When the password is changed in the configuration, CMSimple_XH sends a synchronous XHR to verify the old password. However, synchronous XHR is deprecated:
Synchronous XMLHttpRequest outside of workers is in the process of being removed from the web platform as it has detrimental effects to the end user's experience. (This is a long process that takes many years.) Developers must not pass false for the async argument when entry settings object's global object is a Window object. User agents are strongly encouraged to warn about such usage in developer tools and may experiment with throwing an InvalidAccessError exception when it occurs.
Therefore we should change the current behavior. Any suggestions?