A Cross-Site Request Forgery (CSRF) in WDJA CMS v1.5.2 allows malicious users to arbitrarily add administrator accounts via a crafted URL.
wdja wdja cms 1.5.2