Report
Cross-site scripting (XSS) vulnerability in includes/api_tenpay/inc.tenpay_notify.php in the Alipay plugin 3.6.0 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via vectors related to the getDebugInfo function.
Score:Unknown
Severity:Unknown
Version: 3.6.0
There is a patch available in v3.6.1 and we strongly recommend you update to this version as soon as possible.
