Enhancement: misconfiguration/wp-registration-enabled.yaml by md

misconfiguration/wp-registration-enabled.yaml

@@ -1,15 +1,19 @@
 id: wp-registration-enabled
 
 info:
-  name: WordPress User Registration Enabled
+  name: WordPress User Registration Panel - Detect
   author: tess,DhiyaneshDK
   severity: info
   description: |
-    Your WordPress site is currently configured so that anyone can register as a user. If you are not using this functionality, it's recommended to disable user registration as it caused some security issues in the past and is increasing the attack surface.
+    WordPress user registration is currently configured so that anyone can register as a user, thereby enabling an attacker to possibly access sensitive data and execute unathorized operations.
   remediation: |
-    Disable user registration if not needed. To disable user registration, log in as an administrator and go to Settings -> General and uncheck "Anyone can register".
+    Disable user registration if not needed. To do so, log in as an administrator and go to Settings -> General and uncheck "Anyone can register."
   reference:
     - https://www.acunetix.com/vulnerabilities/web/wordpress-user-registration-enabled/
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
+    cvss-score: 0.0
+    cwe-id: CWE-200
   metadata:
     verified: true
   tags: wordpress,wp,misconfig
@@ -35,3 +39,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by md on 2023/02/06