diff --git wp-admin/comment.php wp-admin/comment.php
index de5483e..e88c310 100644
--- wp-admin/comment.php
+++ wp-admin/comment.php
@@ -191,7 +191,7 @@ if ( $comment->comment_approved != '0' ) { // if not unapproved
 </tr>
 </table>
 
-<?php wp_nonce_field( $nonce_action ); ?>
+<?php wp_nonce_field( array( 'action' => $nonce_action ) ); ?>
 <input type='hidden' name='action' value='<?php echo esc_attr($formaction); ?>' />
 <input type='hidden' name='c' value='<?php echo esc_attr($comment->comment_ID); ?>' />
 <input type='hidden' name='noredir' value='1' />
diff --git wp-admin/custom-background.php wp-admin/custom-background.php
index a924eca..8d29874 100644
--- wp-admin/custom-background.php
+++ wp-admin/custom-background.php
@@ -223,7 +223,8 @@ if ( get_background_image() ) {
 <th scope="row"><?php _e('Remove Image'); ?></th>
 <td>
 <form method="post" action="">
-<?php wp_nonce_field('custom-background-remove', '_wpnonce-custom-background-remove'); ?>
+<?php wp_nonce_field( array( 'action' => 'custom-background-remove',
+							 'name' => '_wpnonce-custom-background-remove' ) ); ?>
 <?php submit_button( __( 'Remove Background Image' ), 'button', 'remove-background', false ); ?><br/>
 <?php _e('This will remove the background image. You will not be able to restore any customizations.') ?>
 </form>
@@ -237,7 +238,8 @@ if ( get_background_image() ) {
 <th scope="row"><?php _e('Restore Original Image'); ?></th>
 <td>
 <form method="post" action="">
-<?php wp_nonce_field('custom-background-reset', '_wpnonce-custom-background-reset'); ?>
+<?php wp_nonce_field( array( 'action' => 'custom-background-reset',
+							 'name' => '_wpnonce-custom-background-reset' ) ); ?>
 <?php submit_button( __( 'Restore Original Image' ), 'button', 'reset-background', false ); ?><br/>
 <?php _e('This will restore the original background image. You will not be able to restore any customizations.') ?>
 </form>
@@ -252,7 +254,8 @@ if ( get_background_image() ) {
 		<label for="upload"><?php _e( 'Choose an image from your computer:' ); ?></label><br />
 		<input type="file" id="upload" name="import" />
 		<input type="hidden" name="action" value="save" />
-		<?php wp_nonce_field( 'custom-background-upload', '_wpnonce-custom-background-upload' ); ?>
+		<?php wp_nonce_field( array( 'action' => 'custom-background-upload',
+									 'name' => '_wpnonce-custom-background-upload' ) ); ?>
 		<?php submit_button( __( 'Upload' ), 'button', 'submit', false ); ?>
 	</p>
 	<p>
@@ -328,7 +331,7 @@ if ( current_theme_supports( 'custom-background', 'default-color' ) )
 </tbody>
 </table>
 
-<?php wp_nonce_field('custom-background'); ?>
+<?php wp_nonce_field( array( 'action' => 'custom-background' ) ); ?>
 <?php submit_button( null, 'primary', 'save-background-options' ); ?>
 </form>
 
diff --git wp-admin/custom-header.php wp-admin/custom-header.php
index 1228843..f5e6618 100644
--- wp-admin/custom-header.php
+++ wp-admin/custom-header.php
@@ -517,7 +517,8 @@ class Custom_Image_Header {
 		<label for="upload"><?php _e( 'Choose an image from your computer:' ); ?></label><br />
 		<input type="file" id="upload" name="import" />
 		<input type="hidden" name="action" value="save" />
-		<?php wp_nonce_field( 'custom-header-upload', '_wpnonce-custom-header-upload' ); ?>
+		<?php wp_nonce_field( array( 'action' => 'custom-header-upload',
+									 'name' => '_wpnonce-custom-header-upload' ) ); ?>
 		<?php submit_button( __( 'Upload' ), 'button', 'submit', false ); ?>
 	</p>
 	<?php
@@ -632,7 +633,8 @@ if ( current_theme_supports( 'custom-header', 'default-text-color' ) ) {
 
 do_action( 'custom_header_options' );
 
-wp_nonce_field( 'custom-header-options', '_wpnonce-custom-header-options' ); ?>
+wp_nonce_field( array( 'action' => 'custom-header-options',
+					   'name' => '_wpnonce-custom-header-options' ) ); ?>
 
 <?php submit_button( null, 'primary', 'save-header-options' ); ?>
 </form>
@@ -726,7 +728,7 @@ wp_nonce_field( 'custom-header-options', '_wpnonce-custom-header-options' ); ?>
 	<?php if ( empty( $_POST ) && isset( $_GET['file'] ) ) { ?>
 	<input type="hidden" name="create-new-attachment" value="true" />
 	<?php } ?>
-	<?php wp_nonce_field( 'custom-header-crop-image' ) ?>
+	<?php wp_nonce_field( array( 'action' => 'custom-header-crop-image' ) ); ?>
 
 	<p class="submit">
 	<?php submit_button( __( 'Crop and Publish' ), 'primary', 'submit', false ); ?>
diff --git wp-admin/edit-form-advanced.php wp-admin/edit-form-advanced.php
index 3e485f2..3e1d40d 100644
--- wp-admin/edit-form-advanced.php
+++ wp-admin/edit-form-advanced.php
@@ -317,7 +317,7 @@ if ( isset( $post_new_file ) && current_user_can( $post_type_object->cap->create
 </div>
 
 <form name="post" action="post.php" method="post" id="post"<?php do_action('post_edit_form_tag'); ?>>
-<?php wp_nonce_field($nonce_action); ?>
+<?php wp_nonce_field( array( 'action' => $nonce_action ) ); ?>
 <input type="hidden" id="user-id" name="user_ID" value="<?php echo (int) $user_ID ?>" />
 <input type="hidden" id="hiddenaction" name="action" value="<?php echo esc_attr( $form_action ) ?>" />
 <input type="hidden" id="originalaction" name="originalaction" value="<?php echo esc_attr( $form_action ) ?>" />
@@ -334,9 +334,17 @@ if ( 'draft' != get_post_status( $post ) )
 
 echo $form_extra;
 
-wp_nonce_field( 'autosave', 'autosavenonce', false );
-wp_nonce_field( 'meta-box-order', 'meta-box-order-nonce', false );
-wp_nonce_field( 'closedpostboxes', 'closedpostboxesnonce', false );
+wp_nonce_field( array( 'action'   => 'autosave',
+					   'name'     => 'autosavenonce',
+					   'id'       => 'autosavenonce',
+					   'referrer' => false ) );
+wp_nonce_field( array( 'action'   => 'meta-box-order',
+					   'name'     => 'meta-box-order-nonce',
+					   'referrer' => false ) );
+wp_nonce_field( array( 'action'   => 'closedpostboxes',
+					   'name'     => 'closedpostboxesnonce',
+					   'id'       => 'closedpostboxesnonce',
+					   'referrer' => false ) );
 ?>
 
 <div id="poststuff">
@@ -370,7 +378,10 @@ if ( $post_type_object->public && ! ( 'pending' == get_post_status( $post ) && !
 ?>
 </div>
 <?php
-wp_nonce_field( 'samplepermalink', 'samplepermalinknonce', false );
+wp_nonce_field( array( 'action'   => 'samplepermalink',
+					   'name'     => 'samplepermalinknonce',
+					   'id'       => 'samplepermalinknonce',
+					   'referrer' => false ) );
 ?>
 </div><!-- /titlediv -->
 <?php
diff --git wp-admin/edit-form-comment.php wp-admin/edit-form-comment.php
index d9a0523..17f9642 100644
--- wp-admin/edit-form-comment.php
+++ wp-admin/edit-form-comment.php
@@ -11,7 +11,7 @@ if ( !defined('ABSPATH') )
 	die('-1');
 ?>
 <form name="post" action="comment.php" method="post" id="post">
-<?php wp_nonce_field('update-comment_' . $comment->comment_ID) ?>
+<?php wp_nonce_field( array( 'action' => 'update-comment_' . $comment->comment_ID, 'id' => '_wpnonce' ) ); ?>
 <div class="wrap">
 <?php screen_icon(); ?>
 <h2><?php _e('Edit Comment'); ?></h2>
@@ -65,7 +65,11 @@ if ( !defined('ABSPATH') )
 <?php
 	$quicktags_settings = array( 'buttons' => 'strong,em,link,block,del,ins,img,ul,ol,li,code,close' );
 	wp_editor( $comment->comment_content, 'content', array( 'media_buttons' => false, 'tinymce' => false, 'quicktags' => $quicktags_settings ) );
-	wp_nonce_field( 'closedpostboxes', 'closedpostboxesnonce', false ); ?>
+	wp_nonce_field( array( 'action'   => 'closedpostboxes',
+						   'name'     => 'closedpostboxesnonce',
+						   'id'       => 'closedpostboxesnonce',
+						   'referrer' => false ) );
+	?>
 </div>
 </div><!-- /post-body-content -->
 
diff --git wp-admin/edit-link-form.php wp-admin/edit-link-form.php
index 0aca6e7..fde1147 100644
--- wp-admin/edit-link-form.php
+++ wp-admin/edit-link-form.php
@@ -71,9 +71,14 @@ if ( !empty($form) )
 if ( !empty($link_added) )
 	echo $link_added;
 
