I know older versions of WordPress are vulnerable, as have discovered researchers, maybe in Finland. I don’t know what version I have. Therefore, since the method of attack is through comments, each comment must now be individually approved.
That’s until I figure out what version of WordPress is running here.
