WG
Company Details
Linkedin ID:
workforgooduk
Website:
Employees number:
9
Number of followers:
3,317
NAICS:
561499
Industry Type:
Homepage:
workforgood.co.uk
IP Addresses:
0
Company ID:
WOR_1065613
Scan Status:
In-progress
Work for Good Company CyberSecurity Posture
workforgood.co.uk
Transforming Giving, One Connection at a Time: Our innovative sales fundraising platform has facilitated over £4 million in donations and sales pledges for charities. With a network boasting over 1500 charities, including revered names like Teenage Cancer Trust, Rewilding Britain, and Alzheimer’s Research UK, as well as trusted brands like The Trussell Trust, Refuge, DEC, and Mind, we're proud to be the bridge between SME businesses and causes that matter to them. From grassroots local organisations to renowned national charities, our platform democratises giving, making it accessible to all. Through our user-friendly online tools, we empower SMEs to seamlessly integrate charitable giving into their sales strategies. Join us in simplifying the process of giving back, one transaction at a time.
Work for Good A.I CyberSecurity Scoring
WG Risk Score (AI oriented)Between 750 and 799
WG
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
WG Global Score (TPRM)XXXX
WG
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
WG Company CyberSecurity News & History
Past Incidents
0
Attack Types
0
No data available
WG Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for WG
Incidents vs Fundraising Industry Average (This Year)
No incidents recorded for Work for Good in 2025.
Incidents vs All-Companies Average (This Year)
No incidents recorded for Work for Good in 2025.
Incident Types WG vs Fundraising Industry Avg (This Year)
No incidents recorded for Work for Good in 2025.
Incident History — WG (X = Date, Y = Severity)
WG cyber incidents detection timeline including parent company and subsidiaries
WG Company Subsidiaries
Transforming Giving, One Connection at a Time: Our innovative sales fundraising platform has facilitated over £4 million in donations and sales pledges for charities. With a network boasting over 1500 charities, including revered names like Teenage Cancer Trust, Rewilding Britain, and Alzheimer’s Research UK, as well as trusted brands like The Trussell Trust, Refuge, DEC, and Mind, we're proud to be the bridge between SME businesses and causes that matter to them. From grassroots local organisations to renowned national charities, our platform democratises giving, making it accessible to all. Through our user-friendly online tools, we empower SMEs to seamlessly integrate charitable giving into their sales strategies. Join us in simplifying the process of giving back, one transaction at a time.
Loading...
WG Similar Companies
HACEMOS at AT&T
HACEMOS is the Hispanic/Latino Employee Resource Group (ERG) at AT&T founded in 1988. With a nationwide presence and operating as a 501c3 non-profit organization, HACEMOS is committed to supporting our company, our members, and the communities we serve. Our mission is to foster an environment wher
WeLoveStartups
In collaboration with our co-creators we lift entrepreneurs, so that they can create progress for Denmark. We believe in passionate and innovative entrepreneurs, and our passion is to improve their startups’ chances of achieving success. We offer smart startup grants for entrepreneurs, who can pr
MortarStone
MortarStone helps you increase giving and grow engagement! Trusted by over 2,000 churches, we've helped raise over $15 billion in giving. Using MortarStone’s analytics you can – • Increase giving by over 10% in just one month • Quickly identify new givers, lapsed givers, regular givers, & top give
Friends of the WNC Nature Center
The Friends are a vital partner with the WNC Nature Center. With their donors and members, the Friends enrich the Nature Center’s mission to connect people with the plants and animals of the Southern Appalachian Mountains. As a conservation organization, the Friends inspires a passion to know more,
Fort Lee Education Foundation
Established in 2005, FLEFNJ is a non-profit, volunteer community organization that raises funds for innovative educational programs at Fort Lee Schools. Through FLEFNJ, Fort Lee High School teachers and students can apply for grants to fund projects that bring creative learning into the school and c
The Austin Shepherd Foundation
The Austin Shepherd Foundation believes that love really does save lives. We focus on bringing love, joy and hope to as many children as we can. Through monthly visits to Childrens Hospital of Birmingham, fundraisers, football games, and more, we look to help children find a reason to live and fight
.png)
WG CyberSecurity News
November 25, 2025 08:00 AM
Highest Paying Tech Jobs in 2026: Top 25 Roles to Consider
Highest Paying Tech Jobs: 1. Software Architect 2. AI Engineer 3. Site Reliability Engineer 4. Data Scientist 5. Cloud Engineer 6.