-wp_nonce_field( $nonce_action );
-wp_nonce_field( 'closedpostboxes', 'closedpostboxesnonce', false );
-wp_nonce_field( 'meta-box-order', 'meta-box-order-nonce', false ); ?>
+wp_nonce_field( array( 'action' => $nonce_action ) );
+wp_nonce_field( array( 'action'   => 'closedpostboxes',
+					   'name'     => 'closedpostboxesnonce',
+					   'id'       => 'closedpostboxesnonce',
+					   'referrer' => false ) );
+wp_nonce_field( array( 'action'   => 'meta-box-order',
+					   'name'     => 'meta-box-order-nonce',
+					   'referrer' => false ) ); ?>
 
 <div id="poststuff">
 
diff --git wp-admin/edit-tag-form.php wp-admin/edit-tag-form.php
index 034642a..d25c332 100644
--- wp-admin/edit-tag-form.php
+++ wp-admin/edit-tag-form.php
@@ -34,7 +34,7 @@ do_action($taxonomy . '_pre_edit_form', $tag, $taxonomy); ?>
 <input type="hidden" name="action" value="editedtag" />
 <input type="hidden" name="tag_ID" value="<?php echo esc_attr($tag->term_id) ?>" />
 <input type="hidden" name="taxonomy" value="<?php echo esc_attr($taxonomy) ?>" />
-<?php wp_original_referer_field(true, 'previous'); wp_nonce_field('update-tag_' . $tag_ID); ?>
+<?php wp_original_referer_field(true, 'previous'); wp_nonce_field( array( 'action' => 'update-tag_' . $tag_ID ) ); ?>
 	<table class="form-table">
 		<tr class="form-field form-required">
 			<th scope="row" valign="top"><label for="name"><?php _ex('Name', 'Taxonomy Name'); ?></label></th>
diff --git wp-admin/edit-tags.php wp-admin/edit-tags.php
index 8375202..8007aa8 100644
--- wp-admin/edit-tags.php
+++ wp-admin/edit-tags.php
@@ -354,7 +354,8 @@ if ( current_user_can($tax->cap->edit_terms) ) {
 <input type="hidden" name="screen" value="<?php echo esc_attr($current_screen->id); ?>" />
 <input type="hidden" name="taxonomy" value="<?php echo esc_attr($taxonomy); ?>" />
 <input type="hidden" name="post_type" value="<?php echo esc_attr($post_type); ?>" />
-<?php wp_nonce_field('add-tag', '_wpnonce_add-tag'); ?>
+<?php wp_nonce_field( array( 'action' => 'add-tag',
+							 'name'   => '_wpnonce_add-tag' ) ); ?>
 
 <div class="form-field form-required">
 	<label for="tag-name"><?php _ex('Name', 'Taxonomy Name'); ?></label>
diff --git wp-admin/includes/class-wp-comments-list-table.php wp-admin/includes/class-wp-comments-list-table.php
index e7ea212..4ca9ab7 100644
--- wp-admin/includes/class-wp-comments-list-table.php
+++ wp-admin/includes/class-wp-comments-list-table.php
@@ -231,7 +231,6 @@ class WP_Comments_List_Table extends WP_List_Table {
 		}
 
 		if ( ( 'spam' == $comment_status || 'trash' == $comment_status ) && current_user_can( 'moderate_comments' ) ) {
-			wp_nonce_field( 'bulk-destroy', '_destroy_nonce' );
 			$title = ( 'spam' == $comment_status ) ? esc_attr__( 'Empty Spam' ) : esc_attr__( 'Empty Trash' );
 			submit_button( $title, 'apply', 'delete_all', false );
 		}
@@ -273,7 +272,8 @@ class WP_Comments_List_Table extends WP_List_Table {
 	function display() {
 		extract( $this->_args );
 
-		wp_nonce_field( "fetch-list-" . get_class( $this ), '_ajax_fetch_list_nonce' );
+		wp_nonce_field( array( 'action' => 'fetch-list-' . get_class( $this ),
+							   'name' => '_ajax_fetch_list_nonce' ) );
 
 		$this->display_tablenav( 'top' );
 
@@ -543,7 +543,8 @@ class WP_Post_Comments_List_Table extends WP_Comments_List_Table {
 	function display( $output_empty = false ) {
 		extract( $this->_args );
 
-		wp_nonce_field( "fetch-list-" . get_class( $this ), '_ajax_fetch_list_nonce' );
+		wp_nonce_field( array( 'action' => 'fetch-list-' . get_class( $this ),
+							   'name' => '_ajax_fetch_list_nonce' ) );
 ?>
 <table class="<?php echo implode( ' ', $this->get_table_classes() ); ?>" cellspacing="0" style="display:none;">
 	<tbody id="the-comment-list"<?php if ( $singular ) echo " data-wp-lists='list:$singular'"; ?>>
diff --git wp-admin/includes/class-wp-list-table.php wp-admin/includes/class-wp-list-table.php
index 22c35f5..a969b9e 100644
--- wp-admin/includes/class-wp-list-table.php
+++ wp-admin/includes/class-wp-list-table.php
@@ -760,7 +760,7 @@ class WP_List_Table {
 	 */
 	function display_tablenav( $which ) {
 		if ( 'top' == $which )
-			wp_nonce_field( 'bulk-' . $this->_args['plural'] );
+			wp_nonce_field( array( 'action' => 'bulk-' . $this->_args['plural'] ) );
 ?>
 	<div class="tablenav <?php echo esc_attr( $which ); ?>">
 
diff --git wp-admin/includes/class-wp-posts-list-table.php wp-admin/includes/class-wp-posts-list-table.php
index d14535e..f247c27 100644
--- wp-admin/includes/class-wp-posts-list-table.php
+++ wp-admin/includes/class-wp-posts-list-table.php
@@ -1048,7 +1048,9 @@ class WP_Posts_List_Table extends WP_List_Table {
 		<p class="submit inline-edit-save">
 			<a accesskey="c" href="#inline-edit" class="button-secondary cancel alignleft"><?php _e( 'Cancel' ); ?></a>
 			<?php if ( ! $bulk ) {
-				wp_nonce_field( 'inlineeditnonce', '_inline_edit', false );
+				wp_nonce_field( array( 'action' => 'inlineeditnonce',
+									   'name' => '_inline_edit',
+									   'referrer' => false ) );
 				?>
 				<a accesskey="s" href="#inline-edit" class="button-primary save alignright"><?php _e( 'Update' ); ?></a>
 				<span class="spinner"></span>
diff --git wp-admin/includes/class-wp-terms-list-table.php wp-admin/includes/class-wp-terms-list-table.php
index eef7ccf..e84264e 100644
--- wp-admin/includes/class-wp-terms-list-table.php
+++ wp-admin/includes/class-wp-terms-list-table.php
@@ -365,7 +365,9 @@ class WP_Terms_List_Table extends WP_List_Table {
 			<a accesskey="s" href="#inline-edit" class="save button-primary alignright"><?php echo $tax->labels->update_item; ?></a>
 			<span class="spinner"></span>
 			<span class="error" style="display:none;"></span>
-			<?php wp_nonce_field( 'taxinlineeditnonce', '_inline_edit', false ); ?>
+			<?php wp_nonce_field( array( 'action' => 'taxinlineeditnonce',
+										 'name' => '_inline_edit',
+										 'referrer' => false ) ); ?>
 			<input type="hidden" name="taxonomy" value="<?php echo esc_attr( $this->screen->taxonomy ); ?>" />
 			<input type="hidden" name="post_type" value="<?php echo esc_attr( $this->screen->post_type ); ?>" />
 			<br class="clear" />
diff --git wp-admin/includes/class-wp-theme-install-list-table.php wp-admin/includes/class-wp-theme-install-list-table.php
index 8a46199..45fcaec 100644
--- wp-admin/includes/class-wp-theme-install-list-table.php
+++ wp-admin/includes/class-wp-theme-install-list-table.php
@@ -127,7 +127,8 @@ class WP_Theme_Install_List_Table extends WP_Themes_List_Table {
 	}
 
 	function display() {
-		wp_nonce_field( "fetch-list-" . get_class( $this ), '_ajax_fetch_list_nonce' );
+		wp_nonce_field( array( 'action' => 'fetch-list-' . get_class( $this ),
+							   'name' => '_ajax_fetch_list_nonce' ) );
 ?>
 		<div class="tablenav top themes">
 			<div class="alignleft actions">
diff --git wp-admin/includes/class-wp-themes-list-table.php wp-admin/includes/class-wp-themes-list-table.php
index 684bd8b..a7e1442 100644
--- wp-admin/includes/class-wp-themes-list-table.php
+++ wp-admin/includes/class-wp-themes-list-table.php
@@ -98,7 +98,8 @@ class WP_Themes_List_Table extends WP_List_Table {
 	}
 
 	function display() {
-		wp_nonce_field( "fetch-list-" . get_class( $this ), '_ajax_fetch_list_nonce' );
+		wp_nonce_field( array( 'action' => 'fetch-list-' . get_class( $this ),
+							   'name' => '_ajax_fetch_list_nonce' ) );
 ?>
 		<?php $this->tablenav( 'top' ); ?>
 
diff --git wp-admin/includes/dashboard.php wp-admin/includes/dashboard.php
index 657402f..0c9c661 100644
--- wp-admin/includes/dashboard.php
+++ wp-admin/includes/dashboard.php
@@ -183,7 +183,8 @@ function wp_add_dashboard_widget( $widget_id, $widget_name, $callback, $control_
 function _wp_dashboard_control_callback( $dashboard, $meta_box ) {
 	echo '<form action="" method="post" class="dashboard-widget-control-form">';
 	wp_dashboard_trigger_widget_control( $meta_box['id'] );
-	wp_nonce_field( 'edit-dashboard-widget_' . $meta_box['id'], 'dashboard-widget-nonce' );
+	wp_nonce_field( array( 'action' => 'edit-dashboard-widget_' . $meta_box['id'],
+						   'name' => 'dashboard-widget-nonce' ) );
 	echo '<input type="hidden" name="widget_id" value="' . esc_attr($meta_box['id']) . '" />';
 	submit_button( __('Submit') );
 	echo '</form>';
@@ -215,8 +216,13 @@ function wp_dashboard() {
 </div>
 
