Computer Dictionary of Information Technology

wp-login.php

The default name of the web page the allows a web site administrator to log in to the dashboard and update a web site powered by WordPress.

URLs like http://example.com/wp-login.php are a favourite target for brute-force attacks that try to break into WordPress-powered web sites by guessing the admin username and password. If successful, the attacker could then publish their own content on the site or modify the existing content.

http://www.inmotionhosting.com/support/edu/wordpress/wp-login-brute-force-attack.