diff --git a/misconfiguration/wp-registration-enabled.yaml b/misconfiguration/wp-registration-enabled.yaml index f6ba1a0d20..335bcb4212 100644 --- a/misconfiguration/wp-registration-enabled.yaml +++ b/misconfiguration/wp-registration-enabled.yaml @@ -8,7 +8,10 @@ info: Your WordPress site is currently configured so that anyone can register as a user. If you are not using this functionality, it's recommended to disable user registration as it caused some security issues in the past and is increasing the attack surface. remediation: | Disable user registration if not needed. To disable user registration, log in as an administrator and go to Settings -> General and uncheck "Anyone can register". - reference: https://www.acunetix.com/vulnerabilities/web/wordpress-user-registration-enabled/ + reference: + - https://www.acunetix.com/vulnerabilities/web/wordpress-user-registration-enabled/ + metadata: + verified: true tags: wordpress,wp,misconfig requests: