diff --git a/includes/admin/class-wc-accommodation-booking-admin-panels.php b/includes/admin/class-wc-accommodation-booking-admin-panels.php
index b8eade1a..138f5323 100644
--- a/includes/admin/class-wc-accommodation-booking-admin-panels.php
+++ b/includes/admin/class-wc-accommodation-booking-admin-panels.php
@@ -170,7 +170,7 @@ public function save_product_data( $post_id ) {
 		);
 
 		foreach ( $meta_to_save as $meta_key => $sanitize ) {
-			$value = ! empty( $_POST[ $meta_key ] ) ? $_POST[ $meta_key ] : '';
+			$value = sanitize_text_field( wp_unslash( $_POST[ $meta_key ] ?? '' ) );
 			switch ( $sanitize ) {
 				case 'int' :
 					$value = $value ? absint( $value ) : '';
@@ -190,8 +190,6 @@ public function save_product_data( $post_id ) {
 						$value = 1;
 					}
 					break;
-				default :
-					$value = sanitize_text_field( $value );
 			}
 
 			$meta_key = str_replace( '_wc_accommodation_booking_', '_wc_booking_', $meta_key );
@@ -242,11 +240,34 @@ public function save_product_data( $post_id ) {
 
 		// Resources
 		if ( isset( $_POST['resource_id'] ) && isset( $_POST['_wc_booking_has_resources'] ) ) {
-			$resource_ids         = $_POST['resource_id'];
-			$resource_menu_order  = $_POST['resource_menu_order'];
-			$resource_base_cost   = $_POST['resource_cost'];
-			$resource_block_cost  = $_POST['resource_block_cost'];
-			$max_loop             = max( array_keys( $_POST['resource_id'] ) );
+			$resource_data = filter_input_array(
+				INPUT_POST,
+				array(
+					'resource_id'         => array(
+						'filter' => FILTER_VALIDATE_INT,
+						'flags'  => FILTER_REQUIRE_ARRAY,
+					),
+					'resource_menu_order' => array(
+						'filter' => FILTER_VALIDATE_INT,
+						'flags'  => FILTER_REQUIRE_ARRAY,
+					),
+					'resource_cost'       => array(
+						'filter' => FILTER_VALIDATE_FLOAT,
+						'flags'  => FILTER_REQUIRE_ARRAY,
+					),
+					'resource_block_cost' => array(
+						'filter' => FILTER_VALIDATE_FLOAT,
+						'flags'  => FILTER_REQUIRE_ARRAY,
+					),
+				)
+			);
+			$resource_ids        = $resource_data['resource_id'];
+			$resource_menu_order = $resource_data['resource_menu_order'];
+			$resource_base_cost  = $resource_data['resource_cost'];
+			$resource_block_cost = $resource_data['resource_block_cost'];
+
+			$max_loop = max( array_keys( $resource_ids ) );
+
 			$resource_base_costs  = array();
 			$resource_block_costs = array();
 
@@ -260,11 +281,11 @@ public function save_product_data( $post_id ) {
 				$wpdb->update(
 					"{$wpdb->prefix}wc_booking_relationships",
 					array(
-						'sort_order'  => $resource_menu_order[ $i ]
+						'sort_order'  => absint( $resource_menu_order[ $i ] ),
 					),
 					array(
 						'product_id'  => $post_id,
-						'resource_id' => $resource_id
+						'resource_id' => $resource_id,
 					)
 				);
 
