cleantalk
Vulnerabilities and Security Researches

Passster – Password Protect Pages and Content, CVE-2022-3206

CVE, Research URL

CVE-2022-3206

Home page URL

Security reports for Passster – Password Protect Pages and Content

Application

Passster – Password Protect Pages and Content

Published on
Oct 17, 2022
Research Description
The Passster WordPress plugin before 3.5.5.5.2 stores the password inside a cookie named "passster" using base64 encoding method which is easy to decode. This puts the password at risk in case the cookies get leaked.
Affected versions
max 3.5.5.2.
Status
vulnerable
Previous vulnerability researches
Passster – Password Protect Pages and Content (CVE-2026-25036) , Feb 27, 2026
Passster – Password Protect Pages and Content (CVE-2025-14865) , Feb 27, 2026
Passster – Password Protect Pages and Content (bfdd54390f6c678c900a611cd5bef14a09d074cd) , Jun 07, 2024
Passster – Password Protect Pages and Content (CVE-2021-24881) , Jun 07, 2024
Passster – Password Protect Pages and Content (CVE-2024-2026) , Jun 07, 2024
New vulnerability
ManageWP Worker (CVE-2026-39463) , Apr 23, 2026
Quiz Maker (CVE-2025-58014) , Apr 23, 2026
HTTP Headers (CVE-2026-2717) , Apr 23, 2026
HTTP Headers (CVE-2026-1379) , Apr 23, 2026
HTTP Headers (CVE-2026-4132) , Apr 23, 2026