WUS
Company Details
Linkedin ID:
when-you-wish-upon-a-star
Employees number:
29
Number of followers:
1,165
NAICS:
561
Industry Type:
Homepage:
whenyouwishuponastar.org.uk
IP Addresses:
0
Company ID:
WHE_8239964
Scan Status:
In-progress
When You Wish Upon a Star Company CyberSecurity Posture
whenyouwishuponastar.org.uk
When You Wish Upon a Star has a simple mission, to grant the Wishes of children living with a life threatening illness. The charity was founded in Nottingham by Barbara White who was so inspired by a seriously ill four year old with a dream to meet Mickey Mouse that she wanted to bring smiles to the faces of many more brave and courageous children. Our Wishes have the power to transform the lives of the children and families we work with and since 1990 we have proudly granted over 18.500 across the UK. We believe every child deserves to smile and with your support we can provide time away, giving children and their families something to look forward to through times of uncertainty and often financial as well as emotional strain. Wishes allow the family to put their child’s illness on hold as they have fun and create precious memories. In addition to our Wishes throughout the year, we also organise a number of days out and treats for the children like our incredible Harry Potter-themed trips on-board the beautiful Belmond Northern Belle train. Every December the charity also enables hundreds of children to swap hospital beds for sleigh rides transporting them away from appointments, treatments and injections to the winter wonderland of Lapland on board our Santa Express flights.
When You Wish Upon a Star A.I CyberSecurity Scoring
WUS Risk Score (AI oriented)Between 750 and 799
WUS
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
WUS Global Score (TPRM)XXXX
WUS
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
WUS Company CyberSecurity News & History
Past Incidents
0
Attack Types
0
No data available
WUS Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for WUS
Incidents vs Fundraising Industry Average (This Year)
No incidents recorded for When You Wish Upon a Star in 2025.
Incidents vs All-Companies Average (This Year)
No incidents recorded for When You Wish Upon a Star in 2025.
Incident Types WUS vs Fundraising Industry Avg (This Year)
No incidents recorded for When You Wish Upon a Star in 2025.
Incident History — WUS (X = Date, Y = Severity)
WUS cyber incidents detection timeline including parent company and subsidiaries
WUS Company Subsidiaries
When You Wish Upon a Star has a simple mission, to grant the Wishes of children living with a life threatening illness. The charity was founded in Nottingham by Barbara White who was so inspired by a seriously ill four year old with a dream to meet Mickey Mouse that she wanted to bring smiles to the faces of many more brave and courageous children. Our Wishes have the power to transform the lives of the children and families we work with and since 1990 we have proudly granted over 18.500 across the UK. We believe every child deserves to smile and with your support we can provide time away, giving children and their families something to look forward to through times of uncertainty and often financial as well as emotional strain. Wishes allow the family to put their child’s illness on hold as they have fun and create precious memories. In addition to our Wishes throughout the year, we also organise a number of days out and treats for the children like our incredible Harry Potter-themed trips on-board the beautiful Belmond Northern Belle train. Every December the charity also enables hundreds of children to swap hospital beds for sleigh rides transporting them away from appointments, treatments and injections to the winter wonderland of Lapland on board our Santa Express flights.
Loading...
WUS Similar Companies
African Food and Peace Foundation, 501(c)(3) USA
Since 1981, African Food and Peace Foundation (AFPF) is a 501(c)3 that promotes community-initiated rural development projects with established partner organizations. Subscribe to our newsletter and help increase our impact at HTTP://www.afpfonline.org. We do this by contributing financial and strat
Oklahoma Wonder Grants
WHAT IS THE OKLAHOMA WONDER GRANT? The Oklahoma Wonder Grant is a program designed to seed innovation in Oklahoma businesses, non-profits and public organizations, challenging them to look for new ways to solve problems. What started as one grant focused on augmented/virtual reality has evolved int
insight-israel
Insight Group specializes in the creation and implementation of business connections, high tech companies business development, real estate brokerage, franchising, and commercial real estate. In addition to that, we specialize in raising credit for existing and new businesses, fundraising for star
Melrose Trading Post
The Melrose Trading Post is held every Sunday in the Parking lot of Fairfax High School, where 3,000-4,000 attendees browse the wares of nearly 200 eclectic vendors. Overseen by Greenway Arts Alliance and run by and for Greenway Friends of Fairfax, the Melrose Trading Post is widely regarded as
Engage USA
Engage USA is a best in class commercial lockbox specializing in caging and intelligent data capture for non profit fundraisers. Our proprietary systems capture and verify data on the fly allowing us to output remarkably accurate data and deposits the next business day. Engage has been recognized
Education without Borders (EwB)
Education without Borders (EwB) is a non-profit foundation created in 2002 that provides educational opportunities for disadvantaged and at-risk children. EwB initiatives in South Africa include, after-school support programs in Mathematics, English literacy, isiXhosa literacy, Science, school le
.png)
WUS CyberSecurity News
November 13, 2025 08:00 AM
Disney’s CEO Sequel Isn’t Having a Hollywood Ending
This is an abridged online version of my Markets A.M. newsletter. Get investing insights in your inbox each weekday by signing up here—it's...
