Description
WordPress Plugin Passster-Password Protection stores the password inside a cookie named "passster" using base64 encoding method which is easy to decode, if leaked. WordPress Plugin Passster-Password Protection version 3.5.5.5.1 is affected; prior versions may also be affected.
Remediation
Update to plugin version 3.5.5.5.2 or latest
References
https://wpscan.com/vulnerability/a8963750-62bf-403e-a906-94f371ed2a7a
https://plugins.svn.wordpress.org/content-protector/trunk/readme.txt
Related Vulnerabilities
WordPress Plugin Helpie FAQ-WordPress FAQ Accordion Security Bypass (0.7)
WordPress 4.0.x Multiple Vulnerabilities (4.0 - 4.0.12)
WordPress Plugin Smart Marketing SMS and Newsletters Forms Security Bypass (2.6.1)
Oracle Database Server CVE-2006-3701 Vulnerability (CVE-2006-3701)
PostgreSQL Improper Certificate Validation Vulnerability (CVE-2021-43767)