In a website with PHP 8.2 currently using jQuery 3.3.1. It sets cookie SameSite => None, Secure => true by session_set_cookie_params() and website have SSL. The session.cookie_lifetime is set for 2 days.

The website uses payment gateway and Samesite None is required to continue session when user returns from payment gateway. Everything is working fine in website with jQuery 3.3.1 but it has some vulnerability. Hence I changed to jQuery 3.7.1.

Everything in website fine with jQuery 3.7.1, but session ends when user returns from payment gateway. I tried cleaning browser data after jQuery update and loading website but this problem continues. Website still using SameSite => None, Secure => true. These are some queries that I have.

1. Is jQuery 3.7.1 responsible for ending of user session while returning from third-party sites?
2. Whether Samesite cookie needs to be set differently if using jQuery 3.7.1?
3. Do I have to wait two days after jQuery upgrade (since session.cookie_lifetime is 2 days) to confirm this problem about user session ending?
4. Is possible to use jQuery 3.3.1 but avoid its vulnerability?