Vulnerabilities > Passster Project > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-01-23 | CVE-2021-24837 | Unspecified vulnerability in Passster Project Passter The Passster WordPress plugin before 3.5.5.8 does not escape the area parameter of its shortcode, which could allow users with a role as low as Contributor to perform Cross-Site Scripting attacks. | 5.4 |
| 2022-10-17 | CVE-2022-3206 | Insufficiently Protected Credentials vulnerability in Passster Project Passster The Passster WordPress plugin before 3.5.5.5.2 stores the password inside a cookie named "passster" using base64 encoding method which is easy to decode. | 5.9 |