@@ -314,16 +335,53 @@ public function save_product_data( $post_id ) {
 
 		// Person Types
 		if ( isset( $_POST['person_id'] ) && isset( $_POST['_wc_booking_has_persons'] ) ) {
-			$person_ids         = $_POST['person_id'];
-			$person_menu_order  = $_POST['person_menu_order'];
-			$person_name        = $_POST['person_name'];
-			$person_cost        = $_POST['person_cost'];
-			$person_block_cost  = $_POST['person_block_cost'];
-			$person_description = $_POST['person_description'];
-			$person_min         = $_POST['person_min'];
-			$person_max         = $_POST['person_max'];
-
-			$max_loop = max( array_keys( $_POST['person_id'] ) );
+			$person_data = filter_input_array(
+				INPUT_POST,
+				array(
+					'person_id'          => array(
+						'filter' => FILTER_VALIDATE_INT,
+						'flags'  => FILTER_REQUIRE_ARRAY,
+					),
+					'person_menu_order'  => array(
+						'filter' => FILTER_VALIDATE_INT,
+						'flags'  => FILTER_REQUIRE_ARRAY,
+					),
+					'person_name'        => array(
+						'filter' => FILTER_DEFAULT,
+						'flags'  => FILTER_REQUIRE_ARRAY,
+					),
+					'person_cost'        => array(
+						'filter' => FILTER_VALIDATE_FLOAT,
+						'flags'  => FILTER_REQUIRE_ARRAY,
+					),
+					'person_block_cost'  => array(
+						'filter' => FILTER_VALIDATE_FLOAT,
+						'flags'  => FILTER_REQUIRE_ARRAY,
+					),
+					'person_description' => array(
+						'filter' => FILTER_DEFAULT,
+						'flags'  => FILTER_REQUIRE_ARRAY,
+					),
+					'person_min'         => array(
+						'filter' => FILTER_VALIDATE_INT,
+						'flags'  => FILTER_REQUIRE_ARRAY,
+					),
+					'person_max'         => array(
+						'filter' => FILTER_VALIDATE_INT,
+						'flags'  => FILTER_REQUIRE_ARRAY,
+					),
+				)
+			);
+			$person_ids         = $person_data['person_id'];
+			$person_menu_order  = $person_data['person_menu_order'];
+			$person_name        = $person_data['person_name'];
+			$person_cost        = $person_data['person_cost'];
+			$person_block_cost  = $person_data['person_block_cost'];
+			$person_description = $person_data['person_description'];
+			$person_min         = $person_data['person_min'];
+			$person_max         = $person_data['person_max'];
+
+			$max_loop = max( array_keys( $person_ids ) );
 
 			for ( $i = 0; $i <= $max_loop; $i ++ ) {
 				if ( ! isset( $person_ids[ $i ] ) ) {
@@ -336,21 +394,13 @@ public function save_product_data( $post_id ) {
 					$person_name[ $i ] = sprintf( __( 'Person Type #%d', 'woocommerce-bookings' ), ( $i + 1 ) );
 				}
 
-				$wpdb->update(
-					$wpdb->posts,
+				wp_update_post(
 					array(
+						'ID'           => $person_id,
 						'post_title'   => stripslashes( $person_name[ $i ] ),
 						'post_excerpt' => stripslashes( $person_description[ $i ] ),
-						'menu_order'   => $person_menu_order[ $i ] ),
-					array(
-						'ID' => $person_id
-					),
-					array(
-						'%s',
-						'%s',
-						'%d'
-					),
-					array( '%d' )
+						'menu_order'   => $person_menu_order[ $i ],
+					)
 				);
 
