diff --git a/lib/Form/Block/BlockRendererHelper.php b/lib/Form/Block/BlockRendererHelper.php
index f09d0e986f..49aeb1b52d 100644
--- a/lib/Form/Block/BlockRendererHelper.php
+++ b/lib/Form/Block/BlockRendererHelper.php
@@ -81,7 +81,7 @@ class BlockRendererHelper {
         if (is_bool($value)) {
           $value = ($value) ? 'true' : 'false';
         }
-        $validation[] = 'data-parsley-' . $rule . '="' . $value . '"';
+        $validation[] = 'data-parsley-' . $rule . '="' . $this->wp->escAttr($value) . '"';
       }
     }
     return join(' ', $validation);
@@ -132,7 +132,7 @@ class BlockRendererHelper {
     if (isset($styles['bold'])) {
       $rules[] = 'font-weight: bold;';
     }
-    return $rules ? 'style="' . implode("", $rules) . '"' : '';
+    return $rules ? 'style="' . $this->wp->escAttr(implode("", $rules)) . '"' : '';
   }
 
   public function renderInputPlaceholder(array $block): string {
@@ -168,7 +168,7 @@ class BlockRendererHelper {
   public function getFieldLabel(array $block = []): string {
     return (isset($block['params']['label'])
             && strlen(trim($block['params']['label'])) > 0)
-            ? trim($block['params']['label']) : '';
+            ? $this->wp->escHtml(trim($block['params']['label'])) : '';
   }
 
   public function getFieldValue($block = []) {
diff --git a/lib/Form/Block/Checkbox.php b/lib/Form/Block/Checkbox.php
index 1e32c4f2a2..710c4a5fa6 100644
--- a/lib/Form/Block/Checkbox.php
+++ b/lib/Form/Block/Checkbox.php
@@ -3,6 +3,7 @@
 namespace MailPoet\Form\Block;
 
 use MailPoet\Form\BlockWrapperRenderer;
+use MailPoet\WP\Functions as WPFunctions;
 
 class Checkbox {
 
@@ -12,9 +13,13 @@ class Checkbox {
   /** @var BlockWrapperRenderer */
   private $wrapper;
 
-  public function __construct(BlockRendererHelper $rendererHelper, BlockWrapperRenderer $wrapper) {
+  /** @var WPFunctions */
+  private $wp;
+
+  public function __construct(BlockRendererHelper $rendererHelper, BlockWrapperRenderer $wrapper, WPFunctions $wp) {
     $this->rendererHelper = $rendererHelper;
     $this->wrapper = $wrapper;
+    $this->wp = $wp;
   }
 
   public function render(array $block, array $formSettings): string {
@@ -51,12 +56,12 @@ class Checkbox {
 
       $html .= $fieldValidation;
 
-      $html .= ' /> ' . $option['value'];
+      $html .= ' /> ' . $this->wp->escHtml($option['value']);
 
       $html .= '</label>';
     }
 
-    $html .= '<span class="mailpoet_error_' . $block['id'] . '"></span>';
+    $html .= '<span class="mailpoet_error_' . $this->wp->escAttr($block['id']) . '"></span>';
 
     return $this->wrapper->render($block, $html);
   }
diff --git a/lib/Form/Block/Column.php b/lib/Form/Block/Column.php
index e33a71e4dd..c5563dd6fb 100644
--- a/lib/Form/Block/Column.php
+++ b/lib/Form/Block/Column.php
@@ -2,14 +2,23 @@
 
 namespace MailPoet\Form\Block;
 
+use MailPoet\WP\Functions as WPFunctions;
+
 class Column {
+  /** @var WPFunctions */
+  private $wp;
+
+  public function __construct(WPFunctions $wp) {
+    $this->wp = $wp;
+  }
+
   public function render(array $block, string $content): string {
     return "<div {$this->getClass($block['params'])}{$this->getStyles($block['params'])}>$content</div>";
   }
 
   private function getStyles(array $params): string {
     if (isset($params['width'])) {
-      return " style=\"flex-basis:{$params['width']}%;\"";
+      return " style=\"flex-basis:{$this->wp->escAttr($params['width'])}%;\"";
     }
     return '';
   }
@@ -23,6 +32,6 @@ class Column {
       $classes[] = $params['class_name'];
     }
     $classes = implode(' ', $classes);
-    return "class=\"$classes\"";
+    return "class=\"{$this->wp->escAttr($classes)}\"";
   }
 }
diff --git a/lib/Form/Block/Columns.php b/lib/Form/Block/Columns.php
index 2cca686787..cf1a46827d 100644
--- a/lib/Form/Block/Columns.php
+++ b/lib/Form/Block/Columns.php
@@ -2,7 +2,16 @@
 
 namespace MailPoet\Form\Block;
 