November 18, 2025 08:00 AM
The Complete List of Hacker And Cybersecurity Movies
Hacker's Movie Guide” with Foreword by Steve Wozniak, co-founder of Apple.
November 11, 2025 05:23 PM
Remote Work Cybersecurity: How to Protect Your Business in 2025
If your employees work from home, even part of the time, your business is exposed to a growing set of remote work cybersecurity risks that...
November 04, 2025 08:00 AM
How to Become a Cybersecurity Engineer in 2026?
Cybersecurity engineers play a pivotal role in safeguarding sensitive data and protecting systems from cyber threats.
October 31, 2025 07:00 AM
Study concludes cybersecurity training doesn’t work
A lot of companies use cybersecurity training to prevent phishing attacks. A UC San Diego study says they should find a better way to...
October 18, 2025 07:00 AM
Cybersecurity Skills: Soft & Hard Skills for Cybersecurity | NU
Cybersecurity threats touch almost every organization with data to protect. As work, school, banking, and even healthcare move online,...
September 24, 2025 07:00 AM
Rep. Mike Bare on cybersecurity, child care and remote work
Steven Potter: Republicans say that cybersecurity risks with employees working from home on unsecured internet connections is another reason...
September 01, 2025 07:00 AM
10 Best Cybersecurity Practices for Remote Workers in 2026 (Stay Safe While Working From Anywhere)
10 Best Cybersecurity Practices for Remote Workers in 2026 (Stay Safe While Working From Anywhere) · 1. Use Strong, Unique Passwords (and a...
June 25, 2025 07:00 AM
10 Remote Work Cybersecurity Risks and How to Prevent Them
Read about common remote work cybersecurity risks triggered by expanded attack surfaces, limited user oversight, vulnerable technologies and...
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
WG CyberSecurity History Information
Official Website of Work for Good
The official website of Work for Good is https://workforgood.co.uk/.
Work for Good’s AI-Generated Cybersecurity Score
According to Rankiteo, Work for Good’s AI-generated cybersecurity score is 756, reflecting their Fair security posture.
How many security badges does Work for Good’ have ?
According to Rankiteo, Work for Good currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Does Work for Good have SOC 2 Type 1 certification ?
According to Rankiteo, Work for Good is not certified under SOC 2 Type 1.
Does Work for Good have SOC 2 Type 2 certification ?
According to Rankiteo, Work for Good does not hold a SOC 2 Type 2 certification.
Does Work for Good comply with GDPR ?
According to Rankiteo, Work for Good is not listed as GDPR compliant.
Does Work for Good have PCI DSS certification ?
According to Rankiteo, Work for Good does not currently maintain PCI DSS compliance.
Does Work for Good comply with HIPAA ?
According to Rankiteo, Work for Good is not compliant with HIPAA regulations.
Does Work for Good have ISO 27001 certification ?
According to Rankiteo,Work for Good is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of Work for Good
Work for Good operates primarily in the Fundraising industry.
Number of Employees at Work for Good
Work for Good employs approximately 9 people worldwide.
Subsidiaries Owned by Work for Good
Work for Good presently has no subsidiaries across any sectors.
Work for Good’s LinkedIn Followers
Work for Good’s official LinkedIn profile has approximately 3,317 followers.
NAICS Classification of Work for Good
Work for Good is classified under the NAICS code 561499, which corresponds to All Other Business Support Services.
Work for Good’s Presence on Crunchbase
No, Work for Good does not have a profile on Crunchbase.
Work for Good’s Presence on LinkedIn
Yes, Work for Good maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/workforgooduk.
Cybersecurity Incidents Involving Work for Good
As of December 21, 2025, Rankiteo reports that Work for Good has not experienced any cybersecurity incidents.
Number of Peer and Competitor Companies
Work for Good has an estimated 1,146 peer or competitor companies worldwide.
Work for Good CyberSecurity History Information
How many cyber incidents has Work for Good faced ?