 				update_post_meta( $person_id, 'cost', wc_clean( $person_cost[ $i ] ) );
diff --git a/includes/admin/class-wc-accommodation-booking-admin-product-settings.php b/includes/admin/class-wc-accommodation-booking-admin-product-settings.php
index 63a74d86..4fbc4af9 100644
--- a/includes/admin/class-wc-accommodation-booking-admin-product-settings.php
+++ b/includes/admin/class-wc-accommodation-booking-admin-product-settings.php
@@ -218,7 +218,7 @@ public function generate_accommodation_time_html( $key, $value ) {
 			<th scope="row" class="titledesc">
 				<label for="<?php echo esc_attr( $field_key ); ?>"><?php echo esc_html( $value['title'] ); ?></label>
 			</th>
-			<td class="forminp forminp-<?php echo sanitize_title( $value['type'] ) ?>">
+			<td class="forminp forminp-<?php echo esc_attr( sanitize_title( $value['type'] ) ) ?>">
 				<input
 					name="<?php echo esc_attr( $field_key ); ?>"
 					id="<?php echo esc_attr( $field_key ); ?>"
diff --git a/includes/admin/views/html-accommodation-booking-availability-fields.php b/includes/admin/views/html-accommodation-booking-availability-fields.php
index a656f24b..9f7a3d4b 100644
--- a/includes/admin/views/html-accommodation-booking-availability-fields.php
+++ b/includes/admin/views/html-accommodation-booking-availability-fields.php
@@ -43,10 +43,10 @@
 	<td>
 		<div class="select wc_booking_availability_type">
 			<select name="wc_accommodation_booking_availability_type[]">
-				<option value="custom" <?php selected( $availability['type'], 'custom' ); ?>><?php _e( 'Custom date range', 'woocommerce-accommodation-bookings' ); ?></option>
-				<option value="months" <?php selected( $availability['type'], 'months' ); ?>><?php _e( 'Range of months', 'woocommerce-accommodation-bookings' ); ?></option>
-				<option value="weeks" <?php selected( $availability['type'], 'weeks' ); ?>><?php _e( 'Range of weeks', 'woocommerce-accommodation-bookings' ); ?></option>
-				<option value="days" <?php selected( $availability['type'], 'days' ); ?>><?php _e( 'Range of days', 'woocommerce-accommodation-bookings' ); ?></option>
+				<option value="custom" <?php selected( $availability['type'], 'custom' ); ?>><?php esc_html_e( 'Custom date range', 'woocommerce-accommodation-bookings' ); ?></option>
+				<option value="months" <?php selected( $availability['type'], 'months' ); ?>><?php esc_html_e( 'Range of months', 'woocommerce-accommodation-bookings' ); ?></option>
+				<option value="weeks" <?php selected( $availability['type'], 'weeks' ); ?>><?php esc_html_e( 'Range of weeks', 'woocommerce-accommodation-bookings' ); ?></option>
+				<option value="days" <?php selected( $availability['type'], 'days' ); ?>><?php esc_html_e( 'Range of days', 'woocommerce-accommodation-bookings' ); ?></option>
 			</select>
 		</div>
 	</td>
@@ -105,8 +105,8 @@
 	<td>
 		<div class="select">
 			<select name="wc_accommodation_booking_availability_bookable[]">
-				<option value="no" <?php selected( isset( $availability['bookable'] ) && $availability['bookable'] == 'no', true ) ?>><?php _e( 'No', 'woocommerce-accommodation-bookings' ) ;?></option>
-				<option value="yes" <?php selected( isset( $availability['bookable'] ) && $availability['bookable'] == 'yes', true ) ?>><?php _e( 'Yes', 'woocommerce-accommodation-bookings' ) ;?></option>
+				<option value="no" <?php selected( isset( $availability['bookable'] ) && $availability['bookable'] == 'no', true ) ?>><?php esc_html_e( 'No', 'woocommerce-accommodation-bookings' ) ;?></option>
+				<option value="yes" <?php selected( isset( $availability['bookable'] ) && $availability['bookable'] == 'yes', true ) ?>><?php esc_html_e( 'Yes', 'woocommerce-accommodation-bookings' ) ;?></option>
 			</select>
 		</div>
 	</td>
diff --git a/includes/admin/views/html-accommodation-booking-availability.php b/includes/admin/views/html-accommodation-booking-availability.php
index f81f9030..85ef82da 100644
