The solution is to use a valid URL.
Thus:
base/?json_route=/posts&filter[p]=10
(notice the second question mark has been replaced by an ampersand)
I had exactly the same username/password appear on my own hosted site. I have no idea how they eveb found the site as the url is VERY complex… I have had no other users registered (not even spam ones).
They appear to have signed up as a subscriber. I’m unsure of what they did next.
I’ve taken the website offline for now…
(I’m getting paranoid now… maybe I shouldn’t be publically connecting my blog to that username…)
UPdate:
Actually, the error occurs only when I’m logged in – it might be caused by the Admin Bar. The page outputs this:
to%3D”>
Akademy
Edit My Profile
Dashboard
Log Out
Add New
Post
Page
Comments
Appearance
Widgets
Menus
Updates 2
When not logged in it just doesn’t find the old page.
In fact this can be replicated by going to anywebsite in the form of a blog which doesn’t exists, e.g.: http://www.akademy.co.uk/blog/2011/03/blog-doesnt-exist (As long as you are logged in).