+use MailPoet\WP\Functions as WPFunctions;
+
 class Columns {
+  /** @var WPFunctions */
+  private $wp;
+
+  public function __construct(WPFunctions $wp) {
+    $this->wp = $wp;
+  }
+
   public function render(array $block, string $content): string {
     return "<div {$this->getClass($block['params'] ?? [])}{$this->getStyles($block['params'] ?? [])}>$content</div>";
   }
@@ -19,7 +28,7 @@ class Columns {
       $styles[] = "background:{$params['gradient']};";
     }
     if (count($styles)) {
-      return ' style="' . implode('', $styles) . '"';
+      return ' style="' . $this->wp->escAttr(implode('', $styles)) . '"';
     }
     return '';
   }
@@ -39,6 +48,6 @@ class Columns {
       $classes[] = $params['class_name'];
     }
     $classes = implode(' ', $classes);
-    return "class=\"$classes\"";
+    return "class=\"{$this->wp->escAttr($classes)}\"";
   }
 }
diff --git a/lib/Form/Block/Date.php b/lib/Form/Block/Date.php
index 585ffa31b9..249a44e298 100644
--- a/lib/Form/Block/Date.php
+++ b/lib/Form/Block/Date.php
@@ -4,6 +4,7 @@ namespace MailPoet\Form\Block;
 
 use MailPoet\Form\BlockStylesRenderer;
 use MailPoet\Form\BlockWrapperRenderer;
+use MailPoet\WP\Functions as WPFunctions;
 
 class Date {
 
@@ -16,14 +17,19 @@ class Date {
   /** @var BlockStylesRenderer */
   private $blockStylesRenderer;
 
+  /** @var WPFunctions */
+  private $wp;
+
   public function __construct(
     BlockRendererHelper $rendererHelper,
     BlockStylesRenderer $blockStylesRenderer,
-    BlockWrapperRenderer $wrapper
+    BlockWrapperRenderer $wrapper,
+    WPFunctions $wp
   ) {
     $this->rendererHelper = $rendererHelper;
     $this->wrapper = $wrapper;
     $this->blockStylesRenderer = $blockStylesRenderer;
+    $this->wp = $wp;
   }
 
   public function render(array $block, array $formSettings): string {
@@ -55,7 +61,7 @@ class Date {
     foreach ($dateSelectors as $dateSelector) {
       if ($dateSelector === 'DD') {
         $html .= '<select class="mailpoet_date_day" ';
-        $html .= ' style="' . $this->blockStylesRenderer->renderForSelect([], $formSettings) . '"';
+        $html .= ' style="' . $this->wp->escAttr($this->blockStylesRenderer->renderForSelect([], $formSettings)) . '"';
         $html .= $this->rendererHelper->getInputValidation($block, [
           'required-message' => __('Please select a day', 'mailpoet'),
         ]);
@@ -64,7 +70,7 @@ class Date {
         $html .= '</select>';
       } else if ($dateSelector === 'MM') {
         $html .= '<select class="mailpoet_select mailpoet_date_month" data-automation-id="form_date_month" ';
-        $html .= ' style="' . $this->blockStylesRenderer->renderForSelect([], $formSettings) . '"';
+        $html .= ' style="' . $this->wp->escAttr($this->blockStylesRenderer->renderForSelect([], $formSettings)) . '"';
         $html .= $this->rendererHelper->getInputValidation($block, [
           'required-message' => __('Please select a month', 'mailpoet'),
         ]);
@@ -73,7 +79,7 @@ class Date {
         $html .= '</select>';
       } else if ($dateSelector === 'YYYY') {
         $html .= '<select class="mailpoet_date_year" data-automation-id="form_date_year" ';
-        $html .= ' style="' . $this->blockStylesRenderer->renderForSelect([], $formSettings) . '"';
+        $html .= ' style="' . $this->wp->escAttr($this->blockStylesRenderer->renderForSelect([], $formSettings)) . '"';
         $html .= $this->rendererHelper->getInputValidation($block, [
           'required-message' => __('Please select a year', 'mailpoet'),
         ]);
@@ -83,7 +89,7 @@ class Date {
       }
     }
 
-    $html .= '<span class="mailpoet_error_' . $block['id'] . '"></span>';
+    $html .= '<span class="mailpoet_error_' . $this->wp->escAttr($block['id']) . '"></span>';
 
     return $html;
   }
diff --git a/lib/Form/Block/Divider.php b/lib/Form/Block/Divider.php
index 1048335000..605f7f871f 100644
--- a/lib/Form/Block/Divider.php
+++ b/lib/Form/Block/Divider.php
@@ -2,7 +2,16 @@
 
 namespace MailPoet\Form\Block;
 
+use MailPoet\WP\Functions as WPFunctions;
+
 class Divider {
+  /** @var WPFunctions */
+  private $wp;
+
+  public function __construct(WPFunctions $wp) {
+    $this->wp = $wp;
+  }
+
   const DEFAULT_ATTRIBUTES = [
     'height' => 1,
     'type' => 'divider',
@@ -20,8 +29,8 @@ class Divider {
     if (!empty($block['params']['class_name'])) {
       $classes[] = $block['params']['class_name'];
     }
-    $classAttr = join(' ', $classes);
-    $height = $block['params']['height'] ?? self::DEFAULT_ATTRIBUTES['height'];
+    $classAttr = $this->wp->escAttr(join(' ', $classes));
+    $height = $this->wp->escAttr($block['params']['height'] ?? self::DEFAULT_ATTRIBUTES['height']);
     return "<div class='{$classAttr}' style='height: {$height}px;'>"
     . $this->renderDivider($block)
     . '</div>';
@@ -43,7 +52,7 @@ class Divider {
       "height: {$dividerHeight}px",
       "width: $width%",
     ];
-    $style = implode(";", $dividerStyles);
+    $style = $this->wp->escAttr(implode(";", $dividerStyles));
     return "<div class='mailpoet_divider' data-automation-id='form_divider' style='$style'></div>";
   }
 }
diff --git a/lib/Form/Block/Heading.php b/lib/Form/Block/Heading.php
index 74466337e1..1e4998dfed 100644
--- a/lib/Form/Block/Heading.php
+++ b/lib/Form/Block/Heading.php
@@ -2,7 +2,16 @@
 
 namespace MailPoet\Form\Block;
 
+use MailPoet\WP\Functions as WPFunctions;
+
 class Heading {
+  /** @var WPFunctions */
+  private $wp;
+
+  public function __construct(WPFunctions $wp) {
+    $this->wp = $wp;
+  }
+
   public function render(array $block): string {
     $content = ($block['params']['content'] ?? '');
     return $this->wrapContent($content, $block);
@@ -63,7 +72,7 @@ class Heading {
     }
 
     return 'class="'
-      . join(' ', $classes)
+      . $this->wp->escAttr(join(' ', $classes))
       . '"';
   }
 
@@ -94,7 +103,7 @@ class Heading {
       return '';
     }
     return 'style="'
-      . join('; ', $styles)
+      . $this->wp->escAttr(join('; ', $styles))
       . '"';
   }
 }
diff --git a/lib/Form/Block/Image.php b/lib/Form/Block/Image.php
index b7ef1a624b..b973ee4dd2 100644
--- a/lib/Form/Block/Image.php
+++ b/lib/Form/Block/Image.php
@@ -22,13 +22,13 @@ class Image {
   private function renderImage(array $params): string {
     $attributes = [];
     $styles = [];
-    $attributes[] = 'src="' . $params['url'] . '"';
-    $attributes[] = $params['alt'] ? 'alt="' . $params['alt'] . '"' : 'alt';
+    $attributes[] = 'src="' . $this->wp->escAttr($params['url']) . '"';
+    $attributes[] = $params['alt'] ? 'alt="' . $this->wp->escAttr($params['alt']) . '"' : 'alt';
     if ($params['title']) {
-      $attributes[] = 'title="' . $params['title'] . '"';
+      $attributes[] = 'title="' . $this->wp->escAttr($params['title']) . '"';
     }
     if ($params['id']) {
-      $attributes[] = 'class="wp-image-' . $params['id'] . '"';
+      $attributes[] = 'class="wp-image-' . $this->wp->escAttr($params['id']) . '"';
       $attributes[] = 'srcset="' . $this->wp->wpGetAttachmentImageSrcset(intval($params['id']), $params['size_slug']) . '"';
     }
     if ($params['width']) {
@@ -40,7 +40,7 @@ class Image {
       $styles[] = 'height: ' . intval($params['height']) . 'px';
     }
     if ($styles) {
-      $attributes[] = 'style="' . implode(';', $styles) . '"';
+      $attributes[] = 'style="' . $this->wp->escAttr(implode(';', $styles)) . '"';
     }
     return '<img ' . implode(' ', $attributes) . '>';
   }
@@ -55,26 +55,26 @@ class Image {
     if ($params['href']) {
       $img = $this->wrapToLink($params, $img);
     }
-    $caption = $params['caption'] ? "<figcaption>{$params['caption']}</figcaption>" : '';
-    $figure = '<figure class="' . implode(' ', $figureClasses) . '">' . $img . $caption . '</figure>';
+    $caption = $params['caption'] ? "<figcaption>{$this->wp->escHtml($params['caption'])}</figcaption>" : '';
+    $figure = '<figure class="' . $this->wp->escAttr(implode(' ', $figureClasses)) . '">' . $img . $caption . '</figure>';
     // Main wrapper
     $divClasses = ['mailpoet_form_image'];
     if (trim($params['class_name'])) {
       $divClasses[] = trim($params['class_name']);
     }
-    return '<div class="' . implode(' ', $divClasses) . '">' . $figure . '</div>';
+    return '<div class="' . $this->wp->escAttr(implode(' ', $divClasses)) . '">' . $figure . '</div>';
   }
 
   private function wrapToLink(array $params, string $img): string {
-    $attributes = ['href="' . $params['href'] . '"'];
+    $attributes = ['href="' . $this->wp->escAttr($params['href']) . '"'];
     if ($params['link_class']) {
-      $attributes[] = 'class="' . $params['link_class'] . '"';
+      $attributes[] = 'class="' . $this->wp->escAttr($params['link_class']) . '"';
     }
     if ($params['link_target']) {
-      $attributes[] = 'target="' . $params['link_target'] . '"';
+      $attributes[] = 'target="' . $this->wp->escAttr($params['link_target']) . '"';
     }
     if ($params['rel']) {
-      $attributes[] = 'rel="' . $params['rel'] . '"';
+      $attributes[] = 'rel="' . $this->wp->escAttr($params['rel']) . '"';
     }
     return '<a ' . implode(' ', $attributes) . ' >' . $img . '</a>';
   }
diff --git a/lib/Form/Block/Paragraph.php b/lib/Form/Block/Paragraph.php
index 296a30f11d..2900f15475 100644
--- a/lib/Form/Block/Paragraph.php
+++ b/lib/Form/Block/Paragraph.php
@@ -2,7 +2,16 @@
 
 namespace MailPoet\Form\Block;
 
