Security Advisory

CVE-2022-3206

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-10-17 00:00:00

Last updated 2025-05-14 20:15:49

Assigner WPScan

State PUBLISHED

Description

The Passster WordPress plugin before 3.5.5.5.2 stores the password inside a cookie named "passster" using base64 encoding method which is easy to decode. This puts the password at risk in case the cookies get leaked.

← Browse all CVEs View on cve.org ↗