What is the official website of Zoho Middle East & North Africa ?

The official website of Zoho Middle East & North Africa is https://zoho.com.

What is Zoho Middle East & North Africa's cybersecurity risk score?

Zoho Middle East & North Africa has an AI-generated cybersecurity risk score of 751 out of 1000, indicating a Fair security posture according to Rankiteo's assessment.

How many security incidents has Zoho Middle East & North Africa experienced?

According to Rankiteo, Zoho Middle East & North Africa currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.

Has Zoho Middle East & North Africa been affected by any supply chain cyber incidents ?

According to Rankiteo, Zoho Middle East & North Africa has been affected by a supply chain cyber incident involving Wondershare Technology, with the incident ID ZOHWON1776076134.

Does Zoho Middle East & North Africa have SOC 2 Type 1 certification ?

According to Rankiteo, Zoho Middle East & North Africa is not certified under SOC 2 Type 1.

Does Zoho Middle East & North Africa have SOC 2 Type 2 certification ?

According to Rankiteo, Zoho Middle East & North Africa does not hold a SOC 2 Type 2 certification.

Does Zoho Middle East & North Africa comply with GDPR ?

According to Rankiteo, Zoho Middle East & North Africa is not listed as GDPR compliant.

Does Zoho Middle East & North Africa have PCI DSS certification ?

According to Rankiteo, Zoho Middle East & North Africa does not currently maintain PCI DSS compliance.

Does Zoho Middle East & North Africa comply with HIPAA ?

According to Rankiteo, Zoho Middle East & North Africa is not compliant with HIPAA regulations.

Does Zoho Middle East & North Africa have ISO 27001 certification ?

According to Rankiteo,Zoho Middle East & North Africa is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.

Which industry does Zoho Middle East & North Africa operate in ?

Zoho Middle East & North Africa operates primarily in the Software Development industry.

How many employees does Zoho Middle East & North Africa have ?

Zoho Middle East & North Africa employs approximately 47 people worldwide.

Does Zoho Middle East & North Africa own any subsidiaries ?

Zoho Middle East & North Africa presently has no subsidiaries across any sectors.

How many LinkedIn followers does Zoho Middle East & North Africa have ?

Zoho Middle East & North Africa's official LinkedIn profile has approximately 31,633 followers.

What is the NAICS classification code for Zoho Middle East & North Africa ?

Zoho Middle East & North Africa is classified under the NAICS code 5112, which corresponds to Software Publishers.

Does Zoho Middle East & North Africa have a Crunchbase profile ?

No, Zoho Middle East & North Africa does not have a profile on Crunchbase.

Does Zoho Middle East & North Africa have a LinkedIn profile ?

Yes, Zoho Middle East & North Africa maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/zoho-mena.

How many cybersecurity incidents has Zoho Middle East & North Africa experienced ?

As of June 14, 2026, Rankiteo reports that Zoho Middle East & North Africa has experienced 3 cybersecurity incidents.

How many peer or competitor companies does Zoho Middle East & North Africa have ?

Zoho Middle East & North Africa has an estimated 30,071 peer or competitor companies worldwide.

What types of cybersecurity incidents has Zoho Middle East & North Africa faced ?

Incident Types: The types of cybersecurity incidents that have occurred include Vulnerability and Cyber Attack.

NEWRankiteo Cyber Underwriting Desktop - Score, price, and bind from your desktop

WindowsmacOSLinux

Download

Badge your company to reduce your risk score and your cyber insurance costs!

Link verified badges to your company page to build trust with insurers and customers.

Apply now and get your badge!

Internal validation & live display

Insurers and partners see a safer profile

Faster underwriting decisions

Trusted by insurers. Chosen by leaders.

Proud contributor to the Society of Actuaries.