 <?php
-	wp_nonce_field( 'closedpostboxes', 'closedpostboxesnonce', false );
-	wp_nonce_field( 'meta-box-order', 'meta-box-order-nonce', false );
+	wp_nonce_field( array( 'action' => 'closedpostboxes',
+						   'name' => 'closedpostboxesnonce',
+						   'id' => 'closedpostboxesnonce',
+						   'referrer' => false ) );
+	wp_nonce_field( array( 'action'   => 'meta-box-order',
+						   'name'     => 'meta-box-order-nonce',
+						   'referrer' => false ) );
 
 }
 
@@ -557,7 +563,7 @@ function wp_dashboard_quick_press() {
 			<input type="hidden" name="action" id="quickpost-action" value="post-quickpress-save" />
 			<input type="hidden" name="post_ID" value="<?php echo $post_ID; ?>" />
 			<input type="hidden" name="post_type" value="post" />
-			<?php wp_nonce_field('add-post'); ?>
+			<?php wp_nonce_field( array( 'action' => 'add-post' ) ); ?>
 			<?php submit_button( __( 'Save Draft' ), 'button', 'save', false, array( 'id' => 'save-post' ) ); ?>
 			<input type="reset" value="<?php esc_attr_e( 'Reset' ); ?>" class="button" />
 			<br class="clear" />
diff --git wp-admin/includes/media.php wp-admin/includes/media.php
index 91937c5..f9cb433 100644
--- wp-admin/includes/media.php
+++ wp-admin/includes/media.php
@@ -1656,7 +1656,7 @@ function media_upload_type_form($type = 'file', $errors = null, $id = null) {
 <form enctype="multipart/form-data" method="post" action="<?php echo esc_url( $form_action_url ); ?>" class="<?php echo $form_class; ?>" id="<?php echo $type; ?>-form">
 <?php submit_button( '', 'hidden', 'save', false ); ?>
 <input type="hidden" name="post_id" id="post_id" value="<?php echo (int) $post_id; ?>" />
-<?php wp_nonce_field('media-form'); ?>
+<?php wp_nonce_field( array( 'action' => 'media-form' ) ); ?>
 
 <h3 class="media-title"><?php _e('Add media files from your computer'); ?></h3>
 
@@ -1720,7 +1720,7 @@ function media_upload_type_url_form($type = null, $errors = null, $id = null) {
 
 <form enctype="multipart/form-data" method="post" action="<?php echo esc_url( $form_action_url ); ?>" class="<?php echo $form_class; ?>" id="<?php echo $type; ?>-form">
 <input type="hidden" name="post_id" id="post_id" value="<?php echo (int) $post_id; ?>" />
-<?php wp_nonce_field('media-form'); ?>
+<?php wp_nonce_field( array( 'action' => 'media-form' ) ); ?>
 
 <h3 class="media-title"><?php _e('Insert media from another website'); ?></h3>
 
@@ -1870,7 +1870,7 @@ jQuery(function($){
 <a href="#" id="clear"><?php _ex('Clear', 'verb'); ?></a>
 </div>
 <form enctype="multipart/form-data" method="post" action="<?php echo esc_url( $form_action_url ); ?>" class="<?php echo $form_class; ?>" id="gallery-form">
-<?php wp_nonce_field('media-form'); ?>
+<?php wp_nonce_field( array( 'action' => 'media-form' ) ); ?>
 <?php //media_upload_form( $errors ); ?>
 <table class="widefat" cellspacing="0">
 <thead><tr>
@@ -2111,7 +2111,7 @@ foreach ($arc_result as $arc_row) {
 
 <form enctype="multipart/form-data" method="post" action="<?php echo esc_url( $form_action_url ); ?>" class="<?php echo $form_class; ?>" id="library-form">
 
-<?php wp_nonce_field('media-form'); ?>
+<?php wp_nonce_field( array( 'action' => 'media-form' ) ); ?>
 <?php //media_upload_form( $errors ); ?>
 
 <script type="text/javascript">
diff --git wp-admin/includes/meta-boxes.php wp-admin/includes/meta-boxes.php
index 8fc4214..e19ba70 100644
--- wp-admin/includes/meta-boxes.php
+++ wp-admin/includes/meta-boxes.php
@@ -421,7 +421,9 @@ function post_categories_meta_box( $post, $box ) {
 					</label>
 					<?php wp_dropdown_categories( array( 'taxonomy' => $taxonomy, 'hide_empty' => 0, 'name' => 'new'.$taxonomy.'_parent', 'orderby' => 'name', 'hierarchical' => 1, 'show_option_none' => '&mdash; ' . $tax->labels->parent_item . ' &mdash;' ) ); ?>
 					<input type="button" id="<?php echo $taxonomy; ?>-add-submit" data-wp-lists="add:<?php echo $taxonomy ?>checklist:<?php echo $taxonomy ?>-add" class="button category-add-submit" value="<?php echo esc_attr( $tax->labels->add_new_item ); ?>" />
-					<?php wp_nonce_field( 'add-'.$taxonomy, '_ajax_nonce-add-'.$taxonomy, false ); ?>
+					<?php wp_nonce_field( array( 'action' => 'add-'.$taxonomy,
+												 'name' => '_ajax_nonce-add-'.$taxonomy,
+												 'referrer' => false ) ); ?>
 					<span id="<?php echo $taxonomy; ?>-ajax-response"></span>
 				</p>
 			</div>
@@ -535,7 +537,9 @@ function post_comment_meta_box_thead($result) {
 function post_comment_meta_box( $post ) {
 	global $wpdb;
 
-	wp_nonce_field( 'get-comments', 'add_comment_nonce', false );
+	wp_nonce_field( array( 'action' => 'get-comments',
+						   'name' => 'add_comment_nonce',
+						   'referrer' => false ) );
 	?>
 	<p class="hide-if-no-js" id="add-new-comment"><a href="#commentstatusdiv" onclick="commentReply.addcomment(<?php echo $post->ID; ?>);return false;"><?php _e('Add comment'); ?></a></p>
 	<?php
@@ -753,7 +757,9 @@ function link_categories_meta_box($link) {
 			<label class="screen-reader-text" for="newcat"><?php _e( '+ Add New Category' ); ?></label>
 			<input type="text" name="newcat" id="newcat" class="form-required form-input-tip" value="<?php esc_attr_e( 'New category name' ); ?>" aria-required="true" />
 			<input type="button" id="link-category-add-submit" data-wp-lists="add:categorychecklist:link-category-add" class="button" value="<?php esc_attr_e( 'Add' ); ?>" />
-			<?php wp_nonce_field( 'add-link-category', '_ajax_nonce', false ); ?>
+			<?php wp_nonce_field( array( 'action' => 'add-link-category',
+										 'name' => '_ajax_nonce',
+										 'referrer' => false ) ); ?>
 			<span id="category-ajax-response"></span>
 		</p>
 	</div>
diff --git wp-admin/includes/plugin-install.php wp-admin/includes/plugin-install.php
index 0c2cd8b..a14d08a 100644
--- wp-admin/includes/plugin-install.php
+++ wp-admin/includes/plugin-install.php
@@ -145,7 +145,7 @@ function install_plugins_upload( $page = 1 ) {
 	<h4><?php _e('Install a plugin in .zip format'); ?></h4>
 	<p class="install-help"><?php _e('If you have a plugin in a .zip format, you may install it by uploading it here.'); ?></p>
 	<form method="post" enctype="multipart/form-data" class="wp-upload-form" action="<?php echo self_admin_url('update.php?action=upload-plugin'); ?>">
-		<?php wp_nonce_field( 'plugin-upload'); ?>
+		<?php wp_nonce_field( array( 'action' => 'plugin-upload' ) ); ?>
 		<label class="screen-reader-text" for="pluginzip"><?php _e('Plugin zip file'); ?></label>
 		<input type="file" id="pluginzip" name="pluginzip" />
 		<?php submit_button( __( 'Install Now' ), 'button', 'install-plugin-submit', false ); ?>
diff --git wp-admin/includes/plugin.php wp-admin/includes/plugin.php
index 1a9a7a6..b6c2feb 100644
--- wp-admin/includes/plugin.php
+++ wp-admin/includes/plugin.php
@@ -1759,5 +1759,5 @@ function remove_option_whitelist( $del_options, $options = '' ) {
 function settings_fields($option_group) {
 	echo "<input type='hidden' name='option_page' value='" . esc_attr($option_group) . "' />";
 	echo '<input type="hidden" name="action" value="update" />';
-	wp_nonce_field("$option_group-options");
+	wp_nonce_field( array( 'action' => "$option_group-options" ) );
 }
diff --git wp-admin/includes/screen.php wp-admin/includes/screen.php
index 2ab5161..85a5c3f 100644
--- wp-admin/includes/screen.php
+++ wp-admin/includes/screen.php
@@ -991,7 +991,9 @@ final class WP_Screen {
 		echo $this->_screen_settings;
 
