Exponentcms Exponent CMS → 2.3.7

Not that you'd want to, but once you've elevated the password hashing security from '0' to higher, you can't return to '0' (md5) successfully. You can always move from md5/0 to more secure seamlessly, but with the recent bug caused by the password hash field being too small if you've initially installed a version prior to 2.3.5 and upgrade to 2.3.5+.