diff --git a/wp-mail.php b/wp-mail.php
index e5100558d1..06c9a60149 100644
--- a/wp-mail.php
+++ b/wp-mail.php
@@ -12,7 +12,7 @@ $phone_delim = '::';
$pop3 = new POP3();
if (!$pop3->connect(get_option('mailserver_url'), get_option('mailserver_port')))
- wp_die($pop3->ERROR);
+ wp_die(wp_specialchars($pop3->ERROR));
$count = $pop3->login(get_option('mailserver_login'), get_option('mailserver_pass'));
if (0 == $count) wp_die(__('There doesn’t seem to be any new mail.'));
@@ -166,7 +166,7 @@ for ($i=1; $i <= $count; $i++) :
echo "\nPosted content:
".$content.'
';
if(!$pop3->delete($i)) {
- echo 'Oops '.$pop3->ERROR.'
';
+ echo 'Oops '.wp_specialchars($pop3->ERROR).'
';
$pop3->reset();
exit;
} else {