July 29, 2025 05:53 AM
Consultation on developing Horizon 2 of the 2023-2030 Australian Cyber Security Strategy
The Australian Government released the 2023-2030 Australian Cyber Security Strategy on 21 November 2023 (the Strategy). The Strategy sets up a framework...
July 19, 2025 07:00 AM
Decrypting SentinelOne Cloud Detection | The Use of STAR™ Rules Engine by Real-Time CWPP
In this the fifth installment of our Detection Engine blog series, we examine the STAR Rules Engine and its role as one of five detection...
May 19, 2025 07:00 AM
MC Exclusive | Star Health data breach may trigger CXO exodus amid cybersecurity probe
According to sources, the ongoing investigation into cybersecurity lapses could lead to financial repercussions of approximately Rs 200...
April 25, 2025 07:00 AM
18 Facebook Scams and How Cybersecurity Experts Spot Them
Below, cybersecurity experts share their top online security tips on how to spot Facebook fraud and common online scams on the platform.
April 14, 2025 07:00 AM
14 Online Scams You Need to Be Aware of—and How to Avoid Them
Learn about these common online scams so you'll be better protected from falling prey to scammers and con artists.
April 04, 2025 07:00 AM
Trump abruptly fires the 4-star general who headed the National Security Agency
U.S. officials and members of Congress say President Donald Trump has abruptly fired the director of the National Security Agency.
April 04, 2025 07:00 AM
Trump’s firing of NSA chief is ‘rolling out the red carpet' for cyber attacks
Lawmakers and national security veterans reacted with shock on Friday to President Donald Trump's decision to fire the head of one of the...
November 27, 2024 08:00 AM
HDFC Life Insurance Reports Data Breach in regulatory filing
HDFC Life announced that it has initiated an "information security assessment and data log analysis" to identify the root cause of the...
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
WUS CyberSecurity History Information
Official Website of When You Wish Upon a Star
The official website of When You Wish Upon a Star is http://www.whenyouwishuponastar.org.uk.
When You Wish Upon a Star’s AI-Generated Cybersecurity Score
According to Rankiteo, When You Wish Upon a Star’s AI-generated cybersecurity score is 757, reflecting their Fair security posture.
How many security badges does When You Wish Upon a Star’ have ?
According to Rankiteo, When You Wish Upon a Star currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Does When You Wish Upon a Star have SOC 2 Type 1 certification ?
According to Rankiteo, When You Wish Upon a Star is not certified under SOC 2 Type 1.
Does When You Wish Upon a Star have SOC 2 Type 2 certification ?
According to Rankiteo, When You Wish Upon a Star does not hold a SOC 2 Type 2 certification.
Does When You Wish Upon a Star comply with GDPR ?
According to Rankiteo, When You Wish Upon a Star is not listed as GDPR compliant.
Does When You Wish Upon a Star have PCI DSS certification ?
According to Rankiteo, When You Wish Upon a Star does not currently maintain PCI DSS compliance.
Does When You Wish Upon a Star comply with HIPAA ?
According to Rankiteo, When You Wish Upon a Star is not compliant with HIPAA regulations.
Does When You Wish Upon a Star have ISO 27001 certification ?
According to Rankiteo,When You Wish Upon a Star is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of When You Wish Upon a Star
When You Wish Upon a Star operates primarily in the Fundraising industry.
Number of Employees at When You Wish Upon a Star
When You Wish Upon a Star employs approximately 29 people worldwide.
Subsidiaries Owned by When You Wish Upon a Star
When You Wish Upon a Star presently has no subsidiaries across any sectors.
When You Wish Upon a Star’s LinkedIn Followers
When You Wish Upon a Star’s official LinkedIn profile has approximately 1,165 followers.
When You Wish Upon a Star’s Presence on Crunchbase
No, When You Wish Upon a Star does not have a profile on Crunchbase.
When You Wish Upon a Star’s Presence on LinkedIn
Yes, When You Wish Upon a Star maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/when-you-wish-upon-a-star.
