diff --git a/includes/admin/post-types/class-sp-admin-cpt-spec.php b/includes/admin/post-types/class-sp-admin-cpt-spec.php
index 23125e9a..668f52fe 100644
--- a/includes/admin/post-types/class-sp-admin-cpt-spec.php
+++ b/includes/admin/post-types/class-sp-admin-cpt-spec.php
@@ -55,7 +55,7 @@ class SP_Admin_CPT_Spec extends SP_Admin_CPT {
switch ( $column ):
case 'sp_key':
global $post;
- echo $post->post_name;
+ echo esc_attr( $post->post_name );
break;
case 'sp_description':
global $post;
diff --git a/includes/admin/post-types/class-sp-admin-cpt-staff.php b/includes/admin/post-types/class-sp-admin-cpt-staff.php
index 0301da8e..aa66079e 100644
--- a/includes/admin/post-types/class-sp-admin-cpt-staff.php
+++ b/includes/admin/post-types/class-sp-admin-cpt-staff.php
@@ -92,7 +92,7 @@ class SP_Admin_CPT_Staff extends SP_Admin_CPT {
if ( ! $team_id ) continue;
$team = get_post( $team_id );
if ( $team ):
- echo $team->post_title;
+ echo esc_attr( $team->post_title );
if ( in_array( $team_id, $current_teams ) ):
echo '';
endif;
diff --git a/includes/admin/post-types/class-sp-admin-cpt-statistic.php b/includes/admin/post-types/class-sp-admin-cpt-statistic.php
index 135169e2..016b3736 100644
--- a/includes/admin/post-types/class-sp-admin-cpt-statistic.php
+++ b/includes/admin/post-types/class-sp-admin-cpt-statistic.php
@@ -61,7 +61,7 @@ class SP_Admin_CPT_Statistic extends SP_Admin_CPT {
break;
case 'sp_key':
global $post;
- echo $post->post_name;
+ echo esc_attr( $post->post_name );
break;
case 'sp_equation':
echo sp_get_post_equation( $post_id );
@@ -71,7 +71,7 @@ class SP_Admin_CPT_Statistic extends SP_Admin_CPT {
break;
case 'sp_description':
global $post;
- echo '' . $post->post_excerpt . '';
+ echo '' . wp_kses_post( $post->post_excerpt ) . '';
break;
endswitch;
}