diff --git a/includes/admin/post-types/class-sp-admin-cpt-calendar.php b/includes/admin/post-types/class-sp-admin-cpt-calendar.php
index 67dd2f58..e4bf2ff2 100644
--- a/includes/admin/post-types/class-sp-admin-cpt-calendar.php
+++ b/includes/admin/post-types/class-sp-admin-cpt-calendar.php
@@ -96,7 +96,7 @@ class SP_Admin_CPT_Calendar extends SP_Admin_CPT {
 				echo sizeof( $calendar->data() );
 				break;
 			case 'sp_layout':
-				echo sp_array_value( SP()->formats->calendar, get_post_meta( $post_id, 'sp_format', true ), '&mdash;' );
+				echo esc_html( sp_array_value( SP()->formats->calendar, get_post_meta( $post_id, 'sp_format', true ), '&mdash;' ) );
 				break;
 		endswitch;
 	}
diff --git a/includes/admin/post-types/class-sp-admin-cpt-list.php b/includes/admin/post-types/class-sp-admin-cpt-list.php
index 003f9dd1..7093819e 100644
--- a/includes/admin/post-types/class-sp-admin-cpt-list.php
+++ b/includes/admin/post-types/class-sp-admin-cpt-list.php
@@ -90,7 +90,7 @@ class SP_Admin_CPT_List extends SP_Admin_CPT {
 				endif;
 				break;
 			case 'sp_layout':
-				echo sp_array_value( SP()->formats->list, get_post_meta( $post_id, 'sp_format', true ), '&mdash;' );
+				echo esc_html( sp_array_value( SP()->formats->list, get_post_meta( $post_id, 'sp_format', true ), '&mdash;' ) );
 				break;
 		endswitch;
 	}
diff --git a/includes/admin/post-types/class-sp-admin-cpt-player.php b/includes/admin/post-types/class-sp-admin-cpt-player.php
index df584d6b..8e587890 100755
--- a/includes/admin/post-types/class-sp-admin-cpt-player.php
+++ b/includes/admin/post-types/class-sp-admin-cpt-player.php
@@ -89,7 +89,7 @@ class SP_Admin_CPT_Player extends SP_Admin_CPT {
 	public function custom_columns( $column, $post_id ) {
 		switch ( $column ):
 			case 'sp_number':
-				echo get_post_meta ( $post_id, 'sp_number', true );
+				echo esc_html( get_post_meta ( $post_id, 'sp_number', true ) );
 				break;
 			case 'sp_position':
 				echo get_the_terms( $post_id, 'sp_position' ) ? the_terms( $post_id, 'sp_position' ) : '&mdash;';
diff --git a/includes/admin/post-types/meta-boxes/class-sp-meta-box-calendar-feeds.php b/includes/admin/post-types/meta-boxes/class-sp-meta-box-calendar-feeds.php
index 5dd3aa40..cb33d772 100644
--- a/includes/admin/post-types/meta-boxes/class-sp-meta-box-calendar-feeds.php
+++ b/includes/admin/post-types/meta-boxes/class-sp-meta-box-calendar-feeds.php
@@ -41,7 +41,7 @@ class SP_Meta_Box_Calendar_Feeds {
 					}
 					?>
 					<p>
-						<strong><?php echo sp_array_value( $format, 'name' ); ?></strong>
+						<strong><?php echo esc_html( sp_array_value( $format, 'name' ) ); ?></strong>
 						<a class="sp-link" href="<?php echo esc_attr( $feed ); ?>" target="_blank" title="<?php _e( 'Link', 'sportspress' ); ?>"></a>
 					</p>
 					<p>
diff --git a/includes/admin/post-types/meta-boxes/class-sp-meta-box-list-data.php b/includes/admin/post-types/meta-boxes/class-sp-meta-box-list-data.php
index 95fea458..0dfb4762 100644
--- a/includes/admin/post-types/meta-boxes/class-sp-meta-box-list-data.php
+++ b/includes/admin/post-types/meta-boxes/class-sp-meta-box-list-data.php
@@ -158,7 +158,7 @@ class SP_Meta_Box_List_Data {
 									$value = sp_array_value( $player_stats, $column, '' );
 									$placeholder = sp_array_value( sp_array_value( $placeholders, $player_id, array() ), $column, 0 );
 									?>
-									<td><input type="text" name="sp_players[<?php echo esc_attr( $player_id ); ?>][<?php echo esc_attr( $column ); ?>]" value="<?php echo esc_attr( $value ); ?>" placeholder="<?php echo esc_attr( $placeholder ); ?>" data-placeholder="<?php echo esc_attr( $placeholder ); ?>" data-matrix="<?php echo esc_attr( $player_id ); ?>_<?php echo esc_attr( $column ); ?>" data-adjustment="<?php echo sp_array_value( sp_array_value( $adjustments, $player_id, array() ), $column, 0 ); ?>" /></td>
