An issue exists in WUZHI CMS 4.1.0. There is a CSRF vulnerability that can add a friendship link via index.php?m=link&f=index&v=add.
wuzhicms wuzhi cms 4.1.0