+use MailPoet\WP\Functions as WPFunctions;
+
 class Paragraph {
+  /** @var WPFunctions */
+  private $wp;
+
+  public function __construct(WPFunctions $wp) {
+    $this->wp = $wp;
+  }
+
   public function render(array $block): string {
     $content = ($block['params']['content'] ?? '');
     return $this->wrapContent($content, $block);
@@ -51,7 +60,7 @@ class Paragraph {
       return null;
     }
     return 'class="'
-    . join(' ', $classes)
+    . $this->wp->escAttr(join(' ', $classes))
     . '"';
   }
 
@@ -76,7 +85,7 @@ class Paragraph {
       return null;
     }
     return 'style="'
-      . join('; ', $styles)
+      . $this->wp->escAttr(join('; ', $styles))
       . '"';
   }
 }
diff --git a/lib/Form/Block/Select.php b/lib/Form/Block/Select.php
index ef4aea7ba3..e7bf09e05a 100644
--- a/lib/Form/Block/Select.php
+++ b/lib/Form/Block/Select.php
@@ -43,7 +43,7 @@ class Select {
       class="mailpoet_select"
       name="' . $fieldName . '" '
       . $automationId
-      . 'style="' . $this->blockStylesRenderer->renderForSelect([], $formSettings) . '"'
+      . 'style="' . $this->wp->escAttr($this->blockStylesRenderer->renderForSelect([], $formSettings)) . '"'
       . '>';
 
     if (isset($block['params']['label_within']) && $block['params']['label_within']) {
diff --git a/lib/Form/Block/Submit.php b/lib/Form/Block/Submit.php
index 7d39f75e56..6934d9717d 100644
--- a/lib/Form/Block/Submit.php
+++ b/lib/Form/Block/Submit.php
@@ -4,6 +4,7 @@ namespace MailPoet\Form\Block;
 
 use MailPoet\Form\BlockStylesRenderer;
 use MailPoet\Form\BlockWrapperRenderer;
+use MailPoet\WP\Functions as WPFunctions;
 
 class Submit {
 
@@ -16,10 +17,19 @@ class Submit {
   /** @var BlockStylesRenderer */
   private $stylesRenderer;
 
-  public function __construct(BlockRendererHelper $rendererHelper, BlockWrapperRenderer $wrapper, BlockStylesRenderer $stylesRenderer) {
+  /** @var WPFunctions */
+  private $wp;
+
+  public function __construct(
+    BlockRendererHelper $rendererHelper,
+    BlockWrapperRenderer $wrapper,
+    BlockStylesRenderer $stylesRenderer,
+    WPFunctions $wp
+  ) {
     $this->rendererHelper = $rendererHelper;
     $this->wrapper = $wrapper;
     $this->stylesRenderer = $stylesRenderer;
+    $this->wp = $wp;
   }
 
   public function render(array $block, array $formSettings): string {
@@ -32,13 +42,13 @@ class Submit {
     $html .= 'data-automation-id="subscribe-submit-button" ';
 
     if (isset($block['styles']['font_family'])) {
-      $html .= "data-font-family='{$block['styles']['font_family']}' " ;
+      $html .= "data-font-family='{$this->wp->escAttr($block['styles']['font_family'])}' " ;
     }
 
     $styles = $this->stylesRenderer->renderForButton($block['styles'] ?? [], $formSettings);
 
     if ($styles) {
-      $html .= 'style="' . $styles . '" ';
+      $html .= 'style="' . $this->wp->escAttr($styles) . '" ';
     }
 
     $html .= '/>';
diff --git a/lib/Form/Block/Text.php b/lib/Form/Block/Text.php
index c9be89ae95..8b07c54c6f 100644
--- a/lib/Form/Block/Text.php
+++ b/lib/Form/Block/Text.php
@@ -4,6 +4,7 @@ namespace MailPoet\Form\Block;
 
 use MailPoet\Form\BlockStylesRenderer;
 use MailPoet\Form\BlockWrapperRenderer;
+use MailPoet\WP\Functions as WPFunctions;
 
 class Text {
   /** @var BlockRendererHelper */
@@ -15,14 +16,19 @@ class Text {
   /** @var BlockWrapperRenderer */
   private $wrapper;
 
+  /** @var WPFunctions */
+  private $wp;
+
   public function __construct(
     BlockRendererHelper $rendererHelper,
     BlockStylesRenderer $inputStylesRenderer,
-    BlockWrapperRenderer $wrapper
+    BlockWrapperRenderer $wrapper,
+    WPFunctions $wp
   ) {
     $this->rendererHelper = $rendererHelper;
     $this->inputStylesRenderer = $inputStylesRenderer;
     $this->wrapper = $wrapper;
+    $this->wp = $wp;
   }
 
   public function render(array $block, array $formSettings): string {
@@ -33,7 +39,7 @@ class Text {
     }
 
     if (in_array($block['id'], ['email', 'last_name', 'first_name'], true)) {
-      $automationId = 'data-automation-id="form_' . $block['id'] . '" ';
+      $automationId = 'data-automation-id="form_' . $this->wp->escAttr($block['id']) . '" ';
     }
 
