Path enclosure:
/wp-admin/menu.php
/wp-admin/admin.php?page=
/wp-settings.php
/wp-admin/menu-header.php
/wp-content/plugins/akismet/akismet.php
any php script in /wp-content/themes/default/
XSS:
/wp-comments-post.php in parameter 'comment'
WordPress 2.1.3 and others :)