I had a user registration this morning by johnsmithuswe. I was curious since my blog is new and small and only has a few registrations total. I found this site which explains well what happened.
It appears if this is true, the vulnerability was fixed months ago, but I am curious if the registration was done by a person or a spam/hack robot? Is there any way to tell for sure?
Also, if people can post comments on my site without registering, is there any reason to allow registering at all? I turned off registering for now. Any downside to that?