- It's impossible to use HTTPS so users who are dependent from unencrypted wifi network are doomed.
- Even worst, the site store it's users passwords in plain-text (the maximun length limit shows that).
It's not serious considering that users trust the site with securely storing such a sensitive information as a password, and this a not secure.
That's an appeal for crackers/hackers because the presence of plain-text stored passwords is an incentive to perform an attack knowing that there will be a certain reward.
Don't hesitate to ask for more details, I will be happy to help you