 		?>
-		<div><?php wp_nonce_field( 'screen-options-nonce', 'screenoptionnonce', false ); ?></div>
+		<div><?php wp_nonce_field( array( 'action' => 'screen-options-nonce',
+										  'name' => 'screenoptionnonce',
+										  'referrer' => false ) ); ?></div>
 		</form>
 		</div>
 		<?php
diff --git wp-admin/includes/template.php wp-admin/includes/template.php
index 9b2128e..28d1920 100644
--- wp-admin/includes/template.php
+++ wp-admin/includes/template.php
@@ -370,9 +370,13 @@ function wp_comment_reply($position = '1', $checkbox = false, $mode = 'single',
 	<input type="hidden" name="checkbox" id="checkbox" value="<?php echo $checkbox ? 1 : 0; ?>" />
 	<input type="hidden" name="mode" id="mode" value="<?php echo esc_attr($mode); ?>" />
 	<?php
-		wp_nonce_field( 'replyto-comment', '_ajax_nonce-replyto-comment', false );
+		wp_nonce_field( array( 'action' => 'replyto-comment',
+							   'name' => '_ajax_nonce-replyto-comment',
+							   'referrer' => false ) );
 		if ( current_user_can( 'unfiltered_html' ) )
-			wp_nonce_field( 'unfiltered-html-comment', '_wp_unfiltered_html_comment', false );
+			wp_nonce_field( array( 'action' => 'unfiltered-html-comment',
+								   'name' => '_wp_unfiltered_html_comment',
+								   'referrer' => false ) );
 	?>
 <?php if ( $table_row ) : ?>
 </td></tr></tbody></table>
@@ -492,7 +496,9 @@ function _list_meta_row( $entry, &$count ) {
 	$r .= "\n\t\t";
 	$r .= get_submit_button( __( 'Update' ), 'updatemeta small', "meta-{$entry['meta_id']}-submit", false, array( 'data-wp-lists' => "add:the-list:meta-{$entry['meta_id']}::_ajax_nonce-add-meta=$update_nonce" ) );
 	$r .= "</div>";
-	$r .= wp_nonce_field( 'change-meta', '_ajax_nonce', false, false );
+	$r .= wp_nonce_field( array( 'action' => 'change-meta', // Where is this nonce field actually checked? Doesn't look like it's used anywhere.
+								 'name' => '_ajax_nonce', 'id' => '_ajax_nonce',
+								 'referrer' => false, 'echo' => false ) );
 	$r .= "</td>";
 
 	$r .= "\n\t\t<td><label class='screen-reader-text' for='meta[{$entry['meta_id']}][value]'>" . __( 'Value' ) . "</label><textarea name='meta[{$entry['meta_id']}][value]' id='meta[{$entry['meta_id']}][value]' rows='2' cols='30'>{$entry['meta_value']}</textarea></td>\n\t</tr>";
@@ -556,7 +562,9 @@ function meta_form() {
 <div class="submit">
 <?php submit_button( __( 'Add Custom Field' ), 'secondary', 'addmeta', false, array( 'id' => 'newmeta-submit', 'data-wp-lists' => 'add:the-list:newmeta' ) ); ?>
 </div>
-<?php wp_nonce_field( 'add-meta', '_ajax_nonce-add-meta', false ); ?>
+<?php wp_nonce_field( array( 'action' => 'add-meta',
+							 'name' => '_ajax_nonce-add-meta',
+							 'referrer' => false ) ); ?>
 </td></tr>
 </tbody>
 </table>
@@ -1337,7 +1345,9 @@ function find_posts_div($found_action = '') {
 				<?php } ?>
 
 				<input type="hidden" name="affected" id="affected" value="" />
-				<?php wp_nonce_field( 'find-posts', '_ajax_nonce', false ); ?>
+				<?php wp_nonce_field( array( 'action' => 'find-posts',
+											 'name' => '_ajax_nonce',
+											 'referrer' => false ) ); ?>
 				<label class="screen-reader-text" for="find-posts-input"><?php _e( 'Search' ); ?></label>
 				<input type="text" id="find-posts-input" name="ps" value="" />
 				<span class="spinner"></span>
diff --git wp-admin/includes/theme-install.php wp-admin/includes/theme-install.php
index 63be1d7..3f8925f 100644
--- wp-admin/includes/theme-install.php
+++ wp-admin/includes/theme-install.php
@@ -139,7 +139,7 @@ function install_themes_upload($page = 1) {
 <h4><?php _e('Install a theme in .zip format'); ?></h4>
 <p class="install-help"><?php _e('If you have a theme in a .zip format, you may install it by uploading it here.'); ?></p>
 <form method="post" enctype="multipart/form-data" class="wp-upload-form" action="<?php echo self_admin_url('update.php?action=upload-theme'); ?>">
-	<?php wp_nonce_field( 'theme-upload'); ?>
+	<?php wp_nonce_field( array( 'action' => 'theme-upload' ) ); ?>
 	<input type="file" name="themezip" />
 	<?php submit_button( __( 'Install Now' ), 'button', 'install-theme-submit', false ); ?>
 </form>
diff --git wp-admin/index.php wp-admin/index.php
index b476267..3a4e6b0 100644
--- wp-admin/index.php
+++ wp-admin/index.php
@@ -118,7 +118,9 @@ $today = current_time('mysql', 1);
 		$classes .= ' hidden'; ?>
 
  	<div id="welcome-panel" class="<?php echo esc_attr( $classes ); ?>">
- 		<?php wp_nonce_field( 'welcome-panel-nonce', 'welcomepanelnonce', false ); ?>
+ 		<?php wp_nonce_field( array( 'action'   => 'welcome-panel-nonce',
+									 'name'     => 'welcomepanelnonce',
+									 'referrer' => false ) ); ?>
 		<a class="welcome-panel-close" href="<?php echo esc_url( admin_url( '?welcome=0' ) ); ?>"><?php _e( 'Dismiss' ); ?></a>
 		<?php do_action( 'welcome_panel' ); ?>
 	</div>
diff --git wp-admin/js/common.js wp-admin/js/common.js
index cd9ede7..c5cc066 100644
--- wp-admin/js/common.js
+++ wp-admin/js/common.js
@@ -30,7 +30,7 @@ columns = {
 		$.post(ajaxurl, {
 			action: 'hidden-columns',
 			hidden: hidden,
-			screenoptionnonce: $('#screenoptionnonce').val(),
+			screenoptionnonce: $('input[name="screenoptionnonce"]').val(),
 			page: pagenow
 		});
 	},
diff --git wp-admin/js/dashboard.js wp-admin/js/dashboard.js
index 50a17f8..d47c956 100644
--- wp-admin/js/dashboard.js
+++ wp-admin/js/dashboard.js
@@ -8,7 +8,7 @@ jQuery(document).ready( function($) {
 			$.post( ajaxurl, {
 				action: 'update-welcome-panel',
 				visible: visible,
-				welcomepanelnonce: $('#welcomepanelnonce').val()
+				welcomepanelnonce: $('input[name="welcomepanelnonce"]').val()
 			});
 		};
 
diff --git wp-admin/js/edit-comments.js wp-admin/js/edit-comments.js
index 038a1e5..531b1e8 100644
--- wp-admin/js/edit-comments.js
+++ wp-admin/js/edit-comments.js
@@ -263,7 +263,7 @@ setCommentsList = function() {
 		args = $.extend(args, {
 			'action': 'fetch-list',
 			'list_args': list_args,
-			'_ajax_fetch_list_nonce': $('#_ajax_fetch_list_nonce').val()
+			'_ajax_fetch_list_nonce': $('input[name="_ajax_fetch_list_nonce"]').val()
 		});
 
 		$.ajax({
diff --git wp-admin/js/media.js wp-admin/js/media.js
index b4ed0fb..a3aabce 100644
--- wp-admin/js/media.js
+++ wp-admin/js/media.js
@@ -48,7 +48,7 @@ var findPosts;
 			var post = {
 					ps: $('#find-posts-input').val(),
 					action: 'find_posts',
-					_ajax_nonce: $('#_ajax_nonce').val()
+					_ajax_nonce: $('input[name="_ajax_nonce"]').val()
 				},
 				spinner = $( '.find-box-search .spinner' );
 
diff --git wp-admin/js/nav-menu.js wp-admin/js/nav-menu.js
index ee829da..21bbd1e 100644
--- wp-admin/js/nav-menu.js
+++ wp-admin/js/nav-menu.js
@@ -808,7 +808,7 @@ var wpNavMenu;
 		attachThemeLocationsListeners : function() {
 			var loc = $('#nav-menu-theme-locations'), params = {};
 			params['action'] = 'menu-locations-save';
-			params['menu-settings-column-nonce'] = $('#menu-settings-column-nonce').val();
+			params['menu-settings-column-nonce'] = $('input[name="menu-settings-column-nonce"]').val();
 			loc.find('input[type="submit"]').click(function() {
 				loc.find('select').each(function() {
 					params[this.name] = $(this).val();
@@ -852,7 +852,7 @@ var wpNavMenu;
 				'action': 'menu-quick-search',
 				'response-format': 'markup',
 				'menu': $('#menu').val(),
-				'menu-settings-column-nonce': $('#menu-settings-column-nonce').val(),
+				'menu-settings-column-nonce': $('input[name="menu-settings-column-nonce"]').val(),
 				'q': q,
 				'type': input.attr('name')
 			};
@@ -899,7 +899,7 @@ var wpNavMenu;
 
 		addItemToMenu : function(menuItem, processMethod, callback) {
 			var menu = $('#menu').val(),
-				nonce = $('#menu-settings-column-nonce').val();
+				nonce = $('input[name="menu-settings-column-nonce"]').val();
 
 			processMethod = processMethod || function(){};
 			callback = callback || function(){};
diff --git wp-admin/js/post.js wp-admin/js/post.js
index dd3a427..082080c 100644
--- wp-admin/js/post.js
+++ wp-admin/js/post.js
@@ -190,7 +190,7 @@ commentsBox = {
 		data = {
 			'action' : 'get-comments',
 			'mode' : 'single',
-			'_ajax_nonce' : $('#add_comment_nonce').val(),
+			'_ajax_nonce' : $('input[name="add_comment_nonce"]').val(),
 			'p' : $('#post_ID').val(),
 			'start' : st,
 			'number' : num
diff --git wp-admin/js/postbox.js wp-admin/js/postbox.js
index 838db5d..e4a9f37 100644
--- wp-admin/js/postbox.js
+++ wp-admin/js/postbox.js
@@ -121,7 +121,7 @@ var postboxes;
 
 			postVars = {
 				action: 'meta-box-order',
-				_ajax_nonce: $('#meta-box-order-nonce').val(),
+				_ajax_nonce: $('input[name="meta-box-order-nonce"]').val(),
 				page_columns: page_columns,
 				page: page
 			}
diff --git wp-admin/js/theme.js wp-admin/js/theme.js
index 079c73b..71bdb6d 100644
--- wp-admin/js/theme.js
+++ wp-admin/js/theme.js
@@ -123,7 +123,7 @@ jQuery( document ).ready( function($) {
  * @uses ajaxurl
  * @uses list_args
  * @uses theme_list_args
- * @uses $('#_ajax_fetch_list_nonce').val()
+ * @uses $('input[name="_ajax_fetch_list_nonce"]').val()"
 * */
 var ThemeScroller;
 (function($){
@@ -151,7 +151,7 @@ var ThemeScroller;
 			}
 
