Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
WordPress user registration enabled - Vulnerability Database

WordPress user registration enabled

Description

Your WordPress site is currently configured so that anyone can register as a user. If you are not using this functionality, it's recommended to disable user registration as it caused some security issues in the past and is increasing the attack surface.

Remediation

Disable user registration if not needed. To disable user registration, log in as an administrator and go to Settings -> General and uncheck "Anyone can register".

References

Disable user registration if not needed

Related Vulnerabilities

Trace.axd Detected High
Common tags: Configuration
Unrestricted access to Caddy API interface High
Common tags: Configuration
Unrestricted access to Kong Gateway API High
Common tags: Configuration
Joomla J!Dump extension enabled Medium
Common tags: Configuration
Joomla Debug Console enabled Medium
Common tags: Configuration

Severity

Information

Classification

CWE-16
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N

Tags

Configuration