As long as we’re being pedantic, no they can’t (well, I guess they can try with no hope of succeeding?). You can find a sequence of bytes which will have the same md5, but you have no way of knowing that it’s the same string of bytes which someone else used to arrive at that md5. As I alluded to in my post, that information is gone.
Also, at the risk of being pedantic, yes, some semblance of the password is definitely there. Someone can happily go off and try to brute force it.