Cybersecurity Incidents Involving When You Wish Upon a Star
As of December 21, 2025, Rankiteo reports that When You Wish Upon a Star has not experienced any cybersecurity incidents.
Number of Peer and Competitor Companies
When You Wish Upon a Star has an estimated 1,146 peer or competitor companies worldwide.
When You Wish Upon a Star CyberSecurity History Information
How many cyber incidents has When You Wish Upon a Star faced ?
Total Incidents: According to Rankiteo, When You Wish Upon a Star has faced 0 incidents in the past.
What types of cybersecurity incidents have occurred at When You Wish Upon a Star ?
Incident Types: The types of cybersecurity incidents that have occurred include .
Incident Details
What are the most common types of attacks the company has faced ?
Additional Questions
.png)
Latest Global CVEs (Not Company-Specific)
Description
Versa SASE Client for Windows versions released between 7.8.7 and 7.9.4 contain a local privilege escalation vulnerability in the audit log export functionality. The client communicates user-controlled file paths to a privileged service, which performs file system operations without impersonating the requesting user. Due to improper privilege handling and a time-of-check time-of-use race condition combined with symbolic link and mount point manipulation, a local authenticated attacker can coerce the service into deleting arbitrary directories with SYSTEM privileges. This can be exploited to delete protected system folders such as C:\\Config.msi and subsequently achieve execution as NT AUTHORITY\\SYSTEM via MSI rollback techniques.
Risk Information
cvss4
Base: 8.5
Severity: LOW
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
The WP JobHunt plugin for WordPress, used by the JobCareer theme, is vulnerable to unauthorized modification of data due to a missing capability check on the 'cs_update_application_status_callback' function in all versions up to, and including, 7.7. This makes it possible for authenticated attackers, with Candidate-level access and above, to inject cross-site scripting into the 'status' parameter of applied jobs for any user.
Risk Information
cvss3
Base: 7.6
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L
Description
The WP JobHunt plugin for WordPress, used by the JobCareer theme, is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 7.7 via the 'cs_update_application_status_callback' due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with Candidate-level access and above, to send a site-generated email with injected HTML to any user.
Risk Information
cvss3
Base: 4.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Description
The FiboSearch – Ajax Search for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's `thegem_te_search` shortcode in all versions up to, and including, 1.32.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This vulnerability requires TheGem theme (premium) to be installed with Header Builder mode enabled, and the FiboSearch "Replace search bars" option enabled for TheGem integration.
Risk Information
cvss3
Base: 5.4
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
References
- https://plugins.trac.wordpress.org/browser/ajax-search-for-woocommerce/tags/1.32.0/partials/themes/thegem-elementor.php#L104
- https://plugins.trac.wordpress.org/browser/ajax-search-for-woocommerce/tags/1.32.0/partials/themes/thegem-elementor.php#L94
- https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3420841%40ajax-search-for-woocommerce%2Ftrunk&old=3398612%40ajax-search-for-woocommerce%2Ftrunk&sfp_email=&sfph_mail=#file136
- https://wordpress.org/plugins/ajax-search-for-woocommerce
- https://www.wordfence.com/threat-intel/vulnerabilities/id/8149103e-105d-401d-8a15-b07d131baaac?source=cve
Description
The Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.11.0 via the ajax_get_members function. This is due to the use of a predictable low-entropy token (5 hex characters derived from md5 of post ID) to identify member directories and insufficient authorization checks on the unauthenticated AJAX endpoint. This makes it possible for unauthenticated attackers to extract sensitive data including usernames, display names, user roles (including administrator accounts), profile URLs, and user IDs by enumerating predictable directory_id values or brute-forcing the small 16^5 token space.
Risk Information
cvss3
Base: 5.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
References
- https://plugins.trac.wordpress.org/browser/ultimate-member/tags/2.10.6/includes/class-functions.php#L41
- https://plugins.trac.wordpress.org/browser/ultimate-member/tags/2.10.6/includes/core/class-ajax-common.php#L61
- https://plugins.trac.wordpress.org/browser/ultimate-member/tags/2.10.6/includes/core/class-member-directory.php#L205
- https://plugins.trac.wordpress.org/browser/ultimate-member/tags/2.10.6/includes/core/class-member-directory.php#L2795
- https://plugins.trac.wordpress.org/browser/ultimate-member/tags/2.10.6/templates/members.php#L26
- https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3421362%40ultimate-member%2Ftrunk&old=3408617%40ultimate-member%2Ftrunk&sfp_email=&sfph_mail=
- https://www.wordfence.com/threat-intel/vulnerabilities/id/61337d2d-d15a-45f2-b730-fc034eb3cd31?source=cve
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=when-you-wish-upon-a-star' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
