diff --git a/wp-includes/class-oembed.php b/wp-includes/class-oembed.php
index 3e19f3ba50..f605f786fb 100644
--- a/wp-includes/class-oembed.php
+++ b/wp-includes/class-oembed.php
@@ -221,6 +221,7 @@ class WP_oEmbed {
 	 * @return false|string False on failure, otherwise the oEmbed provider URL.
 	 */
 	public function get_provider( $url, $args = '' ) {
+		$args = wp_parse_args( $args );
 
 		$provider = false;
 
@@ -315,6 +316,8 @@ class WP_oEmbed {
 	 * @return false|string False on failure, otherwise the UNSANITIZED (and potentially unsafe) HTML that should be used to embed.
 	 */
 	public function get_html( $url, $args = '' ) {
+		$args = wp_parse_args( $args );
+
 		/**
 		 * Filters the oEmbed result before any HTTP requests are made.
 		 *
diff --git a/wp-includes/user.php b/wp-includes/user.php
index 69cc86c0d6..b2828d8446 100644
--- a/wp-includes/user.php
+++ b/wp-includes/user.php
@@ -27,6 +27,8 @@
  */
 function wp_signon( $credentials = array(), $secure_cookie = '' ) {
 	if ( empty($credentials) ) {
+		$credentials = array(); // Back-compat for plugins passing an empty string.
+
 		if ( ! empty($_POST['log']) )
 			$credentials['user_login'] = $_POST['log'];
 		if ( ! empty($_POST['pwd']) )
diff --git a/wp-login.php b/wp-login.php
index ed3878c293..b407ce4151 100644
--- a/wp-login.php
+++ b/wp-login.php
@@ -781,7 +781,7 @@ default:
 
 	$reauth = empty($_REQUEST['reauth']) ? false : true;
 
-	$user = wp_signon( '', $secure_cookie );
+	$user = wp_signon( array(), $secure_cookie );
 
 	if ( empty( $_COOKIE[ LOGGED_IN_COOKIE ] ) ) {
 		if ( headers_sent() ) {