--- wp-includes/pluggable.php.old	2010-06-06 16:44:48.000000000 +0200
+++ wp-includes/pluggable.php	2011-02-03 07:07:43.000000000 +0100
@@ -825,7 +825,7 @@
 	$adminurl = strtolower(admin_url());
 	$referer = strtolower(wp_get_referer());
 	$result = isset($_REQUEST[$query_arg]) ? wp_verify_nonce($_REQUEST[$query_arg], $action) : false;
-	if ( !$result && !(-1 == $action && strpos($referer, $adminurl) !== false) ) {
+	if ( !$result && !(-1 == $action && strpos($referer, $adminurl) === 0) ) {
 		wp_nonce_ays($action);
 		die();
 	}