--- a/includes/admin/views/html-accommodation-booking-availability.php
+++ b/includes/admin/views/html-accommodation-booking-availability.php
@@ -9,13 +9,13 @@
 			$min_date_unit = get_post_meta( $post_id, '_wc_booking_min_date_unit', true );
 		?>
 		<p class="form-field">
-			<label for="_wc_accommodation_booking_min_date"><?php _e( 'Bookings can be made starting', 'woocommerce-accommodation-bookings' ); ?></label>
+			<label for="_wc_accommodation_booking_min_date"><?php esc_html_e( 'Bookings can be made starting', 'woocommerce-accommodation-bookings' ); ?></label>
 			<input type="number" name="_wc_accommodation_booking_min_date" id="_wc_accommodation_booking_min_date" value="<?php echo esc_attr( $min_date ); ?>" step="1" min="0" style="margin-right: 7px; width: 4em;">
 			<select name="_wc_accommodation_booking_min_date_unit" id="_wc_accommodation_booking_min_date_unit" class="short" style="margin-right: 7px;">
-				<option value="month" <?php selected( $min_date_unit, 'month' ); ?>><?php _e( 'Month(s)', 'woocommerce-accommodation-bookings' ); ?></option>
-				<option value="week" <?php selected( $min_date_unit, 'week' ); ?>><?php _e( 'Week(s)', 'woocommerce-accommodation-bookings' ); ?></option>
-				<option value="day" <?php selected( $min_date_unit, 'day' ); ?>><?php _e( 'Day(s)', 'woocommerce-accommodation-bookings' ); ?></option>
-			</select> <?php _e( 'into the future', 'woocommerce-accommodation-bookings' ); ?>
+				<option value="month" <?php selected( $min_date_unit, 'month' ); ?>><?php esc_html_e( 'Month(s)', 'woocommerce-accommodation-bookings' ); ?></option>
+				<option value="week" <?php selected( $min_date_unit, 'week' ); ?>><?php esc_html_e( 'Week(s)', 'woocommerce-accommodation-bookings' ); ?></option>
+				<option value="day" <?php selected( $min_date_unit, 'day' ); ?>><?php esc_html_e( 'Day(s)', 'woocommerce-accommodation-bookings' ); ?></option>
+			</select> <?php esc_html_e( 'into the future', 'woocommerce-accommodation-bookings' ); ?>
 		</p>
 		<?php
 			$max_date = get_post_meta( $post_id, '_wc_booking_max_date', true );
@@ -26,13 +26,13 @@
 			$max_date_unit = get_post_meta( $post_id, '_wc_booking_max_date_unit', true );
 		?>
 		<p class="form-field">
-			<label for="_wc_accommodation_booking_max_date"><?php _e( 'Bookings can only be made', 'woocommerce-accommodation-bookings' ); ?></label>
+			<label for="_wc_accommodation_booking_max_date"><?php esc_html_e( 'Bookings can only be made', 'woocommerce-accommodation-bookings' ); ?></label>
 			<input type="number" name="_wc_accommodation_booking_max_date" id="_wc_accommodation_booking_max_date" value="<?php echo esc_attr( $max_date ); ?>" step="1" min="1" style="margin-right: 7px; width: 4em;">
 			<select name="_wc_accommodation_booking_max_date_unit" id="_wc_accommodation_booking_max_date_unit" class="short" style="margin-right: 7px;">
-				<option value="month" <?php selected( $max_date_unit, 'month' ); ?>><?php _e( 'Month(s)', 'woocommerce-accommodation-bookings' ); ?></option>
-				<option value="week" <?php selected( $max_date_unit, 'week' ); ?>><?php _e( 'Week(s)', 'woocommerce-accommodation-bookings' ); ?></option>
-				<option value="day" <?php selected( $max_date_unit, 'day' ); ?>><?php _e( 'Day(s)', 'woocommerce-accommodation-bookings' ); ?></option>
-				</select> <?php _e( 'into the future', 'woocommerce-accommodation-bookings' ); ?>
+				<option value="month" <?php selected( $max_date_unit, 'month' ); ?>><?php esc_html_e( 'Month(s)', 'woocommerce-accommodation-bookings' ); ?></option>
+				<option value="week" <?php selected( $max_date_unit, 'week' ); ?>><?php esc_html_e( 'Week(s)', 'woocommerce-accommodation-bookings' ); ?></option>
+				<option value="day" <?php selected( $max_date_unit, 'day' ); ?>><?php esc_html_e( 'Day(s)', 'woocommerce-accommodation-bookings' ); ?></option>
+				</select> <?php esc_html_e( 'into the future', 'woocommerce-accommodation-bookings' ); ?>
 		</p>
 