+									<td><input type="text" name="sp_players[<?php echo esc_attr( $player_id ); ?>][<?php echo esc_attr( $column ); ?>]" value="<?php echo esc_attr( $value ); ?>" placeholder="<?php echo esc_attr( $placeholder ); ?>" data-placeholder="<?php echo esc_attr( $placeholder ); ?>" data-matrix="<?php echo esc_attr( $player_id ); ?>_<?php echo esc_attr( $column ); ?>" data-adjustment="<?php echo esc_attr( sp_array_value( sp_array_value( $adjustments, $player_id, array() ), $column, 0 ) ); ?>" /></td>
 								<?php endforeach; ?>
 							</tr>
 							<?php
diff --git a/includes/admin/post-types/meta-boxes/class-sp-meta-box-outcome-details.php b/includes/admin/post-types/meta-boxes/class-sp-meta-box-outcome-details.php
index 8e44d26a..62d75899 100644
--- a/includes/admin/post-types/meta-boxes/class-sp-meta-box-outcome-details.php
+++ b/includes/admin/post-types/meta-boxes/class-sp-meta-box-outcome-details.php
@@ -45,7 +45,7 @@ class SP_Meta_Box_Outcome_Details extends SP_Meta_Box_Config {
 		</p>
 		<p><strong><?php _e( 'Abbreviation', 'sportspress' ); ?></strong></p>
 		<p>
-			<input name="sp_abbreviation" type="text" id="sp_abbreviation" value="<?php echo esc_attr( $abbreviation ); ?>" placeholder="<?php echo sp_substr( $post->post_title, 0, 1 ); ?>">
+			<input name="sp_abbreviation" type="text" id="sp_abbreviation" value="<?php echo esc_attr( $abbreviation ); ?>" placeholder="<?php echo esc_attr( sp_substr( $post->post_title, 0, 1 ) ); ?>">
 		</p>
 		<p><strong><?php _e( 'Color', 'sportspress' ); ?></strong></p>
 		<p>
diff --git a/includes/admin/post-types/meta-boxes/class-sp-meta-box-team-lists.php b/includes/admin/post-types/meta-boxes/class-sp-meta-box-team-lists.php
index bef53536..5cddb0e9 100644
--- a/includes/admin/post-types/meta-boxes/class-sp-meta-box-team-lists.php
+++ b/includes/admin/post-types/meta-boxes/class-sp-meta-box-team-lists.php
@@ -89,7 +89,7 @@ class SP_Meta_Box_Team_Lists {
 									<td><?php echo sizeof( $players ); ?></td>
 									<td><?php echo get_the_terms ( $list->ID, 'sp_league' ) ? the_terms( $list->ID, 'sp_league' ) : '&mdash;'; ?></td>
 									<td><?php echo get_the_terms ( $list->ID, 'sp_season' ) ? the_terms( $list->ID, 'sp_season' ) : '&mdash;'; ?></td>
-									<td><?php echo sp_array_value( SP()->formats->list, $format, '&mdash;' ); ?></td>
+									<td><?php echo esc_html( sp_array_value( SP()->formats->list, $format, '&mdash;' ) ); ?></td>
 								</tr>
 								<?php
 								$i++;
diff --git a/includes/admin/settings/class-sp-settings-modules.php b/includes/admin/settings/class-sp-settings-modules.php
index 2c3a8dc0..3688fb62 100644
--- a/includes/admin/settings/class-sp-settings-modules.php
+++ b/includes/admin/settings/class-sp-settings-modules.php
@@ -213,7 +213,7 @@ class SP_Settings_Modules extends SP_Settings_Page {
 				<table class="sp-modules-table widefat" cellspacing="0">
 					<thead>
 						<tr><th>
-							<?php echo sp_array_value( $this->sections, $section, __( 'Modules', 'sportspress' ) ); ?>
+							<?php echo esc_html( sp_array_value( $this->sections, $section, __( 'Modules', 'sportspress' ) ) ); ?>
 						</th></tr>
 					</thead>
 					<tbody>
@@ -221,7 +221,7 @@ class SP_Settings_Modules extends SP_Settings_Page {
 							<?php if ( isset( $module['class'] ) && ! class_exists( $module['class'] ) ) { ?>
 							<tr class="sp-module-unavailable"><td>
 								<input type="checkbox" disabled="disabled">
