What is the official website of PwC India ?

The official website of PwC India is http://www.pwc.in.

What is PwC India's cybersecurity risk score?

PwC India has an AI-generated cybersecurity risk score of 810 out of 1000, indicating a Good security posture according to Rankiteo's assessment.

How many security incidents has PwC India experienced?

According to Rankiteo, PwC India currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.

Has PwC India been affected by any supply chain cyber incidents ?

According to Rankiteo, PwC India has not been affected by any supply chain cyber incidents, and no incident IDs are currently listed for the organization.

Does PwC India have SOC 2 Type 1 certification ?

According to Rankiteo, PwC India is not certified under SOC 2 Type 1.

Does PwC India have SOC 2 Type 2 certification ?

According to Rankiteo, PwC India does not hold a SOC 2 Type 2 certification.

Does PwC India comply with GDPR ?

According to Rankiteo, PwC India is not listed as GDPR compliant.

Does PwC India have PCI DSS certification ?

According to Rankiteo, PwC India does not currently maintain PCI DSS compliance.

Does PwC India comply with HIPAA ?

According to Rankiteo, PwC India is not compliant with HIPAA regulations.

Does PwC India have ISO 27001 certification ?

According to Rankiteo,PwC India is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.

Which industry does PwC India operate in ?

PwC India operates primarily in the Business Consulting and Services industry.

How many employees does PwC India have ?

PwC India employs approximately 25,772 people worldwide.

Does PwC India own any subsidiaries ?

PwC India presently has no subsidiaries across any sectors.

How many LinkedIn followers does PwC India have ?

PwC India's official LinkedIn profile has approximately 2,419,092 followers.

What is the NAICS classification code for PwC India ?

PwC India is classified under the NAICS code 5416, which corresponds to Management, Scientific, and Technical Consulting Services.

Does PwC India have a Crunchbase profile ?

No, PwC India does not have a profile on Crunchbase.

Does PwC India have a LinkedIn profile ?

Yes, PwC India maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/pwc-india.

How many cybersecurity incidents has PwC India experienced ?

As of June 14, 2026, Rankiteo reports that PwC India has not experienced any cybersecurity incidents.

How many peer or competitor companies does PwC India have ?

PwC India has an estimated 19,436 peer or competitor companies worldwide.

NEWRankiteo Cyber Underwriting Desktop - Score, price, and bind from your desktop

WindowsmacOSLinux

Download

Badge your company to reduce your risk score and your cyber insurance costs!

Link verified badges to your company page to build trust with insurers and customers.

Apply now and get your badge!

Internal validation & live display

Insurers and partners see a safer profile

Faster underwriting decisions

Trusted by insurers. Chosen by leaders.

Proud contributor to the Society of Actuaries.

PwC India

Boost Score +25 with badge (5 left)

810

/1000

Good

835

/1000

Good

PwC India Vendor Cyber Rating & Cyber Score

pwc.in

Add Your Compliance Badge

At PwC, we help clients build trust and reinvent so they can turn complexity into competitive advantage. We’re a tech-forward, people-empowered network with more than 364,000 people in 136 countries and 137 territories. Across audit and assurance, tax and legal, deals and consulting, we help clients build, accelerate, and sustain momentum. Find out more at www.pwc.com.   PwC refers to the PwC network and/or one or more of its member firms, each of which is a separate legal entity. Please see www.pwc.com/structure for further details.

PwC India A.I CyberSecurity Scoring

Scoring History

PwC India

PwC India CyberSecurity News & History

Past Incidents

Attack Types

Entity

Type

Severity

Impact

Seen

Blog Details

Supply Chain Source

Incident Details

View

No data available

Loading…

A.I.

PwC India Company Scoring based on AI Models

Cyber Incidents Likelihood 3 - 6 - 9 months

Actual

Prediction

Incident Predictions locked

Access Monitoring Plan

A.I Risk Score Likelihood 3 - 6 - 9 months

Actual

Prediction A

Prediction B

Prediction C

Prediction D

A.I. Risk Score Predictions locked

Access Monitoring Plan

Loading…

Underwriter Stats for PwC India

Incidents vs Business Consulting and Services Industry Avg (This Year)

No incidents recorded for PwC India in 2026.

