If you are an Elementor user, you need to update your Elementor plugin immediately. Elementor just released an update to patch an Authenticated Reflected XSS vulnerability. This vulnerability allows hackers to load a script from another site and steal login credentials.
The hack was discovered by the folks at Impenetrable.tech and only affects Elementor versions 2.8.4 and below. Personally, I’ve updated a bunch of development sites and client sites which we are currently maintaining at WPStarters.com.
If it helps, you might want to consider switching over to Beaver Builder. While Beaver Builder was launched earlier than Elementor, Elementor has caught up and superseded Beaver Builder’s features. However, Beaver Builder is more stable compared to Elementor. We had a few cases where the latest Elementor update broke the client’s site and had to perform a restore. In comparison, we never had such cases with Beaver Builder.
Beaver Builder also loads faster than Elementor, if performance is something you focus on. However, Elementor comes with a larger extensions ecosystem and a large amount of templates, which you could easily apply for client work. Also, in terms of absolute WordPress page builder performance, the Oxygen Builder plugin is the one to beat.