     $styles = $this->inputStylesRenderer->renderForTextInput($block['styles'] ?? [], $formSettings);
@@ -57,7 +63,7 @@ class Text {
     $html .= 'value="' . $this->rendererHelper->getFieldValue($block) . '" ';
 
     if ($styles) {
-      $html .= 'style="' . $styles . '" ';
+      $html .= 'style="' . $this->wp->escAttr($styles) . '" ';
     }
 
     $html .= $automationId;
diff --git a/lib/Form/Block/Textarea.php b/lib/Form/Block/Textarea.php
index 182f3431b4..7c1109ebc3 100644
--- a/lib/Form/Block/Textarea.php
+++ b/lib/Form/Block/Textarea.php
@@ -4,6 +4,7 @@ namespace MailPoet\Form\Block;
 
 use MailPoet\Form\BlockStylesRenderer;
 use MailPoet\Form\BlockWrapperRenderer;
+use MailPoet\WP\Functions as WPFunctions;
 
 class Textarea {
   /** @var BlockRendererHelper */
@@ -15,14 +16,19 @@ class Textarea {
    /** @var BlockWrapperRenderer */
   private $wrapper;
 
+  /** @var WPFunctions */
+  private $wp;
+
   public function __construct(
     BlockRendererHelper $rendererHelper,
     BlockStylesRenderer $inputStylesRenderer,
-    BlockWrapperRenderer $wrapper
+    BlockWrapperRenderer $wrapper,
+    WPFunctions $wp
   ) {
     $this->rendererHelper = $rendererHelper;
     $this->inputStylesRenderer = $inputStylesRenderer;
     $this->wrapper = $wrapper;
+    $this->wp = $wp;
   }
 
   public function render(array $block, array $formSettings): string {
@@ -46,7 +52,7 @@ class Textarea {
     $html .= $this->rendererHelper->getInputModifiers($block);
 
     if ($styles) {
-      $html .= 'style="' . $styles . '" ';
+      $html .= 'style="' . $this->wp->escAttr($styles) . '" ';
     }
 
     $html .= '>' . $this->rendererHelper->getFieldValue($block) . '</textarea>';
diff --git a/lib/Form/BlockStylesRenderer.php b/lib/Form/BlockStylesRenderer.php
index 9fc36b7345..c9a2700222 100644
--- a/lib/Form/BlockStylesRenderer.php
+++ b/lib/Form/BlockStylesRenderer.php
@@ -2,7 +2,16 @@
 
 namespace MailPoet\Form;
 
+use MailPoet\WP\Functions as WPFunctions;
+
 class BlockStylesRenderer {
+  /** @var WPFunctions */
+  private $wp;
+
+  public function __construct(WPFunctions $wp) {
+    $this->wp = $wp;
+  }
+
   public function renderForTextInput(array $styles, array $formSettings = []): string {
     $rules = [];
     if (isset($styles['full_width']) && intval($styles['full_width'])) {
@@ -95,7 +104,7 @@ class BlockStylesRenderer {
     ) {
       return '<style>'
         . $selector . '::placeholder{'
-        . 'color:' . $block['styles']['font_color'] . ';'
+        . 'color:' . $this->wp->escAttr($block['styles']['font_color']) . ';'
         . 'opacity: 1;'
         . '}'
         . '</style>';
diff --git a/lib/Form/BlockWrapperRenderer.php b/lib/Form/BlockWrapperRenderer.php
index c7bb5e4741..fc1f38041e 100644
--- a/lib/Form/BlockWrapperRenderer.php
+++ b/lib/Form/BlockWrapperRenderer.php
@@ -2,9 +2,18 @@
 
 namespace MailPoet\Form;
 
+use MailPoet\WP\Functions as WPFunctions;
+
 class BlockWrapperRenderer {
+  /** @var WPFunctions */
+  private $wp;
+
+  public function __construct(WPFunctions $wp) {
+    $this->wp = $wp;
+  }
+
   public function render(array $block, string $blockContent): string {
     $classes = isset($block['params']['class_name']) ? " " . $block['params']['class_name'] : '';
-    return '<div class="mailpoet_paragraph' . $classes . '">' . $blockContent . '</div>';
+    return '<div class="mailpoet_paragraph' . $this->wp->escAttr($classes) . '">' . $blockContent . '</div>';
   }
 }
diff --git a/tests/unit/Form/Block/BlockRendererHelperTest.php b/tests/unit/Form/Block/BlockRendererHelperTest.php
index 0b549af1db..3bdf203e94 100644
--- a/tests/unit/Form/Block/BlockRendererHelperTest.php
+++ b/tests/unit/Form/Block/BlockRendererHelperTest.php
@@ -35,6 +35,7 @@ class BlockRendererHelperTest extends \MailPoetUnitTest {
     parent::_before();
     $this->wpMock = $this->createMock(WPFunctions::class);
     $this->wpMock->method('escAttr')->will($this->returnArgument(0));
+    $this->wpMock->method('escHtml')->will($this->returnArgument(0));
     $this->obfuscatorMock = $this->createMock(FieldNameObfuscator::class);
     $this->obfuscatorMock->method('obfuscate')->will($this->returnArgument(0));
     $this->rendererHelper = new BlockRendererHelper($this->obfuscatorMock, $this->wpMock);
diff --git a/tests/unit/Form/Block/CheckboxTest.php b/tests/unit/Form/Block/CheckboxTest.php
index cac3c4816c..c335350827 100644
--- a/tests/unit/Form/Block/CheckboxTest.php
+++ b/tests/unit/Form/Block/CheckboxTest.php
@@ -6,6 +6,7 @@ use MailPoet\Form\Block\BlockRendererHelper;
 use MailPoet\Form\Block\Checkbox;
 use MailPoet\Form\BlockWrapperRenderer;
 use MailPoet\Test\Form\HtmlParser;
+use MailPoet\WP\Functions as WPFunctions;
 use PHPUnit\Framework\MockObject\MockObject;
 