Incidents vs All-Companies Average (This Year)

No incidents recorded for PwC India in 2026.

Incident Types PwC India vs Business Consulting and Services Industry Avg (This Year)

No incidents recorded for PwC India in 2026.

Incident History - PwC India (X = Date, Y = Severity)

Loading…

SUBSIDIARY

PwC India Subsidiaries

PwC India

Business Consulting and Services

Website: http://www.pwc.in

Company Size: 10,001+ employees

PwCProfessional Services

PwC ItalyProfessional Services

PwC UKAccounting

Olivehorse ConsultingIT Services and IT Consulting

PwC UK AlumniAccounting

PwC South AfricaBusiness Consulting and Services

PwC EspañaBusiness Consulting and Services

PwC DeutschlandBusiness Consulting and Services

PwC KarriereUnternehmensberatung

PwC Alumni DeutschlandUnternehmensberatung

PwC MalaysiaAccounting

PwC ArgentinaBusiness Consulting and Services

PwC SingaporeAccounting

PwC SwitzerlandProfessional Services

PwC IrelandProfessional Services

PwC Ireland CareersProfessional Services

PwC AngolaBusiness Consulting and Services

PwC AustraliaBusiness Consulting and Services

Skills for AustraliaEducation Management

PwC VietnamAccounting

PwC BrasilBusiness Consulting and Services

PwC LuxembourgFinancial Services

PwC MaltaFinancial Services

PwC SwedenBusiness Consulting and Services

PwC NorwayBusiness Consulting and Services

PwC Norway - Teknologi & MediaForretningsrådgivning og -tjenester

PwC MéxicoBusiness Consulting and Services

PwC FranceBusiness Consulting and Services

PwC US TaxAccounting

PwC ClimateProfessional Services

PwC DanmarkAccounting

資誠 (PwC Taiwan)Business Consulting and Services

PwC CanadaBusiness Consulting and Services

PwC AustriaFinancial Services

PwC InteraméricasIT Services and IT Consulting

PwC RussiaFinancial Services

PwC Central and Eastern EuropeAccounting

PwC PolskaBusiness Consulting and Services

PwC Legal PolskaUsługi prawne

PwC PodatkiKonsulting biznesowy i usługi

Akademia PwCSzkolenia zawodowe i coaching

Startup ColliderKonsulting biznesowy i usługi

PwC RomaniaAccounting

PwC HungaryAccounting

PwC Czech RepublicBusiness Consulting and Services

PwC Albania and KosovoAccounting

PwC AzerbaijanFinancial Services

PwC BulgariaBusiness Consulting and Services

PwC CroatiaAccounting

PwC UkraineBusiness Consulting and Services

PwC SerbiaAccounting

PwC Serbia - PwC's AcademyEducation Administration Programs

PwC People & Organisation - SerbiaHuman Resources Services

PwC Serbia - Tax ServicesAccounting

PwC KazakhstanBusiness Consulting and Services

PwC Kazakhstan Tax and LegalBusiness Consulting and Services

PwC LatvijaAccounting

PwC's Academy LatvijaEducation

PwC GeorgiaBusiness Consulting and Services

PwC LithuaniaFinancial Services

PwC UzbekistanFinancial Services

PwC Bosnia and HerzegovinaAccounting

PwC EstoniaBusiness Consulting and Services

PwC MongoliaAccounting

PwC ArmeniaAccounting

PwC CyprusAccounting

PwC US Cloud and DigitalBusiness Consulting and Services

PwC SlovakiaBusiness Consulting and Services

Life at PwC SlovakiaProfessional Services

PwC South East Asia ConsultingBusiness Consulting and Services

PwC BelgiumAccounting

PwC SloveniaAccounting

PwC US ConsultingProfessional Services

PwC US Cyber, Risk and RegulatoryBusiness Consulting and Services

PwC BermudaProfessional Services

PwC North MacedoniaAccounting

PwC US AssuranceProfessional Services

PwC US DealsBusiness Consulting and Services

PwC JapanBusiness Consulting and Services

Loading…

PwC India Similar Companies

Stantec

cb stantec.com

Stantec empowers clients, people, and communities to rise to the world’s greatest challenges at a time when the world faces more unprecedented concerns than ever before. We are a global leader in sustainable engineering, architecture, and environmental consulting. Our professionals deliver the expertise, technology, and innovation communities need to manage aging infrastructure, demographic and population changes, the energy transition, and more. Today’s communities transcend geographic borders. At Stantec, community means everyone with an interest in the work that we do—from our project teams and industry colleagues to our clients and the people our work impacts. The diverse perspectives of our partners and interested parties drive us to think beyond what’s previously been done on critical issues like climate change, digital transformation, and future-proofing our cities and infrastructure. We are designers, engineers, scientists, project managers, and strategic advisors. We innovate at the intersection of community, creativity, and client relationships to advance communities everywhere, so that together we can redefine what’s possible. Stantec trades on the TSX and the NYSE under the symbol STN.

