Index: includes/plugin-install.php
===================================================================
--- includes/plugin-install.php	(revision 10849)
+++ includes/plugin-install.php	(working copy)
@@ -138,7 +138,7 @@
 	$tags = array();
 	foreach ( (array)$api_tags as $tag )
 		$tags[ $tag['name'] ] = (object) array(
-								'link' => clean_url( admin_url('plugin-install.php?tab=search&type=tag&s=' . urlencode($tag['name'])) ),
+								'link' => clean_url( admin_url('plugin-install.php?tab=search&amp;type=tag&amp;s=' . urlencode($tag['name'])) ),
 								'name' => $tag['name'],
 								'id' => sanitize_title_with_dashes($tag['name']),
 								'count' => $tag['count'] );
Index: includes/plugin.php
===================================================================
--- includes/plugin.php	(revision 10849)
+++ includes/plugin.php	(working copy)
@@ -406,7 +406,7 @@
 		$checked[] = 'checked[]=' . $plugin;
 
 	ob_start();
-	$url = wp_nonce_url('plugins.php?action=delete-selected&verify-delete=1&' . implode('&', $checked), 'bulk-manage-plugins');
+	$url = wp_nonce_url('plugins.php?action=delete-selected&amp;verify-delete=1&amp;' . implode('&', $checked), 'bulk-manage-plugins');
 	if ( false === ($credentials = request_filesystem_credentials($url)) ) {
 		$data = ob_get_contents();
 		ob_end_clean();
Index: includes/post.php
===================================================================
--- includes/post.php	(revision 10849)
+++ includes/post.php	(working copy)
@@ -800,8 +800,8 @@
 
 	$post_status_q = '';
 	if ( isset($q['post_status']) && in_array( $q['post_status'], array_keys($post_stati) ) ) {
-		$post_status_q = '&post_status=' . $q['post_status'];
-		$post_status_q .= '&perm=readable';
+		$post_status_q = '&amp;post_status=' . $q['post_status'];
+		$post_status_q .= '&amp;perm=readable';
 	}
 
 	if ( isset($q['post_status']) && 'pending' === $q['post_status'] ) {
@@ -820,7 +820,7 @@
 		$posts_per_page = 15;
 	$posts_per_page = apply_filters('edit_posts_per_page', $posts_per_page);
 
-	wp("post_type=post&what_to_show=posts$post_status_q&posts_per_page=$posts_per_page&order=$order&orderby=$orderby");
+	wp("post_type=post&amp;what_to_show=posts$post_status_q&amp;posts_per_page=$posts_per_page&amp;order=$order&amp;orderby=$orderby");
 
 	return array($post_stati, $avail_post_stati);
 }
@@ -1354,7 +1354,7 @@
 
 <?php
 	if ( $concatenate_scripts )
-		echo "<script type='text/javascript' src='$baseurl/wp-tinymce.php?c=$zip&ver=$ver'></script>\n";
+		echo "<script type='text/javascript' src='$baseurl/wp-tinymce.php?c=$zip&amp;ver=$ver'></script>\n";
 	else
 		echo "<script type='text/javascript' src='$baseurl/tiny_mce.js?ver=$ver'></script>\n";
 
Index: includes/template.php
===================================================================
--- includes/template.php	(revision 10849)
+++ includes/template.php	(working copy)
@@ -501,7 +501,7 @@
 		$args['popular_cats'] = get_terms( 'category', array( 'fields' => 'ids', 'orderby' => 'count', 'order' => 'DESC', 'number' => 10, 'hierarchical' => false ) );
 
 	if ( $descendants_and_self ) {
-		$categories = get_categories( "child_of=$descendants_and_self&hierarchical=0&hide_empty=0" );
+		$categories = get_categories( "child_of=$descendants_and_self&amp;hierarchical=0&amp;hide_empty=0" );
 		$self = get_category( $descendants_and_self );
 		array_unshift( $categories, $self );
 	} else {
@@ -598,7 +598,7 @@
 		$checked_categories[] = $default;
 	}
 
-	$categories = get_terms('link_category', 'orderby=count&hide_empty=0');
+	$categories = get_terms('link_category', 'orderby=count&amp;hide_empty=0');
 
 	if ( empty($categories) )
 		return;
@@ -2060,10 +2060,10 @@
 	else
 		$ptime = mysql2date(__('Y/m/d \a\t g:i A'), $comment->comment_date );
 
-	$delete_url = clean_url( wp_nonce_url( "comment.php?action=deletecomment&p=$post->ID&c=$comment->comment_ID", "delete-comment_$comment->comment_ID" ) );
-	$approve_url = clean_url( wp_nonce_url( "comment.php?action=approvecomment&p=$post->ID&c=$comment->comment_ID", "approve-comment_$comment->comment_ID" ) );
-	$unapprove_url = clean_url( wp_nonce_url( "comment.php?action=unapprovecomment&p=$post->ID&c=$comment->comment_ID", "unapprove-comment_$comment->comment_ID" ) );
-	$spam_url = clean_url( wp_nonce_url( "comment.php?action=deletecomment&dt=spam&p=$post->ID&c=$comment->comment_ID", "delete-comment_$comment->comment_ID" ) );
+	$delete_url = clean_url( wp_nonce_url( "comment.php?action=deletecomment&amp;p=$post->ID&amp;c=$comment->comment_ID", "delete-comment_$comment->comment_ID" ) );
+	$approve_url = clean_url( wp_nonce_url( "comment.php?action=approvecomment&amp;p=$post->ID&amp;c=$comment->comment_ID", "approve-comment_$comment->comment_ID" ) );
+	$unapprove_url = clean_url( wp_nonce_url( "comment.php?action=unapprovecomment&amp;p=$post->ID&amp;c=$comment->comment_ID", "unapprove-comment_$comment->comment_ID" ) );
+	$spam_url = clean_url( wp_nonce_url( "comment.php?action=deletecomment&amp;dt=spam&amp;p=$post->ID&amp;c=$comment->comment_ID", "delete-comment_$comment->comment_ID" ) );
 
 	echo "<tr id='comment-$comment->comment_ID' class='$the_comment_status'>";
 	$columns = get_column_headers('edit-comments');
Index: includes/theme-install.php
===================================================================
--- includes/theme-install.php	(revision 10849)
+++ includes/theme-install.php	(working copy)
@@ -154,7 +154,7 @@
 	$tags = array();
 	foreach ( (array)$api_tags as $tag ) {
 		$tags[ $tag['name'] ] = (object) array(
-								'link' => clean_url( admin_url('theme-install.php?tab=search&type=tag&s=' . urlencode($tag['name'])) ),
+								'link' => clean_url( admin_url('theme-install.php?tab=search&amp;type=tag&amp;s=' . urlencode($tag['name'])) ),
 								'name' => $tag['name'],
 								'id' => sanitize_title_with_dashes($tag['name']),
 								'count' => $tag['count'] );
