Vulnerabilities > Wdja > Wdja CMS > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-11-03 | CVE-2020-20982 | Cross-site Scripting vulnerability in Wdja CMS 1.5.1 Cross Site Scripting (XSS) vulnerability in shadoweb wdja v1.5.1, allows attackers to execute arbitrary code and gain escalated privileges, via the backurl parameter to /php/passport/index.php. | 9.6 |
| 2021-10-06 | CVE-2020-21648 | Unspecified vulnerability in Wdja CMS 1.5.2 WDJA CMS v1.5.2 contains an arbitrary file deletion vulnerability in the component admin/cache/manage.php. | 9.1 |