All 3 CVE vulnerabilities found in WatchTowerHQ, with AI-generated Chinese analysis, references, and POCs.
Vendor: WhatArmy
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-13972 | WatchTowerHQ <= 3.16.0 - Authenticated (Administrator+) Arbitrary File Read via 'wht_download_big_object_origin' Parameter CWE-22 | 4.9 | Medium | 2025-12-12 |
| CVE-2024-9933 | WatchTowerHQ <= 3.10.1 - Authentication Bypass to Administrator due to Missing Empty Value Check CWE-288 | 9.8 | Critical | 2024-10-26 |
| CVE-2023-25701 | WordPress WatchTowerHQ plugin <= 3.6.16 - Privilege Escalation CWE-269 | 9.8 | Critical | 2024-05-17 |
All 3 known CVE vulnerabilities affecting WatchTowerHQ with full Chinese analysis, references, and POCs where available.