diff --git a/wp-mail.php b/wp-mail.php index 8ccdf03b64..7994babdee 100644 --- a/wp-mail.php +++ b/wp-mail.php @@ -181,12 +181,12 @@ for ($i=1; $i <= $count; $i++) : do_action('publish_phone', $post_ID); - echo "\n

Author: $post_author

"; - echo "\n

Posted title: $post_title
"; - echo "\nPosted content:

".$content.'

'; + echo "\n

Author: " . wp_specialchars($post_author) . "

"; + echo "\n

Posted title: " . sanitize_post_field('post_title', $post_title, $post_ID, 'display') . "
"; + echo "\nPosted content:

". sanitize_post_field('post_content', $post_content, $post_ID, 'display') . '

'; if(!$pop3->delete($i)) { - echo '

Oops '.$pop3->ERROR.'

'; + echo '

Oops '.wp_specialchars($pop3->ERROR).'

'; $pop3->reset(); exit; } else {