 		<?php
@@ -69,11 +69,11 @@
 						__( 'Saturday', 'woocommerce-bookings' ),
 						);
 
-					for ( $i=0;  $i < 7;  $i++) { 
+					for ( $i=0;  $i < 7;  $i++) {
 						?>
 							<td>
-								<label class="checkbox" for="_wc_accommodation_booking_restricted_days[<?php echo $i; ?>]" style="width: auto;"><?php echo $weekdays[ $i ]; ?>&nbsp;</label>
-								<input type="checkbox" class="checkbox" name="_wc_accommodation_booking_restricted_days[<?php echo $i; ?>]" id="_wc_accommodation_booking_restricted_days[<?php echo $i; ?>]" value="<?php echo $i; ?>" <?php checked( $restricted_days[ $i ], $i ); ?>>
+								<label class="checkbox" for="_wc_accommodation_booking_restricted_days[<?php echo esc_attr( $i ); ?>]" style="width: auto;"><?php echo esc_html( $weekdays[ $i ] ); ?>&nbsp;</label>
+								<input type="checkbox" class="checkbox" name="_wc_accommodation_booking_restricted_days[<?php echo esc_attr( $i ); ?>]" id="_wc_accommodation_booking_restricted_days[<?php echo esc_attr( $i ); ?>]" value="<?php echo esc_attr( $i ); ?>" <?php checked( $restricted_days[ $i ], $i ); ?>>
 							</td>
 						<?php
 					}
@@ -128,4 +128,4 @@
 		</div>
 	</div>
 
-</div>
\ No newline at end of file
+</div>
diff --git a/includes/admin/views/html-accommodation-booking-data.php b/includes/admin/views/html-accommodation-booking-data.php
index a99bb25c..a7c89239 100644
--- a/includes/admin/views/html-accommodation-booking-data.php
+++ b/includes/admin/views/html-accommodation-booking-data.php
@@ -62,15 +62,15 @@
 		$cancel_limit_unit = get_post_meta( $post_id, '_wc_booking_cancel_limit_unit', true );
 	?>
 	<p class="form-field accommodation-booking-cancel-limit">
-		<label for="_wc_accommodation_booking_cancel_limit"><?php _e( 'Cancellation up till', 'woocommerce-accommodation-bookings' ); ?></label>
+		<label for="_wc_accommodation_booking_cancel_limit"><?php esc_html_e( 'Cancellation up till', 'woocommerce-accommodation-bookings' ); ?></label>
 		<input type="number" name="_wc_accommodation_booking_cancel_limit" id="_wc_accommodation_booking_cancel_limit" value="<?php echo esc_attr( $cancel_limit ); ?>" step="1" min="1" style="margin-right: 7px; width: 4em;">
 		<select name="_wc_accommodation_booking_cancel_limit_unit" id="_wc_accommodation_booking_cancel_limit_unit" class="short" style="width: auto; margin-right: 7px;">
-			<option value="month" <?php selected( $cancel_limit_unit, 'month' ); ?>><?php _e( 'Month(s)', 'woocommerce-accommodation-bookings' ); ?></option>
-			<option value="day" <?php selected( $cancel_limit_unit, 'day' ); ?>><?php _e( 'Day(s)', 'woocommerce-accommodation-bookings' ); ?></option>
-			<option value="hour" <?php selected( $cancel_limit_unit, 'hour' ); ?>><?php _e( 'Hour(s)', 'woocommerce-accommodation-bookings' ); ?></option>
-			<option value="minute" <?php selected( $cancel_limit_unit, 'minute' ); ?>><?php _e( 'Minute(s)', 'woocommerce-accommodation-bookings' ); ?></option>
+			<option value="month" <?php selected( $cancel_limit_unit, 'month' ); ?>><?php esc_html_e( 'Month(s)', 'woocommerce-accommodation-bookings' ); ?></option>
+			<option value="day" <?php selected( $cancel_limit_unit, 'day' ); ?>><?php esc_html_e( 'Day(s)', 'woocommerce-accommodation-bookings' ); ?></option>
+			<option value="hour" <?php selected( $cancel_limit_unit, 'hour' ); ?>><?php esc_html_e( 'Hour(s)', 'woocommerce-accommodation-bookings' ); ?></option>
+			<option value="minute" <?php selected( $cancel_limit_unit, 'minute' ); ?>><?php esc_html_e( 'Minute(s)', 'woocommerce-accommodation-bookings' ); ?></option>
 		</select>
-		<span class="description"><?php _e( 'before check-in.', 'woocommerce-accommodation-bookings' ); ?></span>
+		<span class="description"><?php esc_html_e( 'before check-in.', 'woocommerce-accommodation-bookings' ); ?></span>
 	</p>
 
