"Wordpress 3.1.3 release now supports X-FRAME-OPTIONS for the
admin and login pages of a WordPress site.
"Send a HTTP header to limit rendering of pages to same origin
iframes," the changeset for WordPress 3.1.3 states. By implementing
the X-FRAME-OPTIONS specification, WordPress 3.1.3 helps users to
mitigate the risks of a clickjacking attack against user