Vulnerabilities > Wdja > Wdja CMS > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-10-06 | CVE-2020-21658 | Cross-Site Request Forgery (CSRF) vulnerability in Wdja CMS 1.5.2 A Cross-Site Request Forgery (CSRF) in WDJA CMS v1.5.2 allows attackers to arbitrarily add administrator accounts via a crafted URL. | 6.5 |
| 2021-01-11 | CVE-2020-23631 | Cross-Site Request Forgery (CSRF) vulnerability in Wdja CMS 1.5 Cross-site request forgery (CSRF) in admin/global/manage.php in WDJA CMS 1.5 allows remote attackers to conduct cross-site scripting (XSS) attacks via the tongji parameter. | 6.1 |