Unbeknownst to most people who set up a WordPress powered website, they are also putting up a big banner saying, "I am ripe for hacking." While the situation is better than it was two years ago, WordPress is still a major target for hackers and some of the problems like lack of proper escaping (relatively simple to fix) seem to have been forgotten about.
Having being involved in the web design game, I have quite a few designs loitering on the hard drive. Recently I converted these into fluid-width and fluid-height CSS templates and later into WordPress themes, which are now available for free use under the GPL. All of the templates/themes come with a font-resizing bar, which will increase the size of the site for those who have poor peepers and for general gee-whiz purposes. The bar is similar to the one above, under the RSS button.
A while back someone contacted me about their WordPress blog borking out on some of their posts. After a bit of poking about it became apparent that this was because WordPress doesn't allow high Unicode characters in the URL. At first, I thought this would just be a change to a line in .htaccess, but there are a couple of other things that need to be changed too.