The Feed Statistics plugin before 4.0 for WordPress has an Open Redirect via the feed-stats-url parameter.