Total Incidents: According to Rankiteo, Work for Good has faced 0 incidents in the past.
What types of cybersecurity incidents have occurred at Work for Good ?
Incident Types: The types of cybersecurity incidents that have occurred include .
Incident Details
What are the most common types of attacks the company has faced ?
Additional Questions
.png)
Latest Global CVEs (Not Company-Specific)
Description
Versa SASE Client for Windows versions released between 7.8.7 and 7.9.4 contain a local privilege escalation vulnerability in the audit log export functionality. The client communicates user-controlled file paths to a privileged service, which performs file system operations without impersonating the requesting user. Due to improper privilege handling and a time-of-check time-of-use race condition combined with symbolic link and mount point manipulation, a local authenticated attacker can coerce the service into deleting arbitrary directories with SYSTEM privileges. This can be exploited to delete protected system folders such as C:\\Config.msi and subsequently achieve execution as NT AUTHORITY\\SYSTEM via MSI rollback techniques.
Risk Information
cvss4
Base: 8.5
Severity: LOW
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
The WP JobHunt plugin for WordPress, used by the JobCareer theme, is vulnerable to unauthorized modification of data due to a missing capability check on the 'cs_update_application_status_callback' function in all versions up to, and including, 7.7. This makes it possible for authenticated attackers, with Candidate-level access and above, to inject cross-site scripting into the 'status' parameter of applied jobs for any user.
Risk Information
cvss3
Base: 7.6
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L
Description
The WP JobHunt plugin for WordPress, used by the JobCareer theme, is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 7.7 via the 'cs_update_application_status_callback' due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with Candidate-level access and above, to send a site-generated email with injected HTML to any user.
Risk Information
cvss3
Base: 4.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Description
The FiboSearch – Ajax Search for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's `thegem_te_search` shortcode in all versions up to, and including, 1.32.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This vulnerability requires TheGem theme (premium) to be installed with Header Builder mode enabled, and the FiboSearch "Replace search bars" option enabled for TheGem integration.
Risk Information
cvss3
Base: 5.4
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
References
- https://plugins.trac.wordpress.org/browser/ajax-search-for-woocommerce/tags/1.32.0/partials/themes/thegem-elementor.php#L104
- https://plugins.trac.wordpress.org/browser/ajax-search-for-woocommerce/tags/1.32.0/partials/themes/thegem-elementor.php#L94
- https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3420841%40ajax-search-for-woocommerce%2Ftrunk&old=3398612%40ajax-search-for-woocommerce%2Ftrunk&sfp_email=&sfph_mail=#file136
- https://wordpress.org/plugins/ajax-search-for-woocommerce
- https://www.wordfence.com/threat-intel/vulnerabilities/id/8149103e-105d-401d-8a15-b07d131baaac?source=cve
Description
The Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.11.0 via the ajax_get_members function. This is due to the use of a predictable low-entropy token (5 hex characters derived from md5 of post ID) to identify member directories and insufficient authorization checks on the unauthenticated AJAX endpoint. This makes it possible for unauthenticated attackers to extract sensitive data including usernames, display names, user roles (including administrator accounts), profile URLs, and user IDs by enumerating predictable directory_id values or brute-forcing the small 16^5 token space.
Risk Information
cvss3
Base: 5.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
References
- https://plugins.trac.wordpress.org/browser/ultimate-member/tags/2.10.6/includes/class-functions.php#L41
- https://plugins.trac.wordpress.org/browser/ultimate-member/tags/2.10.6/includes/core/class-ajax-common.php#L61
- https://plugins.trac.wordpress.org/browser/ultimate-member/tags/2.10.6/includes/core/class-member-directory.php#L205
- https://plugins.trac.wordpress.org/browser/ultimate-member/tags/2.10.6/includes/core/class-member-directory.php#L2795
- https://plugins.trac.wordpress.org/browser/ultimate-member/tags/2.10.6/templates/members.php#L26
- https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3421362%40ultimate-member%2Ftrunk&old=3408617%40ultimate-member%2Ftrunk&sfp_email=&sfph_mail=
- https://www.wordfence.com/threat-intel/vulnerabilities/id/61337d2d-d15a-45f2-b730-fc034eb3cd31?source=cve
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=workforgooduk' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
