Our managed hosting team is always on the move, fixing various issues to keep our clients’ sites running smoothly and securely. Recently, we addressed a vulnerability in the Page Builder by SiteOrigin plugin, specifically a stored cross-site scripting (XSS) issue in the legacy Image widget. This vulnerability, identified as CVE-2024-2202, affected versions up to 2.29.6 and allowed authenticated users with contributor-level access to inject malicious scripts. We resolved this issue to protect our clients’ websites from potential threats. We make sure to report these fixes to our clients, so they know we are diligently working behind the scenes to maintain their site’s integrity.