Waisir

**Name of the Vulnerable Software and Affected Versions** Alipay plugin versions 3.6.0 and earlier for WordPress **Description** A cross-site scripting (XSS) issue exists, allowing remote attackers to inject arbitrary web script or HTML. This is related to the `getDebugInfo` function. **Recommendations** For Alipay plugin versions 3.6.0 and earlier, update to a version later than 3.6.0 to resolve the issue. As a temporary workaround, consider disabling the `getDebugInfo` function until a patch is available.