diff --git a/wp-includes/class-oembed.php b/wp-includes/class-oembed.php
index e0a749d807..ce8d459898 100644
--- a/wp-includes/class-oembed.php
+++ b/wp-includes/class-oembed.php
@@ -197,6 +197,7 @@ class WP_oEmbed {
 	 * @return false|string False on failure, otherwise the oEmbed provider URL.
 	 */
 	public function get_provider( $url, $args = '' ) {
+		$args = wp_parse_args( $args );
 
 		$provider = false;
 
@@ -284,6 +285,8 @@ class WP_oEmbed {
 	 * @return false|string False on failure, otherwise the UNSANITIZED (and potentially unsafe) HTML that should be used to embed.
 	 */
 	public function get_html( $url, $args = '' ) {
+		$args = wp_parse_args( $args );
+
 		/**
 		 * Filters the oEmbed result before any HTTP requests are made.
 		 *
diff --git a/wp-includes/user.php b/wp-includes/user.php
index 45da472f12..0ef9fdfb47 100644
--- a/wp-includes/user.php
+++ b/wp-includes/user.php
@@ -27,6 +27,8 @@
  */
 function wp_signon( $credentials = array(), $secure_cookie = '' ) {
 	if ( empty($credentials) ) {
+		$credentials = array(); // Back-compat for plugins passing an empty string.
+
 		if ( ! empty($_POST['log']) )
 			$credentials['user_login'] = $_POST['log'];
 		if ( ! empty($_POST['pwd']) )
diff --git a/wp-login.php b/wp-login.php
index a9589f5685..f8c18bca9d 100644
--- a/wp-login.php
+++ b/wp-login.php
@@ -772,7 +772,7 @@ default:
 
 	$reauth = empty($_REQUEST['reauth']) ? false : true;
 
-	$user = wp_signon( '', $secure_cookie );
+	$user = wp_signon( array(), $secure_cookie );
 
 	if ( empty( $_COOKIE[ LOGGED_IN_COOKIE ] ) ) {
 		if ( headers_sent() ) {