It appears that a new probe is being used to gain credentials which will allow users to post comment spam to (possibly only WordPress?) blogs: I’ve had a spate, since last night, of comments which include random names and email addresses (all at yahoo.com) and the comment of “google https://google.com/ yahoo https://yahoo.com”. That’s it! Nothing else, just the two words and links.
I’ve come to the conclusion that these are probes which seem innocuous to the casual blog owner, and therefore are approved to be listed. Once the comment is listed, however, WordPress automatically allows future comments using the same name and email address details. This means that the rogue spammer would be able to spam your blog at will until you unapprove all his previous comments.
I am lucky in that I have an antispam system enabled on my blog, which caught all these spams as being from bots rather than real humans. This means that all the comments were flagged for moderation in addition to the requirement for at least one previous posting that has been approved.