Our team at CourseVector is dedicated to providing top-notch managed hosting services, and we are constantly working behind the scenes to ensure our clients’ websites are secure and performing optimally. Recently, we addressed a vulnerability in the WordPress Online Booking and Scheduling Plugin – Bookly, identified as CVE-2024-5584. This issue, present in versions up to 23.2, involved stored cross-site scripting (XSS) via the Color Profile parameter, which allowed authenticated attackers with subscriber-level access to inject malicious scripts. By promptly fixing such vulnerabilities, we prevent potential security breaches and keep our clients informed about the crucial work we do to protect their sites.