ZMENA

Boost Score +25 with badge (5 left)

751

/1000

Fair

776

/1000

Fair

Zoho Middle East & North Africa Vendor Cyber Rating & Cyber Score

zoho.com

Add Your Compliance Badge

In the past 26+ years, Zoho Corporation has become one of the leading companies in software engineering behind three prominent brands: Zoho, ManageEngine, and Qntrl. Zoho offers world-class software to help you grow your business. With over 130+ million users worldwide, Zoho's 55+ products aid your sales and marketing, support and collaboration, and finance and recruitment needs. For Zoho MEA Customer Support: WhatsApp: +971 58 271 8439 Call UAE: 800 ZOHO (9646) Email: [email protected] أصبحت زوهو كوربوريشن في الخمس وعشرين سنة الماضية شركة رائدة في مجال هندسة البرمجيات، بثلاث علامات تجارية بارزة هي زوهو وماناج إنجن وكنترول. وتقدم زوهو برامج ذات مستوى عالمي تساعدكم على تنمية أعمالكم. ومع أكثر من 130 مليون مستخدم حول العالم، تساعد

ZMENA A.I CyberSecurity Scoring

Scoring History

ZMENA

Zoho Middle East & North Africa CyberSecurity News & History

Past Incidents

Attack Types

Entity

Type

Severity

Impact

Seen

Blog Details

Supply Chain Source

Incident Details

View

Zoho

Cyber Attack

100

12/2025

Wondershare Tec...

ZOHWON177607613...

Zoho

Cyber Attack

10/2025

ZOH1776249079

Zoho Middle East & ...

Vulnerability

3/2025

ZOH411030525

Loading…

A.I.

ZMENA Company Scoring based on AI Models

Cyber Incidents Likelihood 3 - 6 - 9 months

Actual

Prediction

Incident Predictions locked

Access Monitoring Plan

A.I Risk Score Likelihood 3 - 6 - 9 months

Actual

Prediction A

Prediction B

Prediction C

Prediction D

A.I. Risk Score Predictions locked

Access Monitoring Plan

Loading…

Underwriter Stats for ZMENA

Incidents vs Software Development Industry Avg (This Year)

No incidents recorded for Zoho Middle East & North Africa in 2026.

Incidents vs All-Companies Average (This Year)

No incidents recorded for Zoho Middle East & North Africa in 2026.

Incident Types ZMENA vs Software Development Industry Avg (This Year)

No incidents recorded for Zoho Middle East & North Africa in 2026.

Incident History - ZMENA (X = Date, Y = Severity)

