Vulnerability Details CVE-2022-3206
The Passster WordPress plugin before 3.5.5.5.2 stores the password inside a cookie named "passster" using base64 encoding method which is easy to decode. This puts the password at risk in case the cookies get leaked.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 27.4%
CVSS Severity
CVSS v3 Score 5.9
References
Products affected by CVE-2022-3206
-
cpe:2.3:a:passster_project:passster:*