 			// Handle inputs
-			this.nonce = $('#_ajax_fetch_list_nonce').val();
+			this.nonce = $('input[name="_ajax_fetch_list_nonce"]').val();
 			this.nextPage = ( theme_list_args.paged + 1 );
 
 			// Cache jQuery selectors
diff --git wp-admin/js/widgets.js wp-admin/js/widgets.js
index 87be4dd..7b03f0e 100644
--- wp-admin/js/widgets.js
+++ wp-admin/js/widgets.js
@@ -180,7 +180,7 @@ wpWidgets = {
 
 		var a = {
 			action: 'widgets-order',
-			savewidgets: $('#_wpnonce_widgets').val(),
+			savewidgets: $('input[name="_wpnonce_widgets"]').val(),
 			sidebars: []
 		};
 
@@ -203,7 +203,7 @@ wpWidgets = {
 
 		a = {
 			action: 'save-widget',
-			savewidgets: $('#_wpnonce_widgets').val(),
+			savewidgets: $('input[name="_wpnonce_widgets"]').val(),
 			sidebar: sb
 		};
 
diff --git wp-admin/media-new.php wp-admin/media-new.php
index e428811..0c126b0 100644
--- wp-admin/media-new.php
+++ wp-admin/media-new.php
@@ -76,7 +76,7 @@ if ( get_user_setting('uploader') || isset( $_GET['browser-uploader'] ) )
 	var post_id = <?php echo $post_id; ?>, shortform = 3;
 	</script>
 	<input type="hidden" name="post_id" id="post_id" value="<?php echo $post_id; ?>" />
-	<?php wp_nonce_field('media-form'); ?>
+	<?php wp_nonce_field( array( 'action' => 'media-form' ) ); ?>
 	<div id="media-items" class="hide-if-no-js"></div>
 	</form>
 </div>
diff --git wp-admin/media.php wp-admin/media.php
index 15d4323..df46a56 100644
--- wp-admin/media.php
+++ wp-admin/media.php
@@ -128,7 +128,7 @@ if ( current_user_can( 'upload_files' ) ) { ?>
 <input type="hidden" name="attachment_id" id="attachment_id" value="<?php echo esc_attr($att_id); ?>" />
 <input type="hidden" name="action" value="editattachment" />
 <?php wp_original_referer_field(true, 'previous'); ?>
-<?php wp_nonce_field('media-form'); ?>
+<?php wp_nonce_field( array( 'action' => 'media-form' ) ); ?>
 
 </form>
 
diff --git wp-admin/ms-delete-site.php wp-admin/ms-delete-site.php
index 7d772c2..823d5d4 100644
--- wp-admin/ms-delete-site.php
+++ wp-admin/ms-delete-site.php
@@ -72,7 +72,7 @@ Webmaster
 	<p><?php _e( 'Remember, once deleted your site cannot be restored.' ) ?></p>
 
 	<form method="post" name="deletedirect">
-		<?php wp_nonce_field( 'delete-blog' ) ?>
+		<?php wp_nonce_field( array( 'action' => 'delete-blog' ) ); ?>
 		<input type="hidden" name="action" value="deleteblog" />
 		<p><input id="confirmdelete" type="checkbox" name="confirmdelete" value="1" /> <label for="confirmdelete"><strong><?php printf( __( "I'm sure I want to permanently disable my site, and I am aware I can never get it back or use %s again." ), is_subdomain_install() ? $blog->domain : $blog->domain . $blog->path ); ?></strong></label></p>
 		<?php submit_button( __( 'Delete My Site Permanently' ) ); ?>
diff --git wp-admin/my-sites.php wp-admin/my-sites.php
index 2ef4ca7..6738c00 100644
--- wp-admin/my-sites.php
+++ wp-admin/my-sites.php
@@ -111,7 +111,7 @@ else :
 	}?>
 	</table>
 	<input type="hidden" name="action" value="updateblogsettings" />
-	<?php wp_nonce_field( 'update-my-sites' ); ?>
+	<?php wp_nonce_field( array( 'action' => 'update-my-sites' ) ); ?>
 	<?php submit_button(); ?>
 	</form>
 <?php endif; ?>
diff --git wp-admin/nav-menus.php wp-admin/nav-menus.php
index 8e00908..0e191b0 100644
--- wp-admin/nav-menus.php
+++ wp-admin/nav-menus.php
@@ -655,7 +655,8 @@ require_once( './admin-header.php' );
 		<form id="nav-menu-meta" action="" class="nav-menu-meta" method="post" enctype="multipart/form-data">
 			<input type="hidden" name="menu" id="nav-menu-meta-object-id" value="<?php echo esc_attr( $nav_menu_selected_id ); ?>" />
 			<input type="hidden" name="action" value="add-menu-item" />
-			<?php wp_nonce_field( 'add-menu_item', 'menu-settings-column-nonce' ); ?>
+			<?php wp_nonce_field( array( 'action' => 'add-menu_item',
+										 'name' => 'menu-settings-column-nonce' ) ); ?>
 			<?php do_accordion_sections( 'nav-menus', 'side', null ); ?>
 		</form>
 
@@ -665,9 +666,15 @@ require_once( './admin-header.php' );
 			<form id="update-nav-menu" action="" method="post" enctype="multipart/form-data">
 				<div class="menu-edit <?php if ( $add_new_screen ) echo 'blank-slate'; ?>">
 					<?php
-					wp_nonce_field( 'closedpostboxes', 'closedpostboxesnonce', false );
-					wp_nonce_field( 'meta-box-order', 'meta-box-order-nonce', false );
-					wp_nonce_field( 'update-nav_menu', 'update-nav-menu-nonce' );
+					wp_nonce_field( array( 'action' => 'closedpostboxes',
+										   'name' => 'closedpostboxesnonce',
+										   'id' => 'closedpostboxesnonce',
+										   'referrer' => false ) );
+					wp_nonce_field( array( 'action'   => 'meta-box-order',
+										   'name'     => 'meta-box-order-nonce',
+										   'referrer' => false ) );
+					wp_nonce_field( array( 'action' => 'update-nav_menu',
+										   'name' => 'update-nav-menu-nonce' ) );
 
 					if ( $one_theme_location_no_menus ) { ?>
 						<input type="hidden" name="zero-menu-state" value="true" />
diff --git wp-admin/network.php wp-admin/network.php
index 34ab517..045ab01 100644
--- wp-admin/network.php
+++ wp-admin/network.php
@@ -172,7 +172,7 @@ function network_step1( $errors = false ) {
 
 	echo '<form method="post" action="">';
 
-	wp_nonce_field( 'install-network-1' );
+	wp_nonce_field( array( 'action' => 'install-network-1' ) );
 