Loading…

SUBSIDIARY

Zoho Middle East & North Africa Subsidiaries

ZMENA

Software Development

Website: https://zoho.com

Company Size: 47

ZohoSoftware Development

Zoho RecruitSoftware Development

Zoho CRMIT Services and IT Consulting

Zoho OneIT Services and IT Consulting

Zoho RetailIQTechnology, Information and Media

Zoholics EventsIT Services and IT Consulting

Zoho CreatorSoftware Development

Zoho CampaignsMarketing Services

Zoho Australia & New ZealandIT Services and IT Consulting

Zoho PeopleHuman Resources Services

Zoho BooksSoftware Development

Zoho APACIT Services and IT Consulting

Zoho PhilippinesIT Services and IT Consulting

Zoho ProjectsIT Services and IT Consulting

Zoho AfricaInformation Technology & Services

Zoho AnalyticsInformation Technology & Services

Zoho PayrollSoftware Development

Zoho FranceSoftware Development

Zoho SocialIT Services and IT Consulting

Bigin by Zoho CRMSoftware Development

Zoho CliqIT Services and IT Consulting

Zoho CanadaIT Services and IT Consulting

Zoho DeskIT Services and IT Consulting

Zoho SignIT Services and IT Consulting

Zoho BookingsIT Services and IT Consulting

Zoho CommerceIT Services and IT Consulting

Zoho WorkDriveIT Services and IT Consulting

Zoho WebinarTechnology, Information and Internet

Zoho BackstageEvents Services

Zoho AssistSoftware Development

Zoho MarketplaceIT Services and IT Consulting

Zoho PaymentsTechnology, Information and Media

Zoho SurveyIT Services and IT Consulting

Zoho ShowIT Services and IT Consulting

Zoho FlowSoftware Development

Zoho SprintsIT Services and IT Consulting

Zoho ExpenseSoftware Development

Zoho WorkerlyHuman Resources Services

Zoho EspañaSoftware Development

Zoho IndonesiaIT Services and IT Consulting

Zoho Marketing AutomationMarketing Services

Zoho TablesSoftware Development

Zoho DeutschlandSoftware Development

Zoho FormsIT Services and IT Consulting

Zoho MeetingIT Services and IT Consulting

Zoho PracticeAccounting

Zoho JapanIT Services and IT Consulting

Zoho DirectoryIT Services and IT Consulting

Zoho RPASoftware Development

Zoho InventorySoftware Development

Zoho QEngineSoftware Development

Zoho WriterIT Services and IT Consulting

Zoho VietnamInformation Technology & Services

Zoho OneAuth-AuthenticatorTechnology, Information and Internet

Zoho SheetIT Services and IT Consulting

Zoho ChinaSoftware Development

Zoho LensInformation Technology & Services

Zoho ThriveIT Services and IT Consulting

Zoho PublishMarketing Services

Zoho TeamInboxIT Services and IT Consulting

Zia AgentsTechnology, Information and Media

Zoho for HealthcareTechnology, Information and Internet

Zoho ShiftsTechnology, Information and Internet

Zoho ThailandIT Services and IT Consulting

Zoho SpendTechnology, Information and Media

Zoho NotebookIT Services and IT Consulting

Zoho Marketing PlusSoftware Development

Zoho TranslateTechnology, Information and Media

Zoho PDF EditorTechnology, Information and Media

Zoho PageSenseInformation Technology & Services

Zoho Office IntegratorIT Services and IT Consulting

Zoho CaresSoftware Development

Zoho Benelux & NordicsIT Services and IT Consulting

Zoho SalesIQIT Services and IT Consulting

Loading…

Zoho Middle East & North Africa Similar Companies

Siemens Digital Industries Software

siemens.com

We help organizations of all sizes digitally transform using software, hardware and services from the Siemens Xcelerator business platform. Our software and the comprehensive digital twin enable companies to optimize their design, engineering and manufacturing processes to turn today's ideas into the sustainable products of the future. From chips to entire systems, from product to process, across all industries. We help transform the everyday as part of @Siemens, To learn more, visit http://sw.siemens.com.

Booking.com

booking.com

A career at Booking.com is all about the journey, helping you explore new challenges in a place where you can be your best self. With plenty of exciting twists, turns and opportunities along the way. We’ve always been pioneers, on a mission to shape the future of travel through cutting edge technology, to make it easier for everyone to enjoy amazing experiences wherever they go. Under a desert sky, or in the heart of a bustling city. Discovering the perfect hideaway, or the perfect paella. When you join us, you’ll be part of a community where taking a different path and trying something new is celebrated and supported. And where making a difference counts. We’re determined to make the world of travel more sustainable, more accessible, and more inclusive, to create a positive impact on a global scale. That’s why we’re always looking for people who search for better solutions, the ones eager to stray off the beaten path to find new ways of doing things. Because at Booking.com it’s more than a job, it’s a journey we’re on together.

JD.COM

cb jd.com

JD.com, also known as JINGDONG, is a leading e-commerce company transferring to be a technology and service enterprise with supply chain at its core. JD.com’s business has expanded across retail, technology, logistics, health, property development, industrials, and international business. Ranking 44 on the Fortune Global 500, JD.com is China’s largest retailer by revenue. JD.com serves over 600 million customers and has set the standard for e-commerce through its commitment to quality, authenticity, and competitive pricing. The company operates the largest fulfillment infrastructure of any e-commerce company in China, enabling 90% of retail orders to be delivered within the same or next day. JD.com also promotes productivity and innovation across a range of industries by offering its cutting-edge technology and infrastructure to partners, brands, and diverse sectors.

ByteDance

bytedance.com

ByteDance is a global incubator of platforms at the cutting edge of commerce, content, entertainment and enterprise services - over 2.5bn people interact with ByteDance products including TikTok. Creation is the core of ByteDance's purpose. Our products are built to help imaginations thrive. This is doubly true of the teams that make our innovations possible. Together, we inspire creativity and enrich life - a mission we aim towards achieving every day. At ByteDance, we create together and grow together. That's how we drive impact - for ourselves, our company, and the users we serve. We are committed to building a safe, healthy and positive online environment for all our users. We have over 110,000 employees based in more than 30 countries globally. Join us.

