The CourseVector team is always busy with our managed hosting services, regularly fixing issues to keep our clients’ websites secure and efficient. Recently, we resolved a vulnerability in the Ocean Extra plugin (CVE-2024-1277), which involved stored cross-site scripting (XSS) through custom fields in versions up to 2.2.4. This flaw allowed users with contributor-level access to inject harmful scripts. By addressing such vulnerabilities promptly, we ensure our clients’ sites remain protected and inform them of our ongoing efforts to maintain their online safety and performance.