Doubts of VbD challenges in the Write repository

Good afternoon, can someone help me with the challenges of VbD,
I was looking at the Write repository and I really don’t understand its structure and neither
I understand those numbers that have the solutions

I was reading this Publication:

https://community.fluidattacks.com/t/vbb-unique-challenges/40

the truth I did not understand much and especially how will I know the CWE code? For example,
I want to solve the VulnHub x machine and I see that it has 2 vulnerabilities,
the first has the default login credentials and the other has a vulnerability
in the FTP service, so I have to put two CWEs of those two vulnerabilities
But I really don’t know how, can you help me please?

You can upload the two vulnerabilities in two separated features assessing every CWE separately and filling the correlations section if you think that may apply. The goal of vbd feature is to identify a vulnerability statically and dynamically, exploit the vulnerability, implement a remediation and assess its risk according to the CVSS v3 score, if a VbD app have 100 vulnerabilities you can create 100 features explaining every one of them separately.