Translatable to plaintext without user provided information is still plaintext.
When a website stores the hash of your password on their servers for you to authenticate against they have no way to recover your plaintext password without brute-forcing the hash. They can verify that the password you sent them is correct but they can't tell you your password.
If, Mint say, encrypts your password on their servers with their own key then they still have the plaintext password because the process is reversible to them.
To do this right, Mint would be given a piece of information, say an OAuth token, which would allow them to authenticate to your bank without them knowing the password you use to log in.
They're not storing "plaintext." They're storing the "ciphertext." The fact that you can decrypt ciphertext to obtain plaintext, does not mean you are storing plaintext. You can certainly derive plaintext from it, but the actual plaintext, that is, the input to an encryption algorithm, is not stored.
If an attacker gets a database, but does not have access to the encryption key, they do not have your plaintext password.
-----
I agree, a more preferred way would be for MINT to use OAuth type data delegation. However, they're beholden to what the banks themselves support, and most do not support anything other than account impersonation via username/password.