Secureframe is the automated compliance platform built by compliance experts. We're transforming how businesses and Service Providers manage security and compliance programs.
Thomson Reuters is a leading provider of business information services. Our products include highly specialized information-enabled software and tools for legal, tax, accounting, and compliance professionals combined with the world’s most global news service – Reuters. Our customers operate in complex arenas that move society forward — tax, law, compliance, government, media. In a disruptive digital age, we help professionals reinvent themselves. Our presence in the region dates back as far as 1866, when Reuters first entered the market with a dedicated news bureau in Alexandria, Egypt. We continue to turn news and data into premium knowledge, providing insight, and offering sophisticated capabilities to enhance workflows, connect communities, and drive decision-making.
Security & Compliance Standards Overview
No incidents recorded for Secureframe in 2025.
No incidents recorded for Thomson Reuters MENA in 2025.
Secureframe cyber incidents detection timeline including parent company and subsidiaries
Thomson Reuters MENA cyber incidents detection timeline including parent company and subsidiaries
Last 3 Security & Risk Events by Company
The Bold Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘percentage’ parameter in all versions up to, and including, 5.4.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
The ComboServlet in Liferay Portal 7.4.0 through 7.4.3.111, and older unsupported versions, and Liferay DXP 2023.Q4.0 through 2023.Q4.2, 2023.Q3.1 through 2023.Q3.5, 7.4 GA through update 92, 7.3 GA through update 35, and older unsupported versions does not limit the number or size of the files it will combine, which allows remote attackers to create very large responses that lead to a denial of service attack via the URL query string.
A relative path traversal vulnerability was discovered in Productivity Suite software version 4.4.1.19. The vulnerability allows an unauthenticated remote attacker to interact with the ProductivityService PLC simulator and delete arbitrary directories on the target machine.
A relative path traversal vulnerability was discovered in Productivity Suite software version 4.4.1.19. The vulnerability allows an unauthenticated remote attacker to interact with the ProductivityService PLC simulator and create arbitrary directories on the target machine.
A relative path traversal vulnerability was discovered in Productivity Suite software version 4.4.1.19. The vulnerability allows an unauthenticated remote attacker to interact with the ProductivityService PLC simulator and delete arbitrary files on the target machine.
