diff --git src/wp-includes/class-wp-customize-control.php src/wp-includes/class-wp-customize-control.php
index dcebb0f..ef32508 100644
--- src/wp-includes/class-wp-customize-control.php
+++ src/wp-includes/class-wp-customize-control.php
@@ -223,8 +223,8 @@ class WP_Customize_Control {
 		$this->json['active']      = $this->active();
 		$this->json['section']     = $this->section;
 		$this->json['content']     = $this->get_content();
-		$this->json['label']       = $this->label;
-		$this->json['description'] = $this->description;
+		$this->json['label']       = wp_decode_entities( $this->label );
+		$this->json['description'] = wp_decode_entities( $this->description );
 	}
 
 	/**
diff --git src/wp-includes/class-wp-customize-setting.php src/wp-includes/class-wp-customize-setting.php
index 7d3511c..de82039 100644
--- src/wp-includes/class-wp-customize-setting.php
+++ src/wp-includes/class-wp-customize-setting.php
@@ -372,8 +372,9 @@ class WP_Customize_Setting {
 		 */
 		$value = apply_filters( "customize_sanitize_js_{$this->id}", $this->value(), $this );
 
-		if ( is_string( $value ) )
-			return html_entity_decode( $value, ENT_QUOTES, 'UTF-8');
+		if ( is_string( $value ) ) {
+			$value = wp_decode_entities( $value );
+		}
 
 		return $value;
 	}
diff --git src/wp-includes/formatting.php src/wp-includes/formatting.php
index 411eaa8..8be14aa 100644
--- src/wp-includes/formatting.php
+++ src/wp-includes/formatting.php
@@ -3104,6 +3104,24 @@ function htmlentities2($myHTML) {
 }
 
 /**
+ * Decode all (HTML) entities into characters in the blog's charset.
+ *
+ * Useful to export a string into JavaScript, passing into wp_json_encode()
+ *
+ * @since 4.1.0
+ *
+ * @param string $string  The text with encoded entities.
+ * @return string  Decoded text.
+ */
+function wp_decode_entities( $string ) {
+	$quote_style = ENT_QUOTES;
+	if ( defined( 'ENT_HTML5' ) ) {
+		$quote_style |= ENT_HTML5;
+	}
+	return html_entity_decode( $string, $quote_style, get_bloginfo( 'charset' ) );
+}
+
+/**
  * Escape single quotes, htmlspecialchar " < > &, and fix line endings.
  *
  * Escapes text strings for echoing in JS. It is intended to be used for inline JS
diff --git tests/phpunit/tests/formatting/WPDecodeEntities.php tests/phpunit/tests/formatting/WPDecodeEntities.php
new file mode 100644
index 0000000..b78db5a
--- /dev/null
+++ tests/phpunit/tests/formatting/WPDecodeEntities.php
@@ -0,0 +1,29 @@
+<?php
+/**
+ * encoding: utf-8
+ */
+
+/**
+ * @group formatting
+ */
+class Tests_Formatting_WPDecodeEntities extends WP_UnitTestCase {
+
+	function setUp() {
+		parent::setUp();
+		if ( 'UTF-8' !== strtoupper( get_bloginfo( 'charset' ) ) ) {
+			$this->markTestSkipped( 'Blog must be in UTF-8 since this is the encoding used in the source file.' );
+		}
+	}
+
+	function test_decode_quotes() {
+		$encoded = 'This&#39;s &quot;the&#34; thing&apos;s thing.';
+		$decoded = 'This\'s "the" thing\'s thing.';
+		$this->assertEquals( $decoded, wp_decode_entities( $encoded ) );
+	}
+
+	function test_decode_non_ascii() {
+		$encoded = 'This&rsquo;s &ldquo;the&#8221; thing&#8217;s thing.';
+		$decoded = 'This’s “the” thing’s thing.';
+		$this->assertEquals( $decoded, wp_decode_entities( $encoded ) );
+	}
+}