id	summary	reporter	owner	description	type	status	priority	milestone	component	version	severity	resolution	keywords	cc
21420	Login without salted MD5 Password	shubhamoy		WordPress stores the password in MD5+Salt Format but never uses it for login. Suppose an attacker gets access to the database and updates the password in MD5 hash format and tries to login then he is able to do it successfully. So what's the use of storing the password in MD5+Salt when it doesn't comes into play.	defect (bug)	closed	normal		General	3.4.1	normal	invalid	close	sirzooro