Building a kernel with WITHOUT_WIRELESS=yes specified in /etc/src.conf still compiles and installs kernel modules for iwlwifi under /boot/kernel. This is a bug but also a TTP-style "bug" commonly used by nation-states to inject RCEs. Not saying that's the case here but it is the sort of red flag that software vulnerability and build system scanners alert on.
WITHOUT_WIRELESS is documented in src.conf as: WITHOUT_WIRELESS Do not build programs used for 802.11 wireless networks; especially wpa_supplicant(8) and hostapd(8). When set, these options are also in effect: WITHOUT_WIRELESS_SUPPORT (unless WITH_WIRELESS_SUPPORT is set explicitly) WITHOUT_WIRELESS_SUPPORT Build libraries, programs, and kernel modules without 802.11 wireless support.
See also: https://lists.freebsd.org/archives/freebsd-arch/2024-June/000701.html As I concluded in https://lists.freebsd.org/archives/freebsd-arch/2024-June/000705.html it would be WITHOUT_WIRELESS_SUPPORT but it seems we never applied that to any wireless modules. So is nothing iwlwifi specific. Let's take it from here.
As Ed says, we don't document this as disabling wireless drivers. I think this is either not a bug, or a request for a new feature.