 	$error_codes = array();
 	if ( is_wp_error( $errors ) ) {
diff --git wp-admin/network/settings.php wp-admin/network/settings.php
index e745694..8f36434 100644
--- wp-admin/network/settings.php
+++ wp-admin/network/settings.php
@@ -83,7 +83,7 @@ if ( isset( $_GET['updated'] ) ) {
 	<?php screen_icon('options-general'); ?>
 	<h2><?php echo esc_html( $title ); ?></h2>
 	<form method="post" action="settings.php">
-		<?php wp_nonce_field( 'siteoptions' ); ?>
+		<?php wp_nonce_field( array( 'action' => 'siteoptions' ) ); ?>
 		<h3><?php _e( 'Operational Settings' ); ?></h3>
 		<table class="form-table">
 			<tr valign="top">
diff --git wp-admin/network/site-info.php wp-admin/network/site-info.php
index 7dd6aeb..4008ad3 100644
--- wp-admin/network/site-info.php
+++ wp-admin/network/site-info.php
@@ -118,7 +118,7 @@ if ( ! empty( $messages ) ) {
 		echo '<div id="message" class="updated"><p>' . $msg . '</p></div>';
 } ?>
 <form method="post" action="site-info.php?action=update-site">
-	<?php wp_nonce_field( 'edit-site' ); ?>
+	<?php wp_nonce_field( array( 'action' => 'edit-site' ) ); ?>
 	<input type="hidden" name="id" value="<?php echo esc_attr( $id ) ?>" />
 	<table class="form-table">
 		<tr class="form-field form-required">
diff --git wp-admin/network/site-new.php wp-admin/network/site-new.php
index 9fc5eef..cff37a4 100644
--- wp-admin/network/site-new.php
+++ wp-admin/network/site-new.php
@@ -120,7 +120,8 @@ if ( ! empty( $messages ) ) {
 		echo '<div id="message" class="updated"><p>' . $msg . '</p></div>';
 } ?>
 <form method="post" action="<?php echo network_admin_url('site-new.php?action=add-site'); ?>">
-<?php wp_nonce_field( 'add-blog', '_wpnonce_add-blog' ) ?>
+<?php wp_nonce_field( array( 'action' => 'add-blog',
+							 'name'   => '_wpnonce_add-blog' ) ); ?>
 	<table class="form-table">
 		<tr class="form-field form-required">
 			<th scope="row"><?php _e( 'Site Address' ) ?></th>
diff --git wp-admin/network/site-settings.php wp-admin/network/site-settings.php
index c3aec75..64fcf77 100644
--- wp-admin/network/site-settings.php
+++ wp-admin/network/site-settings.php
@@ -104,7 +104,7 @@ if ( ! empty( $messages ) ) {
 		echo '<div id="message" class="updated"><p>' . $msg . '</p></div>';
 } ?>
 <form method="post" action="site-settings.php?action=update-site">
-	<?php wp_nonce_field( 'edit-site' ); ?>
+	<?php wp_nonce_field( array( 'action' => 'edit-site' ) ); ?>
 	<input type="hidden" name="id" value="<?php echo esc_attr( $id ) ?>" />
 	<table class="form-table">
 		<?php
diff --git wp-admin/network/site-users.php wp-admin/network/site-users.php
index 0812b50..ebfc85d 100644
--- wp-admin/network/site-users.php
+++ wp-admin/network/site-users.php
@@ -267,7 +267,8 @@ endif; ?>
 			</select></td>
 		</tr>
 	</table>
-	<?php wp_nonce_field( 'add-user', '_wpnonce_add-user' ) ?>
+	<?php wp_nonce_field( array( 'action' => 'add-user',
+								 'name'   => '_wpnonce_add-user' ) ); ?>
 	<?php submit_button( __( 'Add User' ), 'primary', 'add-user', true, array( 'id' => 'submit-add-existing-user' ) ); ?>
 </form>
 <?php endif; ?>
@@ -301,7 +302,8 @@ endif; ?>
 			<td colspan="2"><?php _e( 'Username and password will be mailed to the above email address.' ) ?></td>
 		</tr>
 	</table>
-	<?php wp_nonce_field( 'add-user', '_wpnonce_add-new-user' ) ?>
+	<?php wp_nonce_field( array( 'action' => 'add-user',
+								 'name'   => '_wpnonce_add-new-user' ) ); ?>
 	<?php submit_button( __( 'Add New User' ), 'primary', 'add-user', true, array( 'id' => 'submit-add-user' ) ); ?>
 </form>
 <?php endif; ?>
diff --git wp-admin/network/sites.php wp-admin/network/sites.php
index 93341c3..0fd9532 100644
--- wp-admin/network/sites.php
+++ wp-admin/network/sites.php
@@ -78,7 +78,7 @@ if ( isset( $_GET['action'] ) ) {
 					<input type="hidden" name="action" value="<?php echo esc_attr( $_GET['action2'] ) ?>" />
 					<input type="hidden" name="id" value="<?php echo esc_attr( $id ); ?>" />
 					<input type="hidden" name="_wp_http_referer" value="<?php echo esc_attr( wp_get_referer() ); ?>" />
-					<?php wp_nonce_field( $_GET['action2'], '_wpnonce', false ); ?>
+					<?php wp_nonce_field( array( 'action' => $_GET['action2'], 'referrer' => false ) ); ?>
 					<p><?php echo esc_html( wp_unslash( $_GET['msg'] ) ); ?></p>
 					<?php submit_button( __('Confirm'), 'button' ); ?>
 				</form>
diff --git wp-admin/network/themes.php wp-admin/network/themes.php
index 04840ee..e4a1a9b 100644
--- wp-admin/network/themes.php
+++ wp-admin/network/themes.php
@@ -154,7 +154,7 @@ if ( $action ) {
 						foreach ( (array) $themes as $theme )
 							echo '<input type="hidden" name="checked[]" value="' . esc_attr($theme) . '" />';
 					?>
-					<?php wp_nonce_field('bulk-themes') ?>
+					<?php wp_nonce_field( array( 'action' => 'bulk-themes' ) ); ?>
 					<?php submit_button( _n( 'Yes, Delete this theme', 'Yes, Delete these themes', $themes_to_delete ), 'button', 'submit', false ); ?>
 				</form>
 				<form method="post" action="<?php echo esc_url(wp_get_referer()); ?>" style="display:inline;">
diff --git wp-admin/network/user-new.php wp-admin/network/user-new.php
index 316fffe..45b5f12 100644
--- wp-admin/network/user-new.php
+++ wp-admin/network/user-new.php
@@ -99,7 +99,8 @@ if ( isset( $add_user_errors ) && is_wp_error( $add_user_errors ) ) { ?>
 			<td colspan="2"><?php _e( 'Username and password will be mailed to the above email address.' ) ?></td>
 		</tr>
 	</table>
-	<?php wp_nonce_field( 'add-user', '_wpnonce_add-user' ) ?>
+	<?php wp_nonce_field( array( 'action' => 'add-user',
+								 'name'   => '_wpnonce_add-user' ) ); ?>
 	<?php submit_button( __('Add User'), 'primary', 'add-user' ); ?>
 	</form>
 </div>
diff --git wp-admin/network/users.php wp-admin/network/users.php
index 1318355..fe5aaca 100644
--- wp-admin/network/users.php
+++ wp-admin/network/users.php
@@ -28,7 +28,7 @@ function confirm_delete_users( $users ) {
 	<form action="users.php?action=dodelete" method="post">
 	<input type="hidden" name="dodelete" />
 	<?php
-	wp_nonce_field( 'ms-users-delete' );
+	wp_nonce_field( array( 'action' => 'ms-users-delete' ) );
 	$site_admins = get_super_admins();
 	$admin_out = "<option value='$current_user->ID'>$current_user->user_login</option>";
 
diff --git wp-admin/options-permalink.php wp-admin/options-permalink.php
index d086fdc..5735276 100644
--- wp-admin/options-permalink.php
+++ wp-admin/options-permalink.php
@@ -170,7 +170,7 @@ if ( ! is_multisite() ) {
 <h2><?php echo esc_html( $title ); ?></h2>
 
 <form name="form" action="options-permalink.php" method="post">
-<?php wp_nonce_field('update-permalink') ?>
+<?php wp_nonce_field( array( 'action' => 'update-permalink' ) ); ?>
 
   <p><?php _e('By default WordPress uses web <abbr title="Universal Resource Locator">URL</abbr>s which have question marks and lots of numbers in them, however WordPress offers you the ability to create a custom URL structure for your permalinks and archives. This can improve the aesthetics, usability, and forward-compatibility of your links. A <a href="http://codex.wordpress.org/Using_Permalinks">number of tags are available</a>, and here are some examples to get you started.'); ?></p>
 