OpenText

opentext.com

OpenText is a leading Cloud and AI company that provides organizations around the world with a comprehensive suite of Business AI, Business Clouds, and Business Technology. We help organizations grow, innovate, become more efficient and effective, and do so in a trusted and secure way—through Information Management. OpenText (NASDAQ/TSX: OTEX), founded in 1991 in Waterloo, has a rich history of helping customers manage their most important asset—information. Originating from a collaboration to digitize the Oxford English Dictionary, OpenText has grown into a global leader in information management. With over 120,000 enterprise customers across 180 countries, OpenText supports 98 of the top 100 global companies. A wide breadth of offerings uniquely positions OpenText to help customers unlock the value of that information using Al, cloud, and security innovations. At OpenText, our culture is at the heart of everything we do—and today, that includes being proudly AI-first. We’re creating a workplace where everyone can thrive, with artificial intelligence integrated into how we work, solve problems, and innovate together. By fostering a collaborative and inclusive environment, we empower digital knowledge workers and drive forward-thinking solutions that shape the future of information management. We believe our success comes from the strength of our team—talent that AI can’t replace—and we’re committed to attracting and supporting those who bring unique insight, adaptability, and creativity. Because at OpenText, people aren’t just our greatest asset—they’re the reason we shine in an AI-powered world. Join us at OpenText and become part of a team where your talents and ideas are truly valued.

Cox Automotive Inc.

coxautoinc.com

Cox Automotive is the world’s largest automotive services and technology provider. Fueled by the largest breadth of first-party data fed by 2.3 billion online interactions a year, Cox Automotive tailors leading solutions for car shoppers, auto manufacturers, dealers, lenders and fleets. The company has 29,000+ employees on five continents and a portfolio of industry-leading brands that include Autotrader®, Kelley Blue Book®, Manheim®, vAuto®, Dealertrack®, NextGear Capital™, CentralDispatch® and FleetNet America®. Cox Automotive is a subsidiary of Cox Enterprises Inc., a privately-owned, Atlanta-based company with $22 billion in annual revenue.

KPIT

kpit.com

About KPIT KPIT is reimagining the future of mobility, forging ahead with group companies and partners to shape a world that is cleaner, smarter, and safer. With over 25 years of specialized expertise in Mobility, KPIT is accelerating the transformation towards Software and AI-Defined Vehicles through its advanced solutions, platforms, and products—propelled by mobility-infused AI frameworks, software craftsmanship, and systems integration mastery. Vision in Motion Fueled by 2000+ vehicle production programs and powering 20+ million vehicles on the road with KPIT software, our experience in unmatched. At the same time, we push boundaries, developing solutions that enable Mobility OEMs to innovate at speed and scale. For more details, visit www.kpit.com

Upwork

cb upwork.com

Upwork is the world’s work marketplace that connects businesses with independent talent from across the globe. We serve everyone from one-person startups to large, Fortune 100 enterprises with a powerful, trust-driven platform that enables companies and talent to work together in new ways that unlock their potential. Our talent community on Upwork encompasses more than 10,000 skills in categories including website & app development, creative & design, customer support, finance & accounting, consulting, and operations.

GlobalLogic

globallogic.com

GlobalLogic, a Hitachi Group company, is a trusted partner in design, data, and digital engineering for the world’s largest and most innovative companies. Since our inception in 2000, we have been at the forefront of the digital revolution, helping to create some of the most widely used digital products and experiences. Our purpose is to positively impact society and the planet through cutting-edge technology. Together with our clients, we are engineering impact through intelligent products, platforms, and services that are designed for desirability, engineered for excellence, and curated for intelligence. Our people-first culture fosters shoulder-to-shoulder teamwork, supported by a unique lab model and flexible delivery options, including onshore, nearshore, and offshore solutions. We also prioritize environmental stewardship in our product development and are committed to leveraging the diversity of thoughts as a driver for business innovation, attracting and developing talent, and sustainable growth. We are proud of our global recognitions: Leader in the ISG Provider Lens™ Digital Engineering Services 2024 U.S. report Everest Group's Software Product Engineering Services Peak Matrix 2024 Star Performer in Major Contender in Everest Group’s Trust & Safety Peak Matrix 2024 2024 EcoVadis Silver Sustainability Rating Join us as we continue to shape the future of digital engineering and create lasting impacts for businesses and communities worldwide: globallogic.com

Loading…

NEWS

Zoho Middle East & North Africa CyberSecurity News

Latest updates, reports, and threat intel affecting the global network.