-								<span class="sp-desc-tip" title="<?php echo sp_array_value( $module, 'tip', __( 'Upgrade to Pro', 'sportspress' ) ); ?>">
+								<span class="sp-desc-tip" title="<?php echo esc_attr( sp_array_value( $module, 'tip', __( 'Upgrade to Pro', 'sportspress' ) ) ); ?>">
 									<i class="<?php echo esc_attr( sp_array_value( $module, 'icon', 'dashicons dashicons-admin-generic' ) ); ?>"></i>
 									<?php echo esc_html( sp_array_value( $module, 'label', $id ) ); ?>
 								</span>
@@ -229,7 +229,7 @@ class SP_Settings_Modules extends SP_Settings_Page {
 									<span class="sp-desc">
 										<?php echo wp_kses_post( $module['desc'] ); ?>
 										<?php if ( array_key_exists( 'link', $module ) ) { ?>
-											<a href="<?php echo apply_filters( 'sportspress_pro_url', $module['link'] ); ?>" target="_blank"><?php echo sp_array_value( $module, 'action', __( 'Learn more', 'sportspress' ) ); ?></a>
+											<a href="<?php echo apply_filters( 'sportspress_pro_url', $module['link'] ); ?>" target="_blank"><?php echo esc_html( sp_array_value( $module, 'action', __( 'Learn more', 'sportspress' ) ) ); ?></a>
 										<?php } ?>
 									</span>
 								<?php } ?>
@@ -238,8 +238,8 @@ class SP_Settings_Modules extends SP_Settings_Page {
 							<tr><td>
 								<input type="checkbox" name="sportspress_load_<?php echo $id; ?>_module" id="sportspress_load_<?php echo $id; ?>_module" <?php checked( 'yes' == get_option( 'sportspress_load_' . $id . '_module', sp_array_value( $module, 'default', 'yes' ) ) ); ?>>
 								<label for="sportspress_load_<?php echo $id; ?>_module">
-									<i class="<?php echo sp_array_value( $module, 'icon', 'dashicons dashicons-admin-generic' ); ?>"></i>
-									<?php echo sp_array_value( $module, 'label', $id ); ?>
+									<i class="<?php echo esc_attr( sp_array_value( $module, 'icon', 'dashicons dashicons-admin-generic' ) ); ?>"></i>
+									<?php echo esc_html( sp_array_value( $module, 'label', $id ) ); ?>
 								</label>
 								<?php if ( isset( $module['desc'] ) ) { ?>
 									<span class="sp-desc"><?php echo wp_kses_post( $module['desc'] ); ?></span>
diff --git a/includes/admin/settings/class-sp-settings-page.php b/includes/admin/settings/class-sp-settings-page.php
index 3dcca041..2e2a2c99 100644
--- a/includes/admin/settings/class-sp-settings-page.php
+++ b/includes/admin/settings/class-sp-settings-page.php
@@ -124,7 +124,7 @@ class SP_Settings_Page {
 			    		<li>
 							<div class="sp-item-bar sp-layout-item-bar">
 								<div class="sp-item-handle sp-layout-item-handle ui-sortable-handle">
-									<span class="sp-item-title item-title"><?php echo sp_array_value( $details, 'title', ucfirst( $template ) ); ?></span>
+									<span class="sp-item-title item-title"><?php echo esc_html( sp_array_value( $details, 'title', ucfirst( $template ) ) ); ?></span>
 									<input type="hidden" name="sportspress_<?php echo esc_attr( $this->template ); ?>_template_order[]" value="<?php echo esc_attr( $template ); ?>">
 								</div>
 								
@@ -181,7 +181,7 @@ class SP_Settings_Page {
 			    		<li>
 							<div class="sp-item-bar sp-layout-item-bar">
 								<div class="sp-item-handle sp-layout-item-handle ui-sortable-handle">
-									<span class="sp-item-title item-title"><?php echo sp_array_value( $details, 'title', ucfirst( $template ) ); ?></span>
+									<span class="sp-item-title item-title"><?php echo esc_html( sp_array_value( $details, 'title', ucfirst( $template ) ) ); ?></span>
 									<input type="hidden" name="sportspress_<?php echo esc_attr( $this->template ); ?>_template_order[]" value="<?php echo esc_attr( $template ); ?>">
 								</div>
 								
