Cross-site scripting (XSS) vulnerability in includes/api_tenpay/inc.tenpay_notify.php in the Alipay plugin 3.6.0 and previous versions for WordPress allows remote malicious users to inject arbitrary web script or HTML via vectors related to the getDebugInfo function.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
alipay project alipay |