@@ -256,14 +256,14 @@ printf( __('If you like, you may enter custom structures for your category and t
 		if ( file_exists($home_path . 'web.config') ) : ?>
 <p><?php _e('If your <code>web.config</code> file were <a href="http://codex.wordpress.org/Changing_File_Permissions">writable</a>, we could do this automatically, but it isn&#8217;t so this is the url rewrite rule you should have in your <code>web.config</code> file. Click in the field and press <kbd>CTRL + a</kbd> to select all. Then insert this rule inside of the <code>/&lt;configuration&gt;/&lt;system.webServer&gt;/&lt;rewrite&gt;/&lt;rules&gt;</code> element in <code>web.config</code> file.') ?></p>
 <form action="options-permalink.php" method="post">
-<?php wp_nonce_field('update-permalink') ?>
+	<?php wp_nonce_field( array( 'action' => 'update-permalink' ) ); ?>
 	<p><textarea rows="9" class="large-text readonly" name="rules" id="rules" readonly="readonly"><?php echo esc_textarea( $wp_rewrite->iis7_url_rewrite_rules() ); ?></textarea></p>
 </form>
 <p><?php _e('If you temporarily make your <code>web.config</code> file writable for us to generate rewrite rules automatically, do not forget to revert the permissions after rule has been saved.') ?></p>
 		<?php else : ?>
 <p><?php _e('If the root directory of your site were <a href="http://codex.wordpress.org/Changing_File_Permissions">writable</a>, we could do this automatically, but it isn&#8217;t so this is the url rewrite rule you should have in your <code>web.config</code> file. Create a new file, called <code>web.config</code> in the root directory of your site. Click in the field and press <kbd>CTRL + a</kbd> to select all. Then insert this code into the <code>web.config</code> file.') ?></p>
 <form action="options-permalink.php" method="post">
-<?php wp_nonce_field('update-permalink') ?>
+	<?php wp_nonce_field( array( 'action' => 'update-permalink' ) ); ?>
 	<p><textarea rows="18" class="large-text readonly" name="rules" id="rules" readonly="readonly"><?php echo esc_textarea( $wp_rewrite->iis7_url_rewrite_rules(true) ); ?></textarea></p>
 </form>
 <p><?php _e('If you temporarily make your site&#8217;s root directory writable for us to generate the <code>web.config</code> file automatically, do not forget to revert the permissions after the file has been created.') ?></p>
@@ -273,7 +273,7 @@ printf( __('If you like, you may enter custom structures for your category and t
 	if ( $permalink_structure && ! $usingpi && ! $writable ) : ?>
 <p><?php _e('If your <code>.htaccess</code> file were <a href="http://codex.wordpress.org/Changing_File_Permissions">writable</a>, we could do this automatically, but it isn&#8217;t so these are the mod_rewrite rules you should have in your <code>.htaccess</code> file. Click in the field and press <kbd>CTRL + a</kbd> to select all.') ?></p>
 <form action="options-permalink.php" method="post">
-<?php wp_nonce_field('update-permalink') ?>
+	<?php wp_nonce_field( array( 'action' => 'update-permalink' ) ); ?>
 	<p><textarea rows="6" class="large-text readonly" name="rules" id="rules" readonly="readonly"><?php echo esc_textarea( $wp_rewrite->mod_rewrite_rules() ); ?></textarea></p>
 </form>
 	<?php endif; ?>
diff --git wp-admin/options.php wp-admin/options.php
index 80a0719..365de63 100644
--- wp-admin/options.php
+++ wp-admin/options.php
@@ -178,7 +178,7 @@ include('./admin-header.php'); ?>
 <?php screen_icon(); ?>
   <h2><?php esc_html_e('All Settings'); ?></h2>
   <form name="form" action="options.php" method="post" id="all-options">
-  <?php wp_nonce_field('options-options') ?>
+  <?php wp_nonce_field( array( 'action' => 'options-options' ) ); ?>
   <input type="hidden" name="action" value="update" />
   <input type='hidden' name='option_page' value='options' />
   <table class="form-table">
diff --git wp-admin/plugin-editor.php wp-admin/plugin-editor.php
index 2167c1a..dc962a9 100644
--- wp-admin/plugin-editor.php
+++ wp-admin/plugin-editor.php
@@ -223,7 +223,7 @@ foreach ( $plugin_files as $plugin_file ) :
 	</ul>
 </div>
 <form name="template" id="template" action="plugin-editor.php" method="post">
-	<?php wp_nonce_field('edit-plugin_' . $file) ?>
+	<?php wp_nonce_field( array( 'action' => 'edit-plugin_' . $file ) ); ?>
 		<div><textarea cols="70" rows="25" name="newcontent" id="newcontent" aria-describedby="newcontent-description"><?php echo $content; ?></textarea>
 		<input type="hidden" name="action" value="update" />
 		<input type="hidden" name="file" value="<?php echo esc_attr($file) ?>" />
diff --git wp-admin/plugins.php wp-admin/plugins.php
index c371b64..ad35832 100644
--- wp-admin/plugins.php
+++ wp-admin/plugins.php
@@ -294,7 +294,7 @@ if ( $action ) {
 						foreach ( (array) $plugins as $plugin )
 							echo '<input type="hidden" name="checked[]" value="' . esc_attr($plugin) . '" />';
 					?>
-					<?php wp_nonce_field('bulk-plugins') ?>
+					<?php wp_nonce_field( array( 'action' => 'bulk-plugins' ) ); ?>
 					<?php submit_button( $data_to_delete ? __( 'Yes, Delete these files and data' ) : __( 'Yes, Delete these files' ), 'button', 'submit', false ); ?>
 				</form>
 				<form method="post" action="<?php echo esc_url(wp_get_referer()); ?>" style="display:inline;">
diff --git wp-admin/press-this.php wp-admin/press-this.php
index b270115..8838e16 100644
--- wp-admin/press-this.php
+++ wp-admin/press-this.php
@@ -443,7 +443,7 @@ $admin_body_class .= ' locale-' . sanitize_html_class( strtolower( str_replace(
 <div id="poststuff" class="metabox-holder">
 	<div id="side-sortables" class="press-this-sidebar">
 		<div class="sleeve">
-			<?php wp_nonce_field('press-this') ?>
+			<?php wp_nonce_field( array( 'action' => 'press-this' ) ); ?>
 			<input type="hidden" name="post_type" id="post_type" value="text"/>
 			<input type="hidden" name="autosave" id="autosave" />
 			<input type="hidden" id="original_post_status" name="original_post_status" value="draft" />
@@ -528,7 +528,9 @@ $admin_body_class .= ' locale-' . sanitize_html_class( strtolower( str_replace(
 								</label>
 								<?php wp_dropdown_categories( array( 'taxonomy' => 'category', 'hide_empty' => 0, 'name' => 'newcategory_parent', 'orderby' => 'name', 'hierarchical' => 1, 'show_option_none' => '&mdash; ' . $tax->labels->parent_item . ' &mdash;' ) ); ?>
 								<input type="button" id="category-add-submit" data-wp-lists="add:categorychecklist:category-add" class="button category-add-submit" value="<?php echo esc_attr( $tax->labels->add_new_item ); ?>" />
-								<?php wp_nonce_field( 'add-category', '_ajax_nonce-add-category', false ); ?>
+								<?php wp_nonce_field( array( 'action' => 'add-category',
+															 'name' => '_ajax_nonce-add-category',
+															 'referrer' => false ) ); ?>
 								<span id="category-ajax-response"></span>
 							</p>
 						</div>
diff --git wp-admin/theme-editor.php wp-admin/theme-editor.php
index 8f95cab..a2497c9 100644
--- wp-admin/theme-editor.php
+++ wp-admin/theme-editor.php
@@ -198,7 +198,7 @@ if ( $allowed_files ) :
 	echo '<div class="error"><p>' . __('Oops, no such file exists! Double check the name and try again, merci.') . '</p></div>';
 else : ?>
 	<form name="template" id="template" action="theme-editor.php" method="post">
-	<?php wp_nonce_field( 'edit-theme_' . $file . $stylesheet ); ?>
+	<?php wp_nonce_field( array( 'action' => 'edit-theme_' . $file . $stylesheet ) ); ?>
 		<div><textarea cols="70" rows="30" name="newcontent" id="newcontent" aria-describedby="newcontent-description"><?php echo $content; ?></textarea>
 		<input type="hidden" name="action" value="update" />
 		<input type="hidden" name="file" value="<?php echo esc_attr( $relative_file ); ?>" />
diff --git wp-admin/update-core.php wp-admin/update-core.php
index c8f5877..38cbdb2 100644
--- wp-admin/update-core.php
+++ wp-admin/update-core.php
@@ -68,7 +68,7 @@ function list_core_update( $update ) {
 	echo $message;
 	echo '</p>';
 	echo '<form method="post" action="' . $form_action . '" name="upgrade" class="upgrade">';
-	wp_nonce_field('upgrade-core');
+	wp_nonce_field( array( 'action' => 'upgrade-core' ) );
 	echo '<p>';
 	echo '<input name="version" value="'. esc_attr($update->current) .'" type="hidden"/>';
 	echo '<input name="locale" value="'. esc_attr($update->locale) .'" type="hidden"/>';
@@ -189,7 +189,7 @@ function list_plugin_updates() {
 <h3><?php _e( 'Plugins' ); ?></h3>
 <p><?php _e( 'The following plugins have new versions available. Check the ones you want to update and then click &#8220;Update Plugins&#8221;.' ); ?></p>
 <form method="post" action="<?php echo esc_url( $form_action ); ?>" name="upgrade-plugins" class="upgrade">
-<?php wp_nonce_field('upgrade-core'); ?>
+<?php wp_nonce_field( array( 'action' => 'upgrade-core' ) ); ?>
 <p><input id="upgrade-plugins" class="button" type="submit" value="<?php esc_attr_e('Update Plugins'); ?>" name="upgrade" /></p>
 <table class="widefat" cellspacing="0" id="update-plugins-table">
 	<thead>
@@ -267,7 +267,7 @@ function list_theme_updates() {
 <p><?php _e( 'The following themes have new versions available. Check the ones you want to update and then click &#8220;Update Themes&#8221;.' ); ?></p>
 <p><?php printf( __('<strong>Please Note:</strong> Any customizations you have made to theme files will be lost. Please consider using <a href="%s">child themes</a> for modifications.'), _x('http://codex.wordpress.org/Child_Themes', 'Link used in suggestion to use child themes in GUU') ); ?></p>
 <form method="post" action="<?php echo esc_url( $form_action ); ?>" name="upgrade-themes" class="upgrade">
-<?php wp_nonce_field('upgrade-core'); ?>
+<?php wp_nonce_field( array( 'action' => 'upgrade-core' ) ); ?>
 <p><input id="upgrade-themes" class="button" type="submit" value="<?php esc_attr_e('Update Themes'); ?>" name="upgrade" /></p>
 <table class="widefat" cellspacing="0" id="update-themes-table">
 	<thead>
diff --git wp-admin/user-edit.php wp-admin/user-edit.php
index 13a2f63..6e24098 100644
--- wp-admin/user-edit.php
+++ wp-admin/user-edit.php
@@ -190,7 +190,7 @@ if ( ! IS_PROFILE_PAGE ) {
 </h2>
 
 <form id="your-profile" action="<?php echo esc_url( self_admin_url( IS_PROFILE_PAGE ? 'profile.php' : 'user-edit.php' ) ); ?>" method="post"<?php do_action('user_edit_form_tag'); ?>>
-<?php wp_nonce_field('update-user_' . $user_id) ?>
+<?php wp_nonce_field( array( 'action' => 'update-user_' . $user_id ) ); ?>
 <?php if ( $wp_http_referer ) : ?>
 	<input type="hidden" name="wp_http_referer" value="<?php echo esc_url($wp_http_referer); ?>" />
 <?php endif; ?>
diff --git wp-admin/user-new.php wp-admin/user-new.php
index 13a8e12..adf86d3 100644
--- wp-admin/user-new.php
+++ wp-admin/user-new.php
@@ -268,7 +268,8 @@ if ( is_multisite() ) {
 ?>
 <form action="" method="post" name="adduser" id="adduser" class="validate"<?php do_action('user_new_form_tag');?>>
 <input name="action" type="hidden" value="adduser" />
-<?php wp_nonce_field( 'add-user', '_wpnonce_add-user' ) ?>
+<?php wp_nonce_field( array( 'action' => 'add-user',
+							 'name'   => '_wpnonce_add-user' ) ); ?>
 
