diff --git a/app/code/Magento/Wishlist/Block/AbstractBlock.php b/app/code/Magento/Wishlist/Block/AbstractBlock.php
index 5f4a7c8f3814b..9114b0fcaf31c 100644
--- a/app/code/Magento/Wishlist/Block/AbstractBlock.php
+++ b/app/code/Magento/Wishlist/Block/AbstractBlock.php
@@ -211,7 +211,7 @@ public function getItemConfigureUrl($product)
     public function getEscapedDescription($item)
     {
         if ($item->getDescription()) {
-            return $this->escapeHtml($item->getDescription());
+            return $this->_escaper->escapeHtml($item->getDescription());
         }
         return ' ';
     }
diff --git a/app/code/Magento/Wishlist/Block/Catalog/Product/View/AddTo/Wishlist.php b/app/code/Magento/Wishlist/Block/Catalog/Product/View/AddTo/Wishlist.php
index 578d784bfd7dc..635fd7e17763f 100644
--- a/app/code/Magento/Wishlist/Block/Catalog/Product/View/AddTo/Wishlist.php
+++ b/app/code/Magento/Wishlist/Block/Catalog/Product/View/AddTo/Wishlist.php
@@ -33,7 +33,7 @@ public function getWishlistOptionsJson()
      */
     public function getWishlistOptions()
     {
-        return ['productType' => $this->escapeHtml($this->getProduct()->getTypeId())];
+        return ['productType' => $this->_escaper->escapeHtml($this->getProduct()->getTypeId())];
     }
 
     /**
diff --git a/app/code/Magento/Wishlist/Block/Customer/Sharing.php b/app/code/Magento/Wishlist/Block/Customer/Sharing.php
index 40fd00d6143a5..e0e82b380092f 100644
--- a/app/code/Magento/Wishlist/Block/Customer/Sharing.php
+++ b/app/code/Magento/Wishlist/Block/Customer/Sharing.php
@@ -107,7 +107,7 @@ public function getEnteredData($key)
         if (!$this->_enteredData || !isset($this->_enteredData[$key])) {
             return null;
         } else {
-            return $this->escapeHtml($this->_enteredData[$key]);
+            return $this->_escaper->escapeHtml($this->_enteredData[$key]);
         }
     }
 
diff --git a/app/code/Magento/Wishlist/Block/Customer/Wishlist/Item/Options.php b/app/code/Magento/Wishlist/Block/Customer/Wishlist/Item/Options.php
index 82133927e1201..8e6e6d22c88ec 100644
--- a/app/code/Magento/Wishlist/Block/Customer/Wishlist/Item/Options.php
+++ b/app/code/Magento/Wishlist/Block/Customer/Wishlist/Item/Options.php
@@ -111,10 +111,10 @@ public function getConfiguredOptions()
                 if (!(array_key_exists('has_html', $option) && $option['has_html'] === true)) {
                     if (is_array($option['value'])) {
                         foreach ($option['value'] as $key => $value) {
-                            $option['value'][$key] = $this->escapeHtml($value);
+                            $option['value'][$key] = $this->_escaper->escapeHtml($value);
                         }
                     } else {
-                        $option['value'] = $this->escapeHtml($option['value'], ["a"]);
+                        $option['value'] = $this->_escaper->escapeHtml($option['value'], ["a"]);
                     }
                 }
                 $options[$index]['value'] = $option['value'];
diff --git a/app/code/Magento/Wishlist/Block/Item/Configure.php b/app/code/Magento/Wishlist/Block/Item/Configure.php
index 49f308c99383b..f4102aa52c2a7 100644
--- a/app/code/Magento/Wishlist/Block/Item/Configure.php
+++ b/app/code/Magento/Wishlist/Block/Item/Configure.php
@@ -56,7 +56,7 @@ public function __construct(
      */
     public function getWishlistOptions()
     {
-        return ['productType' => $this->escapeHtml($this->getProduct()->getTypeId())];
+        return ['productType' => $this->_escaper->escapeHtml($this->getProduct()->getTypeId())];
     }
 
     /**
diff --git a/app/code/Magento/Wishlist/Block/Share/Wishlist.php b/app/code/Magento/Wishlist/Block/Share/Wishlist.php
index 889fb363a2070..2a34dcc94fe4a 100644
--- a/app/code/Magento/Wishlist/Block/Share/Wishlist.php
+++ b/app/code/Magento/Wishlist/Block/Share/Wishlist.php
@@ -83,6 +83,6 @@ public function getWishlistCustomer()
      */
     public function getHeader()
     {
-        return __("%1's Wish List", $this->escapeHtml($this->getWishlistCustomer()->getFirstname()));
+        return __("%1's Wish List", $this->_escaper->escapeHtml($this->getWishlistCustomer()->getFirstname()));
     }
 }
diff --git a/app/code/Magento/Wishlist/view/adminhtml/templates/customer/edit/tab/wishlist.phtml b/app/code/Magento/Wishlist/view/adminhtml/templates/customer/edit/tab/wishlist.phtml
index 7ee04bf192f29..8fea055e080f1 100644
--- a/app/code/Magento/Wishlist/view/adminhtml/templates/customer/edit/tab/wishlist.phtml
+++ b/app/code/Magento/Wishlist/view/adminhtml/templates/customer/edit/tab/wishlist.phtml
@@ -4,7 +4,10 @@
  * See COPYING.txt for license details.
  */
 
