cleantalk
Vulnerabilities and Security Researches

Passster – Password Protect Pages and Content, CVE-2022-3206

CVE, Research URL

CVE-2022-3206

Home page URL

Security reports for Passster – Password Protect Pages and Content

Application

Passster – Password Protect Pages and Content

Published on
Oct 17, 2022
Research Description
The Passster WordPress plugin before 3.5.5.5.2 stores the password inside a cookie named "passster" using base64 encoding method which is easy to decode. This puts the password at risk in case the cookies get leaked.
Affected versions
max 3.5.5.2.
Status
vulnerable
Previous vulnerability researches
Passster – Password Protect Pages and Content (CVE-2026-25036) , Feb 27, 2026
Passster – Password Protect Pages and Content (CVE-2025-14865) , Feb 27, 2026
Passster – Password Protect Pages and Content (bfdd54390f6c678c900a611cd5bef14a09d074cd) , Jun 07, 2024
Passster – Password Protect Pages and Content (CVE-2021-24881) , Jun 07, 2024
Passster – Password Protect Pages and Content (CVE-2024-2026) , Jun 07, 2024
New vulnerability
Serious Slider (CVE-2026-25399) , Feb 28, 2026
Omnipress (CVE-2026-25432) , Feb 28, 2026
MDirector Newsletter (CVE-2025-14852) , Feb 28, 2026
Alma – Pay in installments or later for WooCommerce (CVE-2026-24999) , Feb 28, 2026
Visual Website Collaboration, Feedback & Project Management – Atarim (CVE-2026-25019) , Feb 27, 2026