The CourseVector team is always hard at work providing managed hosting, frequently stepping in to fix issues for our clients. Recently, we addressed a significant vulnerability in the Essential Addons for Elementor plugin, specifically a stored cross-site scripting (XSS) issue identified as CVE-2024-5189. This flaw, present in versions up to 5.9.23, allowed authenticated users with Contributor-level access to inject malicious scripts via the ‘custom_js’ parameter. Our proactive approach ensures that these vulnerabilities are swiftly resolved, maintaining the security and performance of our clients’ websites. We report these fixes to keep our clients informed and confident in our continuous efforts to protect their online presence.