February 27, 2026 01:58 PM

Zoho marks one million customer milestone on its 30th anniversary

Zoho Corporation marked its 30th anniversary by announcing two major milestones: the company now supports more than one million paying...

Read Article

February 27, 2026 07:53 AM

Billionaire-backed Zoho ramps up South Africa push with plans for local data centers

Zoho, owned by India's billionaire Vembu family, is in talks to build data centers in South Africa as it rides rapid growth across Africa.

Read Article

February 26, 2026 08:58 AM

Zoho Positions Open Source Cloud As Budget-Friendly Rival To Google And Microsoft Corp. In MEA

Zoho is scaling self-funded data centres across the UAE, Saudi Arabia and South Africa, using its lower-cost open source cloud stack to...

Read Article

February 25, 2026 12:23 PM

Zoho Corporation Surpasses One Million Customers Globally, MENA Region Becomes its Second Fatest-Growing Market

Zoho Corporation, a leading global technology company, marked its 30th anniversary by announcing two major milestones: the company now...

Read Article

February 25, 2026 08:00 AM

Billionaire-Backed Zoho Plans More Mideast, Africa Data Centers

Zoho Corp., a software firm owned by the Indian billionaire Vembu family, is in talks to build out its own data centers in the United Arab...

Read Article

February 25, 2026 08:00 AM

Egypt becomes fastest-growing market for Indian tech firm Zoho - Economy - Business

Egypt is the fastest-growing market for Indian technology and software provider Zoho Corporation, recording a 57 percent Compound Annual...

Read Article

February 23, 2026 10:35 AM

Zoho’s Hyther Nizam on Data Centres, AI, and Competing with Microsoft in UAE

Zoho MEA President Hyther Nizam discusses the company's AED 100M UAE investment, new Dubai and Abu Dhabi data centres, and why businesses...

Read Article

January 21, 2026 08:00 AM

Zoho plans data center expansion in SE Asia, eyes Indonesia as potential location

Zoho and ManageEngine plan to expand global data centers, including a potential facility in Indonesia.

Read Article

January 16, 2026 08:00 AM

Zoho Meeting - Review 2026

With no shortage of video conferencing options in the world of remote work, Zoho Meeting stands out with extremely affordable pricing.

Read Article

Loading…

CVE

Latest

Global CVEs (Not Company-Specific)

CVE-2026-12175

SUMMARY

A vulnerability was detected in CodeAstro Student Attendance Management System 1.0. Impacted is an unknown function of the file /attendance-php/Admin/createStudents.php. Performing a manipulation of the argument admissionNumber results in sql injection. Remote exploitation of the attack is possible. The exploit is now public and may be used.

Published

Date2026-06-13

Updated

Date2026-06-13

RISK INFORMATION (Score: 4.7)

cvss2

Base Score: 5.8

Complexity: LOW

AV:N/AC:L/Au:M/C:P/I:P/A:P

cvss3

Base Score: 4.7

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L

cvss4

Base Score: 2.0

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

3.4

Exploitability

1.2

REFERENCES

CVE-2026-12174

SUMMARY

A security vulnerability has been detected in D-Link DCS-935L 1.10.01. This issue affects the function snprintf of the file /web/cgi-bin/greece/rhea of the component HTTP Handler. Such manipulation of the argument data leads to format string. The attack may be launched remotely. The exploit has been disclosed publicly and may be used.

Published

Date2026-06-13

Updated

Date2026-06-13

RISK INFORMATION (Score: 8.8)

cvss2

Base Score: 9.0

Complexity: LOW

AV:N/AC:L/Au:S/C:C/I:C/A:C

cvss3

Base Score: 8.8

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

cvss4

Base Score: 7.4

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

5.9

Exploitability

2.8

REFERENCES

CVE-2026-12183

SUMMARY

Nefteprodukttekhnika BUK TS-G Gas Station Automation System 2.9.1 through 2.10.2 on Linux contains an Improper Authentication vulnerability (CWE-287) in the system configuration module. The /php/ajax-login.php endpoint returns userid=1 (administrator) in response to any HTTP POST request that supplies arbitrary credentials (e.g., action=dologin&login=<any_value>&pwd=<any_value>), and subsequent privileged endpoints under /php/ajax-main.php and /modules/* do not validate a server-side session. A remote unauthenticated attacker can invoke any administrative action exposed by the configuration module, including reading and modifying user rules, fuel tank gauges, fuel dispensers, relays, cash registers, bank terminals, fuel cards, price and customer displays, cash collection, and pricing rules.

