Vulnerabilities > Wuzhicms > Wuzhicms > 2.1.3
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-09-21 | CVE-2020-19551 | Incorrect Authorization vulnerability in Wuzhicms Blacklist bypass issue exists in WUZHI CMS up to and including 4.1.0 in common.func.php, which when uploaded can cause remote code executiong. | 8.8 |
| 2021-09-21 | CVE-2020-19553 | Cross-site Scripting vulnerability in Wuzhicms Cross Site Scripting (XSS) vlnerability exists in WUZHI CMS up to and including 4.1.0 in the config function in coreframe/app/attachment/libs/class/ckditor.class.php. | 5.4 |