 	<script type="text/javascript">
diff --git a/includes/admin/views/html-accommodation-booking-rates-fields.php b/includes/admin/views/html-accommodation-booking-rates-fields.php
index 8391fddd..31a7f095 100644
--- a/includes/admin/views/html-accommodation-booking-rates-fields.php
+++ b/includes/admin/views/html-accommodation-booking-rates-fields.php
@@ -40,10 +40,10 @@
 	<td>
 		<div class="select wc_booking_availability_type">
 			<select name="wc_accommodation_booking_pricing_type[]">
-				<option value="custom" <?php selected( $rate['type'], 'custom' ); ?>><?php _e( 'Range of certain nights', 'woocommerce-accommodation-bookings' ); ?></option>
-				<option value="months" <?php selected( $rate['type'], 'months' ); ?>><?php _e( 'Range of months', 'woocommerce-accommodation-bookings' ); ?></option>
-				<option value="weeks" <?php selected( $rate['type'], 'weeks' ); ?>><?php _e( 'Range of weeks', 'woocommerce-accommodation-bookings' ); ?></option>
-				<option value="days" <?php selected( $rate['type'], 'days' ); ?>><?php _e( 'Range of nights during the week', 'woocommerce-accommodation-bookings' ); ?></option>
+				<option value="custom" <?php selected( $rate['type'], 'custom' ); ?>><?php esc_html_e( 'Range of certain nights', 'woocommerce-accommodation-bookings' ); ?></option>
+				<option value="months" <?php selected( $rate['type'], 'months' ); ?>><?php esc_html_e( 'Range of months', 'woocommerce-accommodation-bookings' ); ?></option>
+				<option value="weeks" <?php selected( $rate['type'], 'weeks' ); ?>><?php esc_html_e( 'Range of weeks', 'woocommerce-accommodation-bookings' ); ?></option>
+				<option value="days" <?php selected( $rate['type'], 'days' ); ?>><?php esc_html_e( 'Range of nights during the week', 'woocommerce-accommodation-bookings' ); ?></option>
 			</select>
 		</div>
 	</td>
@@ -107,14 +107,14 @@
 		<input type="number" step="0.01" name="wc_accommodation_booking_pricing_block_cost[]" value="<?php
 		// Handle legacy
 		if ( ! empty( $rate['override_block'] ) ) {
-			echo $rate['override_block'];
+			echo esc_attr( $rate['override_block'] );
 		} else if ( ! empty( $rate['modifier'] ) && isset( $rate['cost'] ) ) {
 			$base_cost = abs( floatval( get_post_meta( $post_id, '_wc_booking_base_cost', true ) ) );
 
 			if ( 'plus' == $rate['modifier'] ) {
-				echo $base_cost + $rate['cost'];
+				echo esc_attr( $base_cost + $rate['cost'] );
 			} else {
-				echo $base_cost - $rate['cost'];
+				echo esc_attr( $base_cost - $rate['cost'] );
 			}
 		}
 		?>" placeholder="0" />
diff --git a/includes/admin/views/html-accommodation-booking-tabs.php b/includes/admin/views/html-accommodation-booking-tabs.php
index 7696594a..d829f3d3 100644
--- a/includes/admin/views/html-accommodation-booking-tabs.php
+++ b/includes/admin/views/html-accommodation-booking-tabs.php
@@ -1,2 +1,2 @@
-<li class="accommodation_bookings_tab accommodation_bookings_availability_tab bookings_availability_tab advanced_options show_if_accommodation-booking"><a href="#accommodation_bookings_availability"><span><?php _e( 'Availability', 'woocommerce-accommodation-bookings' ); ?></span></a></li>
-<li class="accommodation_bookings_tab accommodation_bookings_pricing_tab  bookings_pricing_tab advanced_options show_if_accommodation-booking"><a href="#accommodation_bookings_rates"><span><?php _e( 'Rates', 'woocommerce-accommodation-bookings' ); ?></span></a></li>
+<li class="accommodation_bookings_tab accommodation_bookings_availability_tab bookings_availability_tab advanced_options show_if_accommodation-booking"><a href="#accommodation_bookings_availability"><span><?php esc_html_e( 'Availability', 'woocommerce-accommodation-bookings' ); ?></span></a></li>
+<li class="accommodation_bookings_tab accommodation_bookings_pricing_tab  bookings_pricing_tab advanced_options show_if_accommodation-booking"><a href="#accommodation_bookings_rates"><span><?php esc_html_e( 'Rates', 'woocommerce-accommodation-bookings' ); ?></span></a></li>