diff --git a/admin/class-h5p-content-admin.php b/admin/class-h5p-content-admin.php
index acb4c3b..24f9dca 100644
--- a/admin/class-h5p-content-admin.php
+++ b/admin/class-h5p-content-admin.php
@@ -17,6 +17,7 @@
  */
 class H5PContentAdmin {
 
+  use H5PUtils;
   /**
    * @since 1.1.0
    */
@@ -64,7 +65,7 @@ public function __construct($plugin_slug) {
    * @return string
    */
   public function alter_title($page, $admin_title, $title) {
-    $task = filter_input(INPUT_GET, 'task', FILTER_SANITIZE_STRING);
+    $task = $this->sanitize_input('task');
     $id = filter_input(INPUT_GET, 'id', FILTER_SANITIZE_NUMBER_INT);
 
     // Find content title
@@ -176,7 +177,7 @@ private function current_user_can_view_content_results($content) {
    * @since 1.1.0
    */
   public function display_contents_page() {
-    switch (filter_input(INPUT_GET, 'task', FILTER_SANITIZE_STRING)) {
+    switch ($this->sanitize_input('task')) {
       case NULL:
         include_once('views/contents.php');
 
@@ -1087,7 +1088,7 @@ public function ajax_libraries() {
     $editor = $this->get_h5peditor_instance();
 
     // Get input
-    $name = filter_input(INPUT_GET, 'machineName', FILTER_SANITIZE_STRING);
+    $name = $this->sanitize_input('machineName');
     $major_version = filter_input(INPUT_GET, 'majorVersion', FILTER_SANITIZE_NUMBER_INT);
     $minor_version = filter_input(INPUT_GET, 'minorVersion', FILTER_SANITIZE_NUMBER_INT);
 
@@ -1117,7 +1118,7 @@ public function ajax_libraries() {
    * Get content type cache
    */
   public function ajax_content_type_cache() {
-    $token = filter_input(INPUT_GET, 'token', FILTER_SANITIZE_STRING);
+    $token = $this->sanitize_input('token');
 
     $editor = $this->get_h5peditor_instance();
     $editor->ajax->action(H5PEditorEndpoints::CONTENT_TYPE_CACHE, $token);
@@ -1128,7 +1129,7 @@ public function ajax_content_type_cache() {
    * Get translations
    */
   public function ajax_translations() {
-    $language = filter_input(INPUT_GET, 'language', FILTER_SANITIZE_STRING);
+    $language = $this->sanitize_input('language');
 
     $editor = $this->get_h5peditor_instance();
     $editor->ajax->action(H5PEditorEndpoints::TRANSLATIONS, $language);
@@ -1141,7 +1142,7 @@ public function ajax_translations() {
    * @since 1.1.0
    */
   public function ajax_files() {
-    $token = filter_input(INPUT_GET, 'token', FILTER_SANITIZE_STRING);
+    $token = $this->sanitize_input('token');
     $contentId = filter_input(INPUT_POST, 'contentId', FILTER_SANITIZE_NUMBER_INT);
 
     $editor = $this->get_h5peditor_instance();
@@ -1176,7 +1177,7 @@ public function ajax_content_results() {
    * @since 1.14.0
    */
   public function ajax_filter() {
-    $token = filter_input(INPUT_GET, 'token', FILTER_SANITIZE_STRING);
+    $token = $this->sanitize_input('token');
     $libraryParameters = filter_input(INPUT_POST, 'libraryParameters');
 
     $editor = $this->get_h5peditor_instance();
diff --git a/admin/class-h5p-library-admin.php b/admin/class-h5p-library-admin.php
index e51f41a..a063f34 100644
--- a/admin/class-h5p-library-admin.php
+++ b/admin/class-h5p-library-admin.php
@@ -17,6 +17,7 @@
  */
 class H5PLibraryAdmin {
 
+  use H5PUtils;
   /**
    * @since 1.1.0
    */
@@ -49,7 +50,7 @@ public function __construct($plugin_slug) {
    * @return string
    */
   public function alter_title($page, $admin_title, $title) {
-    $task = filter_input(INPUT_GET, 'task', FILTER_SANITIZE_STRING);
+    $task = $this->sanitize_input('task');
 
     // Find library title
     $show = ($task === 'show');
@@ -111,7 +112,7 @@ private function get_library($id = NULL) {
    * @since 1.1.0
    */
   public function display_libraries_page() {
-    switch (filter_input(INPUT_GET, 'task', FILTER_SANITIZE_STRING)) {
+    switch ($this->sanitize_input('task')) {
       case NULL:
         $this->display_libraries();
         return;
diff --git a/admin/class-h5p-plugin-admin.php b/admin/class-h5p-plugin-admin.php
index c96e6ac..b9c057b 100644
--- a/admin/class-h5p-plugin-admin.php
+++ b/admin/class-h5p-plugin-admin.php
@@ -550,7 +550,8 @@ public function display_settings_page() {
    * @return string
    */
   public function alter_title($admin_title, $title) {
-    $page = filter_input(INPUT_GET, 'page', FILTER_SANITIZE_STRING);
+    $page = filter_input(INPUT_GET, 'page');
+    $page = htmlspecialchars($page ?? '', ENT_QUOTES, 'UTF-8');
 
     switch ($page) {
       case 'h5p':
diff --git a/admin/class-h5p-utils.php b/admin/class-h5p-utils.php
new file mode 100644
index 0000000..d05b065
--- /dev/null
+++ b/admin/class-h5p-utils.php
@@ -0,0 +1,14 @@
+<?php
+trait H5PUtils {
+    /**
+     * Filters and sanitizes input, replacing FILTER_SANITIZE_STRING.
+     *
+     * @param string $var_name Name of the variable to sanitize.
+     * @return string Sanitized value.
+     */
+    public function sanitize_input($var_name): string
+    {
+        $var_name = filter_input(INPUT_GET, $var_name);
+        return htmlspecialchars($var_name ?? '', ENT_QUOTES, 'UTF-8');
+    }
+}
\ No newline at end of file
diff --git a/autoloader.php b/autoloader.php
index cd36648..26e2f51 100644
--- a/autoloader.php
+++ b/autoloader.php
@@ -41,7 +41,8 @@ function h5p_autoloader($class) {
       'H5PLibraryAdmin' => 'admin/class-h5p-library-admin.php',
       'H5PEditorWordPressStorage' => 'admin/class-h5p-editor-wordpress-storage.php',
       'H5PEditorWordPressAjax' => 'admin/class-h5p-editor-wordpress-ajax.php',
-      'H5PPrivacyPolicy' => 'admin/class-h5p-privacy-policy.php'
+      'H5PPrivacyPolicy' => 'admin/class-h5p-privacy-policy.php',
+      'H5PUtils' => 'admin/class-h5p-utils.php',
     );
   }