 require_once __DIR__ . '/../HtmlParser.php';
@@ -46,7 +47,10 @@ class CheckboxTest extends \MailPoetUnitTest {
     $this->rendererHelperMock = $this->createMock(BlockRendererHelper::class);
     $this->wrapperMock = $this->createMock(BlockWrapperRenderer::class);
     $this->wrapperMock->method('render')->will($this->returnArgument(1));
-    $this->checkbox = new Checkbox($this->rendererHelperMock, $this->wrapperMock);
+    $wpMock = $this->createMock(WPFunctions::class);
+    $wpMock->method('escAttr')->will($this->returnArgument(0));
+    $wpMock->method('escHtml')->will($this->returnArgument(0));
+    $this->checkbox = new Checkbox($this->rendererHelperMock, $this->wrapperMock, $wpMock);
     $this->htmlParser = new HtmlParser();
   }
 
diff --git a/tests/unit/Form/Block/ColumnTest.php b/tests/unit/Form/Block/ColumnTest.php
index 5e620f0cc0..d82f09c5c2 100644
--- a/tests/unit/Form/Block/ColumnTest.php
+++ b/tests/unit/Form/Block/ColumnTest.php
@@ -4,6 +4,7 @@ namespace MailPoet\Test\Form\Block;
 
 use MailPoet\Form\Block\Column;
 use MailPoet\Test\Form\HtmlParser;
+use MailPoet\WP\Functions as WPFunctions;
 
 require_once __DIR__ . '/../HtmlParser.php';
 
@@ -22,7 +23,9 @@ class ColumnTest extends \MailPoetUnitTest {
 
   public function _before() {
     parent::_before();
-    $this->columns = new Column();
+    $wpMock = $this->createMock(WPFunctions::class);
+    $wpMock->method('escAttr')->will($this->returnArgument(0));
+    $this->columns = new Column($wpMock);
     $this->htmlParser = new HtmlParser();
   }
 
diff --git a/tests/unit/Form/Block/ColumnsTest.php b/tests/unit/Form/Block/ColumnsTest.php
index f4727313c4..6569203c56 100644
--- a/tests/unit/Form/Block/ColumnsTest.php
+++ b/tests/unit/Form/Block/ColumnsTest.php
@@ -4,6 +4,7 @@ namespace MailPoet\Test\Form\Block;
 
 use MailPoet\Form\Block\Columns;
 use MailPoet\Test\Form\HtmlParser;
+use MailPoet\WP\Functions as WPFunctions;
 
 require_once __DIR__ . '/../HtmlParser.php';
 
@@ -21,7 +22,9 @@ class ColumnsTest extends \MailPoetUnitTest {
 
   public function _before() {
     parent::_before();
-    $this->columns = new Columns();
+    $wpMock = $this->createMock(WPFunctions::class);
+    $wpMock->method('escAttr')->will($this->returnArgument(0));
+    $this->columns = new Columns($wpMock);
     $this->htmlParser = new HtmlParser();
   }
 
diff --git a/tests/unit/Form/Block/DateTest.php b/tests/unit/Form/Block/DateTest.php
index 89a8d253c0..8432c284d0 100644
--- a/tests/unit/Form/Block/DateTest.php
+++ b/tests/unit/Form/Block/DateTest.php
@@ -7,6 +7,7 @@ use MailPoet\Form\Block\Date;
 use MailPoet\Form\BlockStylesRenderer;
 use MailPoet\Form\BlockWrapperRenderer;
 use MailPoet\Test\Form\HtmlParser;
+use MailPoet\WP\Functions as WPFunctions;
 use MailPoetVendor\Carbon\Carbon;
 use PHPUnit\Framework\MockObject\MockObject;
 
@@ -51,7 +52,9 @@ class DateTest extends \MailPoetUnitTest {
     $this->baseMock = $this->createMock(BlockRendererHelper::class);
     $this->wrapperMock = $this->createMock(BlockWrapperRenderer::class);
     $this->wrapperMock->method('render')->will($this->returnArgument(1));
-    $this->date = new Date($this->baseMock, $this->blockStylesRenderer, $this->wrapperMock);
+    $wpMock = $this->createMock(WPFunctions::class);
+    $wpMock->method('escAttr')->will($this->returnArgument(0));
+    $this->date = new Date($this->baseMock, $this->blockStylesRenderer, $this->wrapperMock, $wpMock);
     $this->htmlParser = new HtmlParser();
   }
 
diff --git a/tests/unit/Form/Block/DividerTest.php b/tests/unit/Form/Block/DividerTest.php
index 6c2977d040..281910b4d7 100644
--- a/tests/unit/Form/Block/DividerTest.php
+++ b/tests/unit/Form/Block/DividerTest.php
@@ -3,6 +3,7 @@
 namespace MailPoet\Test\Form\Block;
 
 use MailPoet\Form\Block\Divider;
+use MailPoet\WP\Functions as WPFunctions;
 