Published

Date2026-06-13

Updated

Date2026-06-13

RISK INFORMATION (Score: 9.8)

cvss3

Base Score: 9.8

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

cvss4

Base Score: 9.3

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

5.9

Exploitability

3.9

REFERENCES

CVE-2026-6428

SUMMARY

SQL Injection in reports/catalogue_out.pl in Koha Community Koha through 22.11.37, 23.x, 24.x before 24.11.16, 25.05.x before 25.05.11, 25.11.x before 25.11.05, 26.05.x before 26.05.01, and 26.11.x before 26.11.00 allows an authenticated staff user with the Reports module flag to read arbitrary data from the Koha application database via the Filter URL parameter when the Criteria parameter matches /branchcode/. The vulnerable sink in sub calculate concatenates the unmodified Filter request parameter directly into a LIKE clause of the auxiliary $strsth2 statement and executes it via DBI without bound parameters: my $f = @$filters[0]; $f =~ s/\*/%/g; $strsth2 .= " AND $column LIKE '$f' "; This enables error-based SQL injection (e.g., via EXTRACTVALUE) and full read access to sensitive tables including borrowers (password hashes, 2FA secrets, PII), borrower_password_recovery, api_keys, and sessions. Proof of concept (error-based, single request): GET /cgi-bin/koha/reports/catalogue_out.pl?do_it=1&output=screen&Limit=10&Criteria=branchcode&Filter=x'+AND+EXTRACTVALUE(1,CONCAT(0x7e,VERSION(),0x7c,USER(),0x7c,DATABASE(),0x7e))--+- Cookie: CGISESSID=<LIBRARIAN_SESSION> The response body contains the DBI exception leaking the MariaDB version, database user, client IP, and database name, after which arbitrary data can be paged out using LIMIT n,1 / SUBSTRING(...). The vulnerable sink was introduced in commit 6bb77ae3e4 (2008-07-09); CVE-2015-4633 patched the same class in sibling files but did not generalise the fix to reports/catalogue_out.pl. Fixed in Koha 22.11.38, 24.11.16, 25.05.11, 25.11.05, 26.05.01, and 26.11.00 by replacing the raw concatenation with a parameterised placeholder.

Published

Date2026-06-13

Updated

Date2026-06-13

RISK INFORMATION (Score: 7.6)

cvss2

Base Score: 7.5

Complexity: LOW

AV:N/AC:L/Au:S/C:C/I:N/A:P

cvss3

Base Score: 7.6

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L

cvss4

Base Score: 5.6

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:X/V:C/RE:X/U:Amber

Impact Score

4.7

Exploitability

2.8

REFERENCES

CVE-2026-5513

SUMMARY

The Online Scheduling and Appointment Booking System – Bookly plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'bookly-customer-full-name' cookie in versions up to, and including, 27.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Exploitation requires 'Remember personal information in cookies' setting to be enabled (disabled by default).

Published

Date2026-06-13

Updated

Date2026-06-13

RISK INFORMATION (Score: 7.2)

cvss3

Base Score: 7.2

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N

Impact Score

2.7

Exploitability

3.9

REFERENCES

Loading…

API

Access Data Using Our API

Get company history

curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?
linkedin_id=axa' -H 'apikey: YOUR_API_KEY_HERE'

Try It API Documentation Rapid

MEASURE

What Do We Measure ?

Incident

Finding

Grade

Digital Assets

Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.

These are some of the factors we use to calculate the overall score:

Network SecurityIdentify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.

SBOM (Software Bill of Materials)Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.

CMDB (Configuration Management Database)Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.

Threat IntelligenceLeverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.

Rankiteo

By Rankiteo

★ ★ ★ ★ ★

View on G2.com

Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.

View latest plans →View all security reports →

MILESTONEG

Users
Love Us

Loading…