Automattic (who run wordpress.com) aren't responsible for the content others post on to their platform. From their Terms:
We have not reviewed, and cannot review, all of the content (such as, but not limited to, text, photo, video, audio, code, computer software, items for sale, or other materials) posted to our Services by users or anyone else (“Content”) and are not responsible for any use or effects of such Content. So, for example:
If you post Content, comment on a website, or otherwise make (or allow any third party to make) Content available on our Services, you are entirely responsible for the Content, and any harm resulting from, that Content or your conduct.
We are not a party to, and will have no responsibility or liability for, any communications, transactions, interactions, or disputes between you and the provider of any Content.
The school group is responsible for the content, and Automattic won't participate in, facilitate or arbitrate any [potential] dispute you have with the group.
The person who posted the content or their successor is entirely responsible for it and its removal. You do need to contact them and request its removal. That might be the group or its representative, or the school itself. If you have your own access, since you were a member of the group who set it up, then go ahead and remove it.
As for law, GDPR in the EU (including the UK at the moment) protects citizens of EU countries and binds companies with an operating presence in the EU. That doesn't appear to apply to Automattic. I'm unaware of any domestic US law which would apply [but that doesn't mean there isn't any].