 class DividerTest extends \MailPoetUnitTest {
   /** @var Divider */
@@ -20,7 +21,9 @@ class DividerTest extends \MailPoetUnitTest {
 
   public function _before() {
     parent::_before();
-    $this->divider = new Divider();
+    $wpMock = $this->createMock(WPFunctions::class);
+    $wpMock->method('escAttr')->will($this->returnArgument(0));
+    $this->divider = new Divider($wpMock);
   }
 
   public function testItRendersOldDividerWithNoParams() {
diff --git a/tests/unit/Form/Block/HeadingTest.php b/tests/unit/Form/Block/HeadingTest.php
index 4bc8405731..e9e1a46a8f 100644
--- a/tests/unit/Form/Block/HeadingTest.php
+++ b/tests/unit/Form/Block/HeadingTest.php
@@ -3,6 +3,7 @@
 namespace MailPoet\Test\Form\Block;
 
 use MailPoet\Form\Block\Heading;
+use MailPoet\WP\Functions as WPFunctions;
 
 class HeadingTest extends \MailPoetUnitTest {
   /** @var Heading */
@@ -10,7 +11,9 @@ class HeadingTest extends \MailPoetUnitTest {
 
   public function _before() {
     parent::_before();
-    $this->heading = new Heading();
+    $wpMock = $this->createMock(WPFunctions::class);
+    $wpMock->method('escAttr')->will($this->returnArgument(0));
+    $this->heading = new Heading($wpMock);
   }
 
   public function testItShouldRenderHeading() {
diff --git a/tests/unit/Form/Block/ImageTest.php b/tests/unit/Form/Block/ImageTest.php
index 3ab0306290..02defc16a1 100644
--- a/tests/unit/Form/Block/ImageTest.php
+++ b/tests/unit/Form/Block/ImageTest.php
@@ -46,6 +46,8 @@ class ImageTest extends \MailPoetUnitTest {
   public function _before() {
     parent::_before();
     $this->wpMock = $this->createMock(WPFunctions::class);
+    $this->wpMock->method('escAttr')->will($this->returnArgument(0));
+    $this->wpMock->method('escHtml')->will($this->returnArgument(0));
     $this->image = new Image($this->wpMock);
     $this->htmlParser = new HtmlParser();
 
diff --git a/tests/unit/Form/Block/ParagraphTest.php b/tests/unit/Form/Block/ParagraphTest.php
index 8f2b88b09a..405e3624c4 100644
--- a/tests/unit/Form/Block/ParagraphTest.php
+++ b/tests/unit/Form/Block/ParagraphTest.php
@@ -3,6 +3,7 @@
 namespace MailPoet\Test\Form\Block;
 
 use MailPoet\Form\Block\Paragraph;
+use MailPoet\WP\Functions as WPFunctions;
 
 class ParagraphTest extends \MailPoetUnitTest {
   /** @var Paragraph */
@@ -10,7 +11,9 @@ class ParagraphTest extends \MailPoetUnitTest {
 
   public function _before() {
     parent::_before();
-    $this->paragraph = new Paragraph();
+    $wpMock = $this->createMock(WPFunctions::class);
+    $wpMock->method('escAttr')->will($this->returnArgument(0));
+    $this->paragraph = new Paragraph($wpMock);
   }
 
   public function testItShouldRenderParagraph() {
diff --git a/tests/unit/Form/Block/SubmitTest.php b/tests/unit/Form/Block/SubmitTest.php
index 7556aabbc8..4f9ff281c8 100644
--- a/tests/unit/Form/Block/SubmitTest.php
+++ b/tests/unit/Form/Block/SubmitTest.php
@@ -7,6 +7,7 @@ use MailPoet\Form\Block\Submit;
 use MailPoet\Form\BlockStylesRenderer;
 use MailPoet\Form\BlockWrapperRenderer;
 use MailPoet\Test\Form\HtmlParser;
+use MailPoet\WP\Functions as WPFunctions;
 use PHPUnit\Framework\MockObject\MockObject;
 
 require_once __DIR__ . '/../HtmlParser.php';
@@ -45,7 +46,9 @@ class SubmitTest extends \MailPoetUnitTest {
     $this->wrapperMock = $this->createMock(BlockWrapperRenderer::class);
     $this->wrapperMock->method('render')->will($this->returnArgument(1));
     $this->stylesRendererMock = $this->createMock(BlockStylesRenderer::class);
-    $this->submit = new Submit($this->rendererHelperMock, $this->wrapperMock, $this->stylesRendererMock);
+    $wpMock = $this->createMock(WPFunctions::class);
+    $wpMock->method('escAttr')->will($this->returnArgument(0));
+    $this->submit = new Submit($this->rendererHelperMock, $this->wrapperMock, $this->stylesRendererMock, $wpMock);
     $this->htmlParser = new HtmlParser();
   }
 
diff --git a/tests/unit/Form/Block/TextTest.php b/tests/unit/Form/Block/TextTest.php
index 9a21a46173..e30596fd75 100644
--- a/tests/unit/Form/Block/TextTest.php
+++ b/tests/unit/Form/Block/TextTest.php
@@ -7,6 +7,7 @@ use MailPoet\Form\Block\Text;
 use MailPoet\Form\BlockStylesRenderer;
 use MailPoet\Form\BlockWrapperRenderer;
 use MailPoet\Test\Form\HtmlParser;
+use MailPoet\WP\Functions as WPFunctions;
 use PHPUnit\Framework\MockObject\MockObject;
 
