Strip extra slashes from _POST when doing nonce AYS. Props MarkJaquith and mdawaffe. fixes #2761

git-svn-id: http://svn.automattic.com/wordpress/trunk@3833 1a063a9b-81f0-0310-95a4-ce76da25c4cd

wp-includes/pluggable-functions.php

@@ -238,6 +238,8 @@ function check_admin_referer($action = -1) {
 			$adminurl = $referer;
 		$title = __('WordPress Confirmation');
 		require_once(ABSPATH . '/wp-admin/admin-header.php');
+		// Remove extra layer of slashes.
+		$_POST   = stripslashes_deep($_POST  );
 		if ( $_POST ) {
 			$q = http_build_query($_POST);
 			$q = explode( ini_get('arg_separator.output'), $q);