The Passster plugin for WordPress has a security issue that can affect all versions up to 4.2.6.4. This issue, known as Stored Cross-Site Scripting, is caused by not properly checking the information entered by users. This means that attackers who are logged in with contributor-level access or higher can add harmful code to web pages that will run whenever someone visits those pages.