Hey there,
An XSS vulnerability does not meant that your server-side was "hacked", it simply means that someone managed to bypass your XSS filter and insert his own Javascript code on your website. That is bad of course but this doesn't mean that the attacker has any access to your server or database.
That being said, our job is to prevent such or even worse cases.
We can go through your source-code and make sure it's secure against Sql Injections, XSS, Remote/Local File Inclusions and Remote Code Execution vulnerabilities.
I'm a preferred freelancer which means I was handpicked to be part of the 1% elite team on Freelancer, I know what I'm doing and I have a plan, I would love to discuss this further with you.
Looking forward to it,
Mario A.