Yep they probably could if they took it while you are sending bitcoins. In the process you would have to enter your password and for a while that would be in memory. Electrum uses python so it doesn't have the low level hardware access that say bitcoin core does. Core can scrub the memory after its done while electrum probably can't. It has to rely on the OS to do that.
ic, well meanwhile I'm testing it but with an empty test wallet. I did have to enter my password to export the private keys so normally it might be in the memdump (the password). However, I didn't find it (yet).