashes, 2FA secrets, PII), borrower_password_recovery, api_keys, and sessions. Proof of concept (error-based, single request): GET /cgi-bin/koha/reports/catalogue_out.pl?do_it=1&output=screen&Limit=10&Criteria=branchcode&Filter=x'+AND+EXTRACTVALUE(1,CONCAT(0x7e,VERSION(),0x7c,USER(),0x7c,DATABASE(),0x7e))--+- Cookie: CGISESSID=<LIBRARIAN_SESSION> The response body contains the DBI exception leaking the MariaDB version, database user, client IP, and database name, after which arbitrary data can be paged out using LIMIT n,1 / SUBSTRING(...). The vulnerable sink was introduced in commit 6bb77ae3e4 (2008-07-09); CVE-2015-4633 patched the same class in sibling files but did not generalise the fix to reports/catalogue_out.pl. Fixed in Koha 22.11.38, 24.11.16, 25.05.11, 25.11.05, 26.05.01, and 26.11.00 by replacing the raw concatenation with a parameterised placeholder.

Published

Date2026-06-13

Updated

Date2026-06-13

RISK INFORMATION (Score: 7.6)

cvss2

Base Score: 7.5

Complexity: LOW

AV:N/AC:L/Au:S/C:C/I:N/A:P

cvss3

Base Score: 7.6

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L

cvss4

Base Score: 5.6

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:X/V:C/RE:X/U:Amber

Impact Score

4.7

Exploitability

2.8

REFERENCES

CVE-2026-5513

SUMMARY

The Online Scheduling and Appointment Booking System – Bookly plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'bookly-customer-full-name' cookie in versions up to, and including, 27.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Exploitation requires 'Remember personal information in cookies' setting to be enabled (disabled by default).

Published

Date2026-06-13

Updated

Date2026-06-13

RISK INFORMATION (Score: 7.2)

cvss3

Base Score: 7.2

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N

Impact Score

2.7

Exploitability

3.9

REFERENCES

Loading…

API

Access Data Using Our API

Get company history

curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?
linkedin_id=axa' -H 'apikey: YOUR_API_KEY_HERE'

Try It API Documentation Rapid

MEASURE

What Do We Measure ?

Incident

Finding

Grade

Digital Assets

Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.

These are some of the factors we use to calculate the overall score:

Network SecurityIdentify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.

SBOM (Software Bill of Materials)Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.

CMDB (Configuration Management Database)Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.

Threat IntelligenceLeverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.

Rankiteo

By Rankiteo

★ ★ ★ ★ ★

View on G2.com

Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.

View latest plans →View all security reports →

MILESTONEG

Users
Love Us

Loading…