Accenture

cb accenture.com

Accenture is a leading global professional services company that helps the world’s leading businesses, governments and other organizations build their digital core, optimize their operations, accelerate revenue growth and enhance citizen services—creating tangible value at speed and scale. We are a talent and innovation-led company serving clients in more than 120 countries. We combine our strength in technology and leadership in cloud, data and AI with unmatched industry experience, functional expertise and global delivery capability. We measure our success by the 360° value we create for our clients, each other, our shareholders, partners and communities. This LinkedIn company page is moderated. When engaging with Accenture, we encourage everyone to: - Use common courtesy and be respectful of others. - Create your own original content and avoid content that you know to be fraudulent. - Never repost someone else's copyrighted work, unless you have permission. - Never post personal, identifying, or confidential information. We reserve the right to delete comments or posts we deem to be: - Profane, obscene, inappropriate, offensive, abusive material. - Spam, repeated comments and commercial messages and personal advertisements. - Discriminatory or that contain hateful speech of any kind regarding age, gender, race, religion, nationality, sexual orientation, gender identity or disability. - Threats; personal attacks; abusive, defamatory, derogatory, or inflammatory language; or stalking or harassment of any individual, entity or organization. - False, inaccurate, libelous, or otherwise misleading in any way.

Devoteam

cb devoteam.com

Devoteam is a AI-driven tech consulting firm specialised in cloud platforms, cyber, data, and sustainability. Tech native for almost 30 years, Devoteam guides businesses through sustainable digital transformation to deliver value. With over 11,000 tech architects in more than 25 countries across Europe, the Middle East, and Africa, Devoteam is committed to using technology to serve people.

Applus+

cb applus.com

Applus+ is a worldwide leader in the testing, inspection, and certification sector. We are a trusted partner, enhancing the quality and safety of our clients’ assets and infrastructures while safeguarding their operations and improving their environmental performance. Our innovative approach, technical capabilities and highly-skilled and motivated workforce of over 25,000 employees assure operational excellence across multiple sectors in more than 65 countries. We offer a complete portfolio of solutions that address a range of needs, from asset integrity management to statutory compliance-based inspections. We place a strong emphasis on technological development, digitalisation and innovation, as well as having the latest knowledge of regulatory requirements.

Publicis Sapient

publicissapient.com

Publicis Sapient is a technology company that provides enterprise AI platforms and services. With over 30 years of digital business transformation experience, we enable enterprise clients to transform how they operate and serve their customers, unlocking new value and enabling them to thrive in an AI-driven world. Our platforms use AI  built off this deep enterprise context to help them modernize, build agentic solutions, and sustain their competitive advantage. The combination of our AI platforms and the expertise of our people enables us to deliver faster and more effective outcomes through solutions that are specific to the unique needs of our clients’ businesses, their industries and their customers.   Publicis Sapient is the technology hub of Publicis Groupe, uniting 20,000 people worldwide across 28 countries. For more information, visit publicissapient.com.

Ayesa

ayesa.com

Ayesa is a global provider of technology and engineering services with more than 11500 employees in twenty-three countries across Europe, Latin America, Africa and Asia. The company develops and implements digital solutions for the private and public sector and uses the latest technology to provide cutting-edge infrastructure design and supervision services. To do this, it has certified experts covering more than 70 different disciplines in utilities and energy; the public sector; banking and insurance; water and the environment, transportation; aeronautics and defence; and construction. As a company that is driven by people and innovation, its business approach is underpinned by talent.

