There are few scenarios you have to consider.
1. Obtaining your password from database
This is almost impossible to do. WordPress stores all passwords as hashes.
When you log in, the password you’ve entered in form is hashed and compared with the hash stored in DB.
This way you can check if the password is correct, but you can’t obtain the password from database.
And because these hashes are salted and not plain MD5, you even can’t easily guess common passwords.
So you’re completely safe from this point of view.
2. Logging passwords filled in the login form
This is completely different from 1. When you go to the login form and fill in the password, then you fill it as plain text. It is then sent to the server (again as plain text).
So, if owner of the site wants to, he can add some code* that will log/store that password during the process of logging in.
Of course it’s not recommended, because this way you will compromise passwords of your users.
*All you need to do is to use wp_authenticate
hook – it gets login and password as arguments (as you can see here), so you can do whatever you want with them.