 <table class="form-table">
 	<tr class="form-field form-required">
@@ -301,7 +302,8 @@ if ( current_user_can( 'create_users') ) {
 <p><?php _e('Create a brand new user and add it to this site.'); ?></p>
 <form action="" method="post" name="createuser" id="createuser" class="validate"<?php do_action('user_new_form_tag');?>>
 <input name="action" type="hidden" value="createuser" />
-<?php wp_nonce_field( 'create-user', '_wpnonce_create-user' ) ?>
+<?php wp_nonce_field( array( 'action' => 'create-user',
+							 'name' => '_wpnonce_create-user' ) ); ?>
 <?php
 // Load up the passed data, else set to a default.
 foreach ( array( 'user_login' => 'login', 'first_name' => 'firstname', 'last_name' => 'lastname',
diff --git wp-admin/users.php wp-admin/users.php
index e807487..da0003e 100644
--- wp-admin/users.php
+++ wp-admin/users.php
@@ -214,7 +214,7 @@ case 'delete':
 	include ('admin-header.php');
 ?>
 <form action="" method="post" name="updateusers" id="updateusers">
-<?php wp_nonce_field('delete-users') ?>
+<?php wp_nonce_field( array( 'action' => 'delete-users' ) ); ?>
 <?php echo $referer; ?>
 
 <div class="wrap">
@@ -319,7 +319,7 @@ case 'remove':
 	include ('admin-header.php');
 ?>
 <form action="" method="post" name="updateusers" id="updateusers">
-<?php wp_nonce_field('remove-users') ?>
+<?php wp_nonce_field( array( 'action' => 'remove-users' ) ); ?>
 <?php echo $referer; ?>
 
 <div class="wrap">
diff --git wp-admin/widgets.php wp-admin/widgets.php
index 3e0b146..ecc1d37 100644
--- wp-admin/widgets.php
+++ wp-admin/widgets.php
@@ -281,7 +281,7 @@ if ( isset($_GET['editwidget']) && $_GET['editwidget'] ) {
 	<input type="hidden" name="widget-id" class="widget-id" value="<?php echo esc_attr($widget_id); ?>" />
 	<input type="hidden" name="id_base" class="id_base" value="<?php echo esc_attr($id_base); ?>" />
 	<input type="hidden" name="multi_number" class="multi_number" value="<?php echo esc_attr($multi_number); ?>" />
-<?php	wp_nonce_field("save-delete-widget-$widget_id"); ?>
+	<?php wp_nonce_field( array( 'action' => "save-delete-widget-$widget_id" ) ); ?>
 	<br class="clear" />
 	</div>
 	</form>
@@ -389,7 +389,9 @@ foreach ( $wp_registered_sidebars as $sidebar => $registered_sidebar ) {
 </div>
 </div>
 <form action="" method="post">
-<?php wp_nonce_field( 'save-sidebar-widgets', '_wpnonce_widgets', false ); ?>
+<?php wp_nonce_field( array( 'action' => 'save-sidebar-widgets',
+							 'name' => '_wpnonce_widgets',
+							 'referrer' => false ) ); ?>
 </form>
 <br class="clear" />
 </div>
diff --git wp-includes/class-wp-editor.php wp-includes/class-wp-editor.php
index 71236ba..f68c992 100644
--- wp-includes/class-wp-editor.php
+++ wp-includes/class-wp-editor.php
@@ -818,7 +818,10 @@ final class _WP_Editors {
 	?>
 	<div style="display:none;">
 	<form id="wp-link" tabindex="-1">
-	<?php wp_nonce_field( 'internal-linking', '_ajax_linking_nonce', false ); ?>
+	<?php wp_nonce_field( array( 'action' => 'internal-linking',
+								 'name' => '_ajax_linking_nonce',
+								 'id' => '_ajax_linking_nonce',
+								 'referrer' => false ) ); ?>
 	<div id="link-selector">
 		<div id="link-options">
 			<p class="howto"><?php _e( 'Enter the destination URL' ); ?></p>
diff --git wp-includes/comment-template.php wp-includes/comment-template.php
index 3d32132..362ce5e 100644
--- wp-includes/comment-template.php
+++ wp-includes/comment-template.php
@@ -814,7 +814,10 @@ function wp_comment_form_unfiltered_html_nonce() {
 	$post_id = $post ? $post->ID : 0;
 
 	if ( current_user_can( 'unfiltered_html' ) ) {
-		wp_nonce_field( 'unfiltered-html-comment_' . $post_id, '_wp_unfiltered_html_comment_disabled', false );
+		wp_nonce_field( array( 'action' => 'unfiltered-html-comment_' . $post_id,
+							   'name' => '_wp_unfiltered_html_comment_disabled',
+							   'id' => '_wp_unfiltered_html_comment_disabled',
+							   'referrer' => false ) );
 		echo "<script>(function(){if(window===window.parent){document.getElementById('_wp_unfiltered_html_comment_disabled').name='_wp_unfiltered_html_comment';}})();</script>\n";
 	}
 }
diff --git wp-includes/functions.php wp-includes/functions.php
index d31e58a..5012c33 100644
--- wp-includes/functions.php
+++ wp-includes/functions.php
@@ -1186,34 +1186,65 @@ function wp_nonce_url( $actionurl, $action = -1, $name = '_wpnonce' ) {
  * offer absolute protection, but should protect against most cases. It is very
  * important to use nonce field in forms.
  *
- * The $action and $name are optional, but if you want to have better security,
- * it is strongly suggested to set those two parameters. It is easier to just
+ * The following optional settings can be used with this method:
+ *
+ * action - A unique name included in the nonce hash (for better security).
+ * name - The input field name, defaults to "_wpnonce".
+ * id - Used as the input element id if desired.
+ * referrer - Referrer field is used for validation, defaults to true.
+ * echo - Output is displayed, defaults to true. Returns the output if false.
+ *
+ * While action is optional, it is strongly recommended to set this option to a
+ * unique value for every form for better security. It is easier to just
  * call the function without any parameters, because validation of the nonce
- * doesn't require any parameters, but since crackers know what the default is
+ * doesn't require any parameters, but since crackers know what the default is,
  * it won't be difficult for them to find a way around your nonce and cause
  * damage.
  *
- * The input name will be whatever $name value you gave. The input value will be
- * the nonce creation value.
- *
  * @package WordPress
  * @subpackage Security
  * @since 2.0.4
  *
- * @param string $action Optional. Action name.
- * @param string $name Optional. Nonce name.
- * @param bool $referer Optional, default true. Whether to set the referer field for validation.
- * @param bool $echo Optional, default true. Whether to display or return hidden form field.
- * @return string Nonce field.
+ * @param array $options Optional settings for the nonce field, see description.
+ *
+ * @return string HTML nonce field to be used in a form.
  */
-function wp_nonce_field( $action = -1, $name = "_wpnonce", $referer = true , $echo = true ) {
-	$name = esc_attr( $name );
-	$nonce_field = '<input type="hidden" id="' . $name . '" name="' . $name . '" value="' . wp_create_nonce( $action ) . '" />';
+function wp_nonce_field( $options = array() ) {
+	$defaults = array(
+		'action'   => -1,
+		'name'     => '_wpnonce',
+		'id'       => '',
+		'referrer' => true,
+		'echo'     => true
+	);
 
-	if ( $referer )
+	// WordPress 3.5 compatibility layer:
+	// Arguments: $action = -1, $name = "_wpnonce", $referer = true, $echo = true
+	// The $name parameter was also used for id.
+	if ( ! is_array( $options ) || 0 == func_num_args() ) {
+		_deprecated_argument( __FUNCTION__, '3.6', 'Please see the documentation on how to pass the necessary options to this function.' );
+		$old_args = func_get_args();
+		$options = array( 'name' => '_wpnonce' );
+		if ( isset( $old_args[0] ) ) $options['action']   = $old_args[0];
+		if ( isset( $old_args[1] ) ) $options['name']     = $old_args[1];
+		if ( isset( $old_args[2] ) ) $options['referrer'] = $old_args[2];
+		if ( isset( $old_args[3] ) ) $options['echo']     = $old_args[3];
+		$options['id'] = $options['name'];
+	}
+
+	$options = wp_parse_args( $options, $defaults );
+
+	$nonce_field = '<input type="hidden"';
+	if ( ! empty( $options['id'] ) ) {
+		$nonce_field .= ' id="' . esc_attr( $options['id'] ) . '"';
+	}
+	$nonce_field .= ' name="' . esc_attr( $options['name'] ) . '"';
+	$nonce_field .= ' value="' . esc_attr( wp_create_nonce( $options['action'] ) ) . '" />';
+
+	if ( $options['referrer'] )
 		$nonce_field .= wp_referer_field( false );
 
-	if ( $echo )
+	if ( $options['echo'] )
 		echo $nonce_field;
 
 	return $nonce_field;
diff --git wp-includes/ms-functions.php wp-includes/ms-functions.php
index 1037a9f..ff5780f 100644
--- wp-includes/ms-functions.php
+++ wp-includes/ms-functions.php
@@ -1580,7 +1580,9 @@ function upload_is_file_too_big( $upload ) {
 function signup_nonce_fields() {
 	$id = mt_rand();
 	echo "<input type='hidden' name='signup_form_id' value='{$id}' />";
-	wp_nonce_field('signup_form_' . $id, '_signup_form', false);
+	wp_nonce_field( array( 'action' => 'signup_form_' . $id,
+						   'name'=> '_signup_form',
+						   'referrer' => false ) );
 }
 
 /**