Straive

straive.com

At Straive, we operationalize Data Analytics and AI for global enterprises, working with several Fortune 500 companies. We don’t just build world-class data analytics and AI solutions—we embed them seamlessly into your core workflows. This drives greater efficiency, enhances user experience, and boosts client revenue, setting you apart from the competition. Straive is a global leader in AI-driven value creation, business transformation, and Global Capability Center (GCC) delivery — empowering private-equity portfolio companies, mid-market firms, and enterprises with scalable, technology-enabled execution. We serve clients across industries, including Banking, Financial and Information Services, Retail, Media and Technology, EdTech, Science and Research, Logistics and Supply Chain, and Pharma & Life Sciences. Our strategically placed team of 18,000 employees operates in nine countries: the Philippines, India, the United States, Nicaragua, Vietnam, the United Kingdom, Singapore, South Africa, and Canada. We have been recognized as a Star Performer in Data & AI Services Specialists – Everest’s North America PEAK Matrix 2025, and as a Leader in AIM’s Pema Quadrant of Agentic AI Service Providers – 2025. In Nov 2023, Straive acquired Gramener, an award-winning, design-led data science company, enhancing our data, analytics, and AI capabilities. In June 2025, we acquired SG Analytics, a leading provider of AI-powered insights and contextual analytics services. Straive is an equal opportunity employer, committed to celebrating diversity, equity, and inclusion. We do not tolerate discrimination or harassment of any kind based on race, color, sex, religion, sexual orientation, national origin, disability, genetic information, pregnancy, or any other protected characteristic under federal, state, or local laws. Hiring decisions are based solely on qualifications, merit, and business needs at the time.

EXL

exlservice.com

Choosing a digital partner is about more than capabilities — it’s about collaboration and character. Unrealistic overhauls and off-the-shelf products ignore what matters most — your unique needs, culture, goals, and your legacy data and technology environments. At EXL, our collaboration is built on ongoing listening and learning to adapt our methodologies. We’re your business evolution partner—tailoring solutions that make the most of data to make better business decisions and drive more intelligence into your increasingly digital operations. Whether your goals are scaling the use of AI and digital, redesign operating models, or driving better and faster decisions, we’re here to partner with you to help you gain—and maintain—competitive advantage with efficient, sustainable models at scale. Our expertise in transformation, data science, and change management helps make your business more efficient and effective, improve customer relationships and enhance revenue growth. Instead of focusing on multi-year, resource- and time-intensive platform designs or migrations, we look deeper at your entire value chain to integrate strategies with impact. We use our specialization in analytics, digital interventions, and operations management—alongside deep industry expertise — to deliver solutions that help you outperform the competition. At EXL, it’s all about outcomes—your outcomes—and delivering success on your terms. Share your goals with us and together, we’ll optimize how you leverage data to drive your business forward. For more information, visit www.exlservice.com.

Slalom

slalom.com

Slalom is a fiercely human business and technology consulting company that leads with outcomes to bring more value, in all ways, always. We team with leaders who expect more. So we bring more. From strategy through delivery, our agile teams across 53 offices in 12 countries collaborate with you to bring powerful customer experiences, innovative ways of working, and new products, services, and businesses to life. Every day, we work at the forefront of industry, combining our deep roots in technology and data, to help you tackle challenges, improve operations, and drive sustainable growth. It’s why we are trusted by leaders across the majority of the Global 1000, many of the world’s most successful enterprise, mid-market, and emerging companies, and more than 500 high-impact public sector agencies, foundations, and universities. We lead with a balance of heart and practicality, curiosity and agility, local soul and global expertise. That means understanding your culture, goals, organization, and customers. That means being tireless problem solvers. And that means always standing by you as your trusted advisor, respectful challenger, and unwavering champion. Even our partnerships are built different. For more than 20 years, we've sought out and made strategic investments in the world’s emerging and leading technology platforms. Our 360-degree relationships with these innovators, built on mutual trust and respect, has cemented our position as a premier (and often first) partner of choice. We work together as one to offer tailored solutions that unlock the full potential of these technologies. At Slalom, we bring more day-one advantages, more connections and breakthroughs, more doing the right thing, more care for you and your team, and more return on your investment. So that together, we can dream bigger, move faster, and build better tomorrows for all.