diff --git a/modules/sportspress-lazy-loading.php b/modules/sportspress-lazy-loading.php
index adceea14..b05aa71f 100644
--- a/modules/sportspress-lazy-loading.php
+++ b/modules/sportspress-lazy-loading.php
@@ -234,10 +234,10 @@ class SportsPress_Lazy_Loading {
 									switch( $player_sort )
 									{
 									case 'name':
-										echo sp_get_player_name_then_number( $post->ID );
+										echo esc_html( sp_get_player_name_then_number( $post->ID ) );
 										break;
 									default:  // 'jersey'
-										echo sp_get_player_name_with_number( $post->ID );
+										echo esc_html( sp_get_player_name_with_number( $post->ID ) );
 									}
 								?>
 							</label>
@@ -253,10 +253,10 @@ class SportsPress_Lazy_Loading {
 									switch( $player_sort )
 									{
 									case 'name':
-										echo sp_get_player_name_then_number( $post_id );
+										echo esc_html( sp_get_player_name_then_number( $post_id ) );
 										break;
 									default:  // 'jersey'
-										echo sp_get_player_name_with_number( $post_id );
+										echo esc_html( sp_get_player_name_with_number( $post_id ) );
 									}
 								?>
 							</label>
diff --git a/templates/event-blocks.php b/templates/event-blocks.php
index 9f79d16b..bd0939f6 100644
--- a/templates/event-blocks.php
+++ b/templates/event-blocks.php
@@ -174,13 +174,13 @@ if ( $title )
 							<?php do_action( 'sportspress_event_blocks_before', $event, $usecolumns ); ?>
 							<?php echo implode( ' ', $logos ); ?>
 							<time class="sp-event-date" datetime="<?php echo $event->post_date; ?>" itemprop="startDate" content="<?php echo mysql2date( 'Y-m-d\TH:iP', $event->post_date ); ?>">
-								<?php echo sp_add_link( get_the_time( get_option( 'date_format' ), $event ), $permalink, $link_events ); ?>
+								<?php echo esc_html( sp_add_link( get_the_time( get_option( 'date_format' ), $event ), $permalink, $link_events ) ); ?>
 							</time>
 							<?php if ( $show_matchday ): $matchday = get_post_meta( $event->ID, 'sp_day', true ); if ( $matchday != '' ): ?>
-								<div class="sp-event-matchday">(<?php echo $matchday; ?>)</div>
+								<div class="sp-event-matchday">(<?php echo esc_html( $matchday ); ?>)</div>
 							<?php endif; endif; ?>
 							<h5 class="sp-event-results">
-								<?php echo sp_add_link( '<span class="sp-result '.$event_status.'">' . implode( '</span> - <span class="sp-result">', apply_filters( 'sportspress_event_blocks_team_result_or_time', $results, $event->ID ) ) . '</span>', $permalink, $link_events ); ?>
+								<?php echo esc_html( sp_add_link( '<span class="sp-result '.$event_status.'">' . implode( '</span> - <span class="sp-result">', apply_filters( 'sportspress_event_blocks_team_result_or_time', $results, $event->ID ) ) . '</span>', $permalink, $link_events ) ); ?>
 							</h5>
 							<?php if ( $show_league ): $leagues = get_the_terms( $event, 'sp_league' ); if ( $leagues ): $league = array_shift( $leagues ); ?>
 								<div class="sp-event-league"><?php echo $league->name; ?></div>
@@ -195,7 +195,7 @@ if ( $title )
 								<div style="display:none;" class="sp-event-venue" itemprop="location" itemscope itemtype="http://schema.org/Place"><div itemprop="address" itemscope itemtype="http://schema.org/PostalAddress"><?php _e( 'N/A', 'sportspress' ); ?></div></div>
 							<?php endif; ?>
 							<h4 class="sp-event-title" itemprop="name">
-								<?php echo sp_add_link( $event->post_title, $permalink, $link_events ); ?>
+								<?php echo esc_html( sp_add_link( $event->post_title, $permalink, $link_events ) ); ?>
 							</h4>
 							<?php do_action( 'sportspress_event_blocks_after', $event, $usecolumns ); ?>
 
