CVE Vulnerability Catalog
Translated CVE descriptions from NVD NIST — in English
CISA KEV catalog updated: (v2026.07.07)
The weDocs plugin for WordPress up to version 2.3.0 has a missing authorization vulnerability in the do_migration() function. Authenticated attackers with Subscriber-level access can trigger a data migration from BetterDocs to weDocs, creating and modifying 'docs' custom post type entries and deactivating BetterDocs plugins.
An Out-of-bounds Write vulnerability in WatchGuard Fireware OS allows an unauthenticated attacker on the same local network segment to execute arbitrary code. Affected versions include 11.0 up to 11.12.4_Update1, 12.0 up to 12.12, and 2025.1 up to 2026.2.
The Azure Blob Storage container used for Gardyn device logs is publicly listable without authentication. A malicious user would be able to access any device log file available in the blob storage container.
The admin panel lacks standard security headers, enabling clickjacking and cross-site scripting attacks.
Gardyn devices expose a privileged iothubowner key. Access to this key allows an attacker to invoke the IoTHub Registry Manager function, which returns connection information for all Gardyn Home Kit and Studio devices. Additionally, the key enables arbitrary command execution on a specific connected device and may allow pivoting to other devices on the user's network.
Under exceptional circumstances, WatchGuard Fireware OS on a FireCluster may use a hard-coded encryption key to encrypt saved credentials for Access Portal resources. This vulnerability affects Fireware OS versions 12.1 up to 12.12 and 2025.1 up to 2026.2.
A vulnerability in WatchGuard Fireware OS allows bypassing firmware validation when processing a backup image via the backup/restore feature. An authenticated administrator can exploit this flaw to install a tampered firmware image.
An Out-of-bounds Write vulnerability in the wgagent process of WatchGuard Fireware OS allows an authenticated privileged user to execute arbitrary code via specially crafted requests to the Management Web UI. This affects Fireware OS versions 12.1 through 12.12 and 2025.1 through 2026.2.
An Out-of-bounds Write vulnerability in the ikestubd process of WatchGuard Fireware OS allows an authenticated privileged user to execute arbitrary code via specially crafted requests to the Management Web UI.
A stored Cross-Site Scripting (XSS) vulnerability in the SIP Proxy module of WatchGuard Fireware OS allows an attacker to inject malicious scripts that execute in an administrator's browser. This is an additional unmitigated attack path for CVE-2025-6947.
A stored XSS vulnerability was discovered in the spamBlocker module of WatchGuard Fireware OS, caused by improper input neutralization during web page generation. This is an additional unmitigated attack path for CVE-2025-1071. Affected versions include Fireware OS 12.0 up to 12.12, 12.5 up to 12.5.18, and 2025.1 up to 2026.2.
Stored XSS vulnerability in the Autotask Technology Integration module of WatchGuard Fireware OS. This is an additional unmitigated attack vector for CVE-2025-13938.
A stored XSS vulnerability has been found in the WatchGuard Fireware OS ConnectWise Technology Integration module. This flaw represents an additional unmitigated attack path for the previously disclosed CVE-2025-13937.
A Stored Cross-Site Scripting (XSS) vulnerability has been discovered in the Tigerpaw Technology Integration module of WatchGuard Fireware OS. This flaw represents an additional unmitigated attack path for the previously disclosed CVE-2025-13936.
A vulnerability in the Fireware Management Web UI allows an authenticated administrator to trigger a denial-of-service (DoS) condition by sending crafted data to the put_data endpoint, which performs unsafe deserialization of attacker-supplied input.
A race condition leading to a use-after-free vulnerability in LDAP authentication for Mobile User VPN with IKEv2 in WatchGuard Fireware OS. A remote unauthenticated attacker could exploit this to execute arbitrary code in the context of the iked process on Fireboxes with Mobile VPN IKEv2 configured to use an external LDAP server.
A null pointer dereference vulnerability in WatchGuard Fireware OS allows a remote unauthenticated attacker to cause a denial-of-service (DoS) condition by sending specially crafted IKEv2 messages. This affects both Mobile User VPN with IKEv2 and Branch Office VPN using IKEv2 when configured with a dynamic gateway peer.
A local privilege escalation vulnerability in the WatchGuard Mobile VPN with SSL client for Windows allows a local attacker to escalate their privileges to NT AUTHORITY\SYSTEM on the machine where the client is installed. This issue affects the Mobile VPN with SSL client for Windows up to and including version 2026.2.
A path traversal vulnerability in the WatchGuard Fireware OS Management Web UI allows a privileged authenticated attacker to write arbitrary files on the Firebox's filesystem.
An Out-of-bounds Write vulnerability in WatchGuard Fireware OS's CLI could allow an authenticated privileged user to execute arbitrary code via a specially crafted CLI command.

