Index: wp-admin/includes/template.php
===================================================================
--- wp-admin/includes/template.php	(revision 32302)
+++ wp-admin/includes/template.php	(working copy)
@@ -569,8 +569,8 @@
 <table id="list-table" style="display: none;">
 	<thead>
 	<tr>
-		<th class="left">' . _x( 'Name', 'meta name' ) . '</th>
-		<th>' . __( 'Value' ) . '</th>
+		<th class="left">' . esc_html_x( 'Name', 'meta name' ) . '</th>
+		<th>' . esc_html__( 'Value' ) . '</th>
 	</tr>
 	</thead>
 	<tbody id="the-list" data-wp-lists="list:meta">
@@ -584,8 +584,8 @@
 <table id="list-table">
 	<thead>
 	<tr>
-		<th class="left"><?php _ex( 'Name', 'meta name' ) ?></th>
-		<th><?php _e( 'Value' ) ?></th>
+		<th class="left"><?php echo esc_html_x( 'Name', 'meta name' ) ?></th>
+		<th><?php esc_html_e( 'Value' ) ?></th>
 	</tr>
 	</thead>
 	<tbody id='the-list' data-wp-lists='list:meta'>
@@ -830,7 +830,7 @@
 	ksort( $templates );
 	foreach ( array_keys( $templates ) as $template ) {
 		$selected = selected( $default, $templates[ $template ], false );
-		echo "\n\t<option value='" . $templates[ $template ] . "' $selected>$template</option>";
+		echo "\n\t<option value='" . esc_attr( $templates[ $template ] ) . "' $selected>" . esc_html( $template ) . "</option>";
 	}
 }
 
@@ -921,7 +921,7 @@
 <label for="upload"><?php _e( 'Choose a file from your computer:' ); ?></label> (<?php printf( __('Maximum size: %s' ), $size ); ?>)
 <input type="file" id="upload" name="import" size="25" />
 <input type="hidden" name="action" value="save" />
-<input type="hidden" name="max_file_size" value="<?php echo $bytes; ?>" />
+<input type="hidden" name="max_file_size" value="<?php esc_attr_e( $bytes ); ?>" />
 </p>
 <?php submit_button( __('Upload file and import'), 'button' ); ?>
 </form>
@@ -1069,7 +1069,7 @@
 					echo '<div id="' . $box['id'] . '" class="postbox ' . postbox_classes($box['id'], $page) . $hidden_class . '" ' . '>' . "\n";
 					if ( 'dashboard_browser_nag' != $box['id'] )
 						echo '<div class="handlediv" title="' . esc_attr__('Click to toggle') . '"><br /></div>';
-					echo "<h3 class='hndle'><span>{$box['title']}</span></h3>\n";
+					echo '<h3 class="hndle"><span>' . esc_html( $box['title'] ) . '</span></h3>' . "\n";
 					echo '<div class="inside">' . "\n";
 					call_user_func($box['callback'], $object, $box);
 					echo "</div>\n";
@@ -1297,7 +1297,7 @@
 
 	foreach ( (array) $wp_settings_sections[$page] as $section ) {
 		if ( $section['title'] )
-			echo "<h3>{$section['title']}</h3>\n";
+			echo '<h3>' . esc_html( $section['title'] ) . '</h3>' . "\n";
 
 		if ( $section['callback'] )
 			call_user_func( $section['callback'], $section );
@@ -1340,9 +1340,9 @@
 		echo "<tr{$class}>";
 
 		if ( ! empty( $field['args']['label_for'] ) ) {
-			echo '<th scope="row"><label for="' . esc_attr( $field['args']['label_for'] ) . '">' . $field['title'] . '</label></th>';
+			echo '<th scope="row"><label for="' . esc_attr( $field['args']['label_for'] ) . '">' . esc_html( $field['title'] ) . '</label></th>';
 		} else {
-			echo '<th scope="row">' . $field['title'] . '</th>';
+			echo '<th scope="row">' . esc_html( $field['title'] ) . '</th>';
 		}
 
