There are two vanilla XSS on 'wp-register.php'. Only versions <=2.0.1
appear to be affected.
More info can be found on GNUCITIZEN's BlogSecurity:
http://blogsecurity.net/wordpress/2-vanilla-xss-on-wordpress-wp-registerphp/
Regards,
–
pagvac
gnucitizen.org, ikwt.com