 require_once __DIR__ . '/../HtmlParser.php';
@@ -47,7 +48,9 @@ class TextTest extends \MailPoetUnitTest {
     $this->stylesRendererMock = $this->createMock(BlockStylesRenderer::class);
     $this->wrapperMock = $this->createMock(BlockWrapperRenderer::class);
     $this->wrapperMock->method('render')->will($this->returnArgument(1));
-    $this->text = new Text($this->rendererHelperMock, $this->stylesRendererMock, $this->wrapperMock);
+    $wpMock = $this->createMock(WPFunctions::class);
+    $wpMock->method('escAttr')->will($this->returnArgument(0));
+    $this->text = new Text($this->rendererHelperMock, $this->stylesRendererMock, $this->wrapperMock, $wpMock);
     $this->htmlParser = new HtmlParser();
   }
 
diff --git a/tests/unit/Form/Block/TextareaTest.php b/tests/unit/Form/Block/TextareaTest.php
index 603fcb95c9..08b11ac83d 100644
--- a/tests/unit/Form/Block/TextareaTest.php
+++ b/tests/unit/Form/Block/TextareaTest.php
@@ -7,6 +7,7 @@ use MailPoet\Form\Block\Textarea;
 use MailPoet\Form\BlockStylesRenderer;
 use MailPoet\Form\BlockWrapperRenderer;
 use MailPoet\Test\Form\HtmlParser;
+use MailPoet\WP\Functions as WPFunctions;
 use PHPUnit\Framework\MockObject\MockObject;
 
 require_once __DIR__ . '/../HtmlParser.php';
@@ -48,7 +49,9 @@ class TextareaTest extends \MailPoetUnitTest {
     $this->stylesRendererMock = $this->createMock(BlockStylesRenderer::class);
     $this->wrapperMock = $this->createMock(BlockWrapperRenderer::class);
     $this->wrapperMock->method('render')->will($this->returnArgument(1));
-    $this->textarea = new Textarea($this->rendererHelperMock, $this->stylesRendererMock, $this->wrapperMock);
+    $wpMock = $this->createMock(WPFunctions::class);
+    $wpMock->method('escAttr')->will($this->returnArgument(0));
+    $this->textarea = new Textarea($this->rendererHelperMock, $this->stylesRendererMock, $this->wrapperMock, $wpMock);
     $this->htmlParser = new HtmlParser();
   }
 
diff --git a/tests/unit/Form/BlockStylesRendererTest.php b/tests/unit/Form/BlockStylesRendererTest.php
index df8ca1e74f..a407247414 100644
--- a/tests/unit/Form/BlockStylesRendererTest.php
+++ b/tests/unit/Form/BlockStylesRendererTest.php
@@ -3,6 +3,7 @@
 namespace MailPoet\Test\Form;
 
 use MailPoet\Form\BlockStylesRenderer;
+use MailPoet\WP\Functions as WPFunctions;
 
 require_once __DIR__ . '/HtmlParser.php';
 
@@ -12,7 +13,9 @@ class BlockStylesRendererTest extends \MailPoetUnitTest {
 
   public function _before() {
     parent::_before();
-    $this->renderer = new BlockStylesRenderer();
+    $wpMock = $this->createMock(WPFunctions::class);
+    $wpMock->method('escAttr')->will($this->returnArgument(0));
+    $this->renderer = new BlockStylesRenderer($wpMock);
   }
 
   public function testItShouldReturnEmptyStringForNoStylesOrUnsupportedStyles() {
diff --git a/tests/unit/Form/BlockWrapperRendererTest.php b/tests/unit/Form/BlockWrapperRendererTest.php
index 86d570cdd4..ee688d8d39 100644
--- a/tests/unit/Form/BlockWrapperRendererTest.php
+++ b/tests/unit/Form/BlockWrapperRendererTest.php
@@ -4,17 +4,22 @@ namespace MailPoet\Test\Form;
 
 use Codeception\Util\Fixtures;
 use MailPoet\Form\BlockWrapperRenderer;
+use MailPoet\WP\Functions as WPFunctions;
 
 class BlockWrapperRendererTest extends \MailPoetUnitTest {
   public function testItShouldWrapBlockContent() {
-    $renderer = new BlockWrapperRenderer();
+    $wpMock = $this->createMock(WPFunctions::class);
+    $wpMock->method('escAttr')->will($this->returnArgument(0));
+    $renderer = new BlockWrapperRenderer($wpMock);
     $block = Fixtures::get('simple_form_body')[0];
     $result = $renderer->render($block, 'content');
     expect($result)->equals('<div class="mailpoet_paragraph">content</div>');
   }
 
   public function testItShouldWrapRenderCustomClasses() {
-    $renderer = new BlockWrapperRenderer();
+    $wpMock = $this->createMock(WPFunctions::class);
+    $wpMock->method('escAttr')->will($this->returnArgument(0));
+    $renderer = new BlockWrapperRenderer($wpMock);
     $block = Fixtures::get('simple_form_body')[0];
     $block['params']['class_name'] = 'class1 class2';
     $result = $renderer->render($block, 'content');