Loading…

NEWS

PwC India CyberSecurity News

Latest updates, reports, and threat intel affecting the global network.

March 24, 2026 07:00 AM

Annual Threat Dynamics 2026: Cyber threats in motion

In an identity-driven, AI-accelerated threat landscape, resilient organisations govern identity, validate trust, and treat cyber risk as a...

Read Article

March 13, 2026 04:29 PM

Digital Trust Insights: Consumer markets

Explore the issues, the threats, what's driving security investments and how emerging technologies are shaping cybersecurity in consumer...

Read Article

February 17, 2026 08:00 AM

PwC Report Finds Cyber Resilience Spending Lags as AI-Driven Threats Intensify

PwC's 2026 Digital Trust Insights report finds cyber resilience spending lagging as AI-driven threats, ransomware and insider risks continue...

Read Article

January 21, 2026 08:00 AM

Empowering Ricoh's business transformation with global cybersecurity services

To address the evolving needs of today's workplaces, such as the shift to remote and hybrid work, Ricoh is transforming into a digital...

Read Article

January 20, 2026 08:00 AM

India CEOs More Optimistic Than Global Peers on Growth and Revenue Despite AI and Cybersecurity Concerns PwC S

PwC's 29th Annual Global CEO Survey shows India CEOs more optimistic on growth and revenue, but concerned about AI readiness and...

Read Article

January 19, 2026 08:00 AM

Geopolitical shifts amplify OT security risks

Operational technology (OT) has become a major target in geopolitical cyber conflicts, increasing the risk to critical infrastructure and...

Read Article

December 01, 2025 08:00 AM

Security at the speed of business

As cyber threats target legacy and cloud risks, many organizations remain underprepared. Clear risk visibility and a unified defense...

Read Article

November 26, 2025 04:18 AM

Navigating the cyber front line in a shifting world order

Cybersecurity is now a key geopolitical battleground as nations and cybercriminals vie for control over digital infrastructure and emerging technologies.

Read Article

November 19, 2025 01:42 PM

2026 Global Digital Trust Insights: C-suite playbook and findings – India edition

Indian organisations are investing significantly in cybersecurity—with 72% of leaders prioritising cyber risk in their strategic plans.

Read Article

Loading…

CVE

Latest

Global CVEs (Not Company-Specific)

CVE-2026-12175

SUMMARY

A vulnerability was detected in CodeAstro Student Attendance Management System 1.0. Impacted is an unknown function of the file /attendance-php/Admin/createStudents.php. Performing a manipulation of the argument admissionNumber results in sql injection. Remote exploitation of the attack is possible. The exploit is now public and may be used.

Published

Date2026-06-13

Updated

Date2026-06-13

RISK INFORMATION (Score: 4.7)

cvss2

Base Score: 5.8

Complexity: LOW

AV:N/AC:L/Au:M/C:P/I:P/A:P

cvss3

Base Score: 4.7

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L

cvss4

Base Score: 2.0

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

3.4

Exploitability

1.2

REFERENCES

CVE-2026-12174

SUMMARY

A security vulnerability has been detected in D-Link DCS-935L 1.10.01. This issue affects the function snprintf of the file /web/cgi-bin/greece/rhea of the component HTTP Handler. Such manipulation of the argument data leads to format string. The attack may be launched remotely. The exploit has been disclosed publicly and may be used.

Published

Date2026-06-13

Updated

Date2026-06-13

RISK INFORMATION (Score: 8.8)

cvss2

Base Score: 9.0

Complexity: LOW

AV:N/AC:L/Au:S/C:C/I:C/A:C

cvss3

Base Score: 8.8

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

cvss4

Base Score: 7.4

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

5.9

Exploitability

2.8

REFERENCES

CVE-2026-12183

SUMMARY

Nefteprodukttekhnika BUK TS-G Gas Station Automation System 2.9.1 through 2.10.2 on Linux contains an Improper Authentication vulnerability (CWE-287) in the system configuration module. The /php/ajax-login.php endpoint returns userid=1 (administrator) in response to any HTTP POST request that supplies arbitrary credentials (e.g., action=dologin&login=<any_value>&pwd=<any_value>), and subsequent privileged endpoints under /php/ajax-main.php and /modules/* do not validate a server-side session. A remote unauthenticated attacker can invoke any administrative action exposed by the configuration module, including reading and modifying user rules, fuel tank gauges, fuel dispensers, relays, cash registers, bank terminals, fuel cards, price and customer displays, cash collection, and pricing rules.