 		echo '<td>';
@@ -1484,7 +1484,7 @@
 		$css_id = 'setting-error-' . $details['code'];
 		$css_class = $details['type'] . ' settings-error notice is-dismissible';
 		$output .= "<div id='$css_id' class='$css_class'> \n";
-		$output .= "<p><strong>{$details['message']}</strong></p>";
+		$output .= '<p><strong>' . esc_html( $details['message'] ) . '</strong></p>';
 		$output .= "</div> \n";
 	}
 	echo $output;
@@ -1589,7 +1589,7 @@
 	@header( 'Content-Type: ' . get_option( 'html_type' ) . '; charset=' . get_option( 'blog_charset' ) );
 	_wp_admin_html_begin();
 ?>
-<title><?php bloginfo('name') ?> &rsaquo; <?php echo $title ?> &#8212; <?php _e('WordPress'); ?></title>
+<title><?php bloginfo('name'); ?> &rsaquo; <?php esc_html_e( $title ); ?> &#8212; <?php _e('WordPress'); ?></title>
 <?php
 wp_enqueue_style( 'colors' );
 ?>
@@ -1598,8 +1598,8 @@
 function tb_close(){var win=window.dialogArguments||opener||parent||top;win.tb_remove();}
 var ajaxurl = '<?php echo admin_url( 'admin-ajax.php', 'relative' ); ?>',
 	pagenow = '<?php echo $current_screen->id; ?>',
-	typenow = '<?php echo $current_screen->post_type; ?>',
-	adminpage = '<?php echo $admin_body_class; ?>',
+	typenow = <?php echo wp_json_encode( $current_screen->post_type ); ?>,
+	adminpage = <?php echo wp_json_encode( $admin_body_class ); ?>,
 	thousandsSeparator = '<?php echo addslashes( $wp_locale->number_format['thousands_sep'] ); ?>',
 	decimalPoint = '<?php echo addslashes( $wp_locale->number_format['decimal_point'] ); ?>',
 	isRtl = <?php echo (int) is_rtl(); ?>;
@@ -1637,7 +1637,7 @@
 /** This filter is documented in wp-admin/admin-header.php */
 $admin_body_classes = apply_filters( 'admin_body_class', '' );
 ?>
-<body<?php if ( isset($GLOBALS['body_id']) ) echo ' id="' . $GLOBALS['body_id'] . '"'; ?> class="wp-admin wp-core-ui no-js iframe <?php echo $admin_body_classes . ' ' . $admin_body_class; ?>">
+<body<?php if ( isset($GLOBALS['body_id']) ) echo ' id="' . esc_attr( $GLOBALS['body_id'] ) . '"'; ?> class="wp-admin wp-core-ui no-js iframe <?php echo esc_attr( $admin_body_classes ) . ' ' . esc_attr( $admin_body_class ); ?>">
 <script type="text/javascript">
 (function(){
 var c = document.body.className;
@@ -1719,7 +1719,7 @@
 		foreach ( $post_states as $state ) {
 			++$i;
 			( $i == $state_count ) ? $sep = '' : $sep = ', ';
-			echo "<span class='post-state'>$state$sep</span>";
+			echo '<span class="post-state">' . esc_html( $state . $sep ) . '</span>';
 		}
 	}
 
@@ -1758,7 +1758,7 @@
 		foreach ( $media_states as $state ) {
 			++$i;
 			( $i == $state_count ) ? $sep = '' : $sep = ', ';
-			echo "<span class='post-state'>$state$sep</span>";
+			echo '<span class="post-state">' . esc_html( $state . $sep ) . '</span>';
 		}
 	}
 }
@@ -2233,7 +2233,7 @@
 	echo '<span class="screen-reader-text">' . $title . '</span>';
 	echo str_repeat( '<div class="star star-full"></div>', $full_stars );
 	echo str_repeat( '<div class="star star-half"></div>', $half_stars );
-	echo str_repeat( '<div class="star star-empty"></div>', $empty_stars);
+	echo str_repeat( '<div class="star star-empty"></div>', $empty_stars );
 	echo '</div>';
 }
 
@@ -2244,5 +2244,5 @@
  * @since 4.2.0
  */
 function _wp_posts_page_notice() {
-	echo '<div class="notice notice-warning inline"><p>' . __( 'You are currently editing the page that shows your latest posts.' ) . '</p></div>';
+	echo '<div class="notice notice-warning inline"><p>' . esc_html__( 'You are currently editing the page that shows your latest posts.' ) . '</p></div>';
 }