I recently stepped upon some XSS issues in Serendipity.
If you're using the remoterss plugin, you should upgrade to 1.2.1 as soon as possible. This issue is named CVE-2007-6205.
Beside I'd like to note that I got fast replies to my reports and the s9y devs fixed them quite quickly. Thanks for that!
It will bug you and I don't see much I can change to that. That's a conceptual problem of freewvs.
freewvs always checks for any vulnerability, although in many cases it'll cry about vulnerabilities that don't really affect the installation. This is not only for plugins, but also for stuff like »only affects if register_globals is set", "only a risk in combination with outdated php version" or many other cases. Especially in this case, the only way to see if this plugin is used would be to look into the database - and that's most probably not a good idea.
Anyway, s9y update process is pretty straight and usually doesn't cause much pain.