Published

Date2026-06-13

Updated

Date2026-06-13

RISK INFORMATION (Score: 9.8)

cvss3

Base Score: 9.8

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

cvss4

Base Score: 9.3

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

5.9

Exploitability

3.9

REFERENCES

CVE-2026-6428

SUMMARY

SQL Injection in reports/catalogue_out.pl in Koha Community Koha through 22.11.37, 23.x, 24.x before 24.11.16, 25.05.x before 25.05.11, 25.11.x before 25.11.05, 26.05.x before 26.05.01, and 26.11.x before 26.11.00 allows an authenticated staff user with the Reports module flag to read arbitrary data from the Koha application database via the Filter URL parameter when the Criteria parameter matches /branchcode/. The vulnerable sink in sub calculate concatenates the unmodified Filter request parameter directly into a LIKE clause of the auxiliary $strsth2 statement and executes it via DBI without bound parameters: my $f = @$filters[0]; $f =~ s/\*/%/g; $strsth2 .= " AND $column LIKE '$f' "; This enables error-based SQL injection (e.g., via EXTRACTVALUE) and full read access to sensitive tables including borrowers (password hashes, 2FA secrets, PII), borrower_password_recovery, api_keys, and sessions. Proof of concept (error-based, single request): GET /cgi-bin/koha/reports/catalogue_out.pl?do_it=1&output=screen&Limit=10&Criteria=branchcode&Filter=x'+AND+EXTRACTVALUE(1,CONCAT(0x7e,VERSION(),0x7c,USER(),0x7c,DATABASE(),0x7e))--+- Cookie: CGISESSID=<LIBRARIAN_SESSION> The response body contains the DBI exception leaking the MariaDB version, database user, client IP, and database name, after which arbitrary data can be paged out using LIMIT n,1 / SUBSTRING(...). The vulnerable sink was introduced in commit 6bb77ae3e4 (2008-07-09); CVE-2015-4633 patched the same class in sibling files but did not generalise the fix to reports/catalogue_out.pl. Fixed in Koha 22.11.38, 24.11.16, 25.05.11, 25.11.05, 26.05.01, and 26.11.00 by replacing the raw concatenation with a parameterised placeholder.

Published

Date2026-06-13

Updated

Date2026-06-13

RISK INFORMATION (Score: 7.6)

cvss2

Base Score: 7.5

Complexity: LOW

AV:N/AC:L/Au:S/C:C/I:N/A:P

cvss3

Base Score: 7.6

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L

cvss4

Base Score: 5.6

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:X/V:C/RE:X/U:Amber

Impact Score

4.7

Exploitability

2.8

REFERENCES

CVE-2026-5513

SUMMARY

The Online Scheduling and Appointment Booking System – Bookly plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'bookly-customer-full-name' cookie in versions up to, and including, 27.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Exploitation requires 'Remember personal information in cookies' setting to be enabled (disabled by default).

Published

Date2026-06-13

Updated

Date2026-06-13

RISK INFORMATION (Score: 7.2)

cvss3

Base Score: 7.2

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N

Impact Score

2.7

Exploitability

3.9

REFERENCES

Loading…

API

Access Data Using Our API

Get company history

curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?
linkedin_id=axa' -H 'apikey: YOUR_API_KEY_HERE'

Try It API Documentation Rapid

MEASURE

What Do We Measure ?

Incident

Finding

Grade

Digital Assets

Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.

These are some of the factors we use to calculate the overall score:

Network SecurityIdentify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.

SBOM (Software Bill of Materials)Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.

CMDB (Configuration Management Database)Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.

Threat IntelligenceLeverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.

Rankiteo

By Rankiteo

★ ★ ★ ★ ★

View on G2.com

Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.

View latest plans →View all security reports →

MILESTONEG

Users
Love Us

Loading…