-/** @var \Magento\Framework\View\Element\Template $block */
+/**
+ * @var \Magento\Framework\View\Element\Template $block
+ * @var \Magento\Framework\Escaper $escaper
+ */
 /** @var \Magento\Framework\View\Helper\SecureHtmlRenderer $secureRenderer */
 ?>
 <?php $scriptString = <<<script
@@ -21,14 +24,14 @@
                     if (!urlParams) {
                         urlParams = '';
                     }
-                    var url = {$block->escapeJs($block->getJsObjectName())}.url + '?ajax=true' + urlParams;
+                    var url = {$escaper->escapeJs($block->getJsObjectName())}.url + '?ajax=true' + urlParams;
                     new Ajax.Updater(
-                        {$block->escapeJs($block->getJsObjectName())}.containerId,
+                        {$escaper->escapeJs($block->getJsObjectName())}.containerId,
                         url,
                         {
                             parameters: {form_key: FORM_KEY},
-                            onComplete: {$block->escapeJs($block->getJsObjectName())}.initGrid
-                            .bind({$block->escapeJs($block->getJsObjectName())}),
+                            onComplete: {$escaper->escapeJs($block->getJsObjectName())}.initGrid
+                            .bind({$escaper->escapeJs($block->getJsObjectName())}),
                         evalScripts:true
                 }
             );
@@ -51,7 +54,7 @@
         var self = this;
 
         confirm({
-            content: '{$block->escapeJs(__('Are you sure you want to remove this item?'))}',
+            content: '{$escaper->escapeJs(__('Are you sure you want to remove this item?'))}',
             actions: {
                 confirm: function () {
                     self.reload('&delete=' + itemId);
@@ -64,8 +67,8 @@
     productConfigure.addListType(
         'wishlist',
         {
-            urlFetch: '{$block->escapeJs($block->getUrl('customer/wishlist_product_composite_wishlist/configure'))}',
-            urlConfirm: '{$block->escapeJs($block->getUrl('customer/wishlist_product_composite_wishlist/update'))}'
+            urlFetch: '{$escaper->escapeJs($block->getUrl('customer/wishlist_product_composite_wishlist/configure'))}',
+            urlConfirm: '{$escaper->escapeJs($block->getUrl('customer/wishlist_product_composite_wishlist/update'))}'
         }
     );
     //-->
diff --git a/app/code/Magento/Wishlist/view/base/templates/product/price/bundle/configured_price.phtml b/app/code/Magento/Wishlist/view/base/templates/product/price/bundle/configured_price.phtml
index 260dd5a24396a..d07c798bbde74 100644
--- a/app/code/Magento/Wishlist/view/base/templates/product/price/bundle/configured_price.phtml
+++ b/app/code/Magento/Wishlist/view/base/templates/product/price/bundle/configured_price.phtml
@@ -5,7 +5,10 @@
  */
 ?>
 <?php
-/** @var \Magento\Catalog\Pricing\Render\ConfiguredPriceBox $block */
+/**
+ * @var \Magento\Catalog\Pricing\Render\ConfiguredPriceBox $block
+ * @var \Magento\Framework\Escaper $escaper
+ */
 $schema = ($block->getZone() == 'item_view');
 $idSuffix = $block->getIdSuffix() ?: '';
 ?>
@@ -15,8 +18,8 @@ $idSuffix = $block->getIdSuffix() ?: '';
             <?= /* @noEscape */ $block->renderAmount(
                 $block->getConfiguredPrice()->getAmount(),
                 [
-                    'display_label'     => $block->escapeHtml(__('Special Price')),
-                    'price_id'          => $block->escapeHtml($block->getPriceId('product-price-' . $idSuffix)),
+                    'display_label'     => $escaper->escapeHtml(__('Special Price')),
+                    'price_id'          => $escaper->escapeHtml($block->getPriceId('product-price-' . $idSuffix)),
                     'price_type'        => 'finalPrice',
                     'include_container' => true,
                     'schema' => $schema,
@@ -27,8 +30,8 @@ $idSuffix = $block->getIdSuffix() ?: '';
             <?= /* @noEscape */ $block->renderAmount(
                 $block->getConfiguredRegularPrice()->getAmount(),
                 [
-                    'display_label'     => $block->escapeHtml(__('Regular Price')),
-                    'price_id'          => $block->escapeHtml($block->getPriceId('old-price-' . $idSuffix)),
+                    'display_label'     => $escaper->escapeHtml(__('Regular Price')),
+                    'price_id'          => $escaper->escapeHtml($block->getPriceId('old-price-' . $idSuffix)),
                     'price_type'        => 'oldPrice',
                     'include_container' => true,
                     'skip_adjustments'  => true,
@@ -46,8 +49,8 @@ $idSuffix = $block->getIdSuffix() ?: '';
         <?= /* @noEscape */ $block->renderAmount(
             $block->getConfiguredPrice()->getAmount(),
             [
-                'display_label'     => $block->escapeHtml($priceLabel),
-                'price_id'          => $block->escapeHtml($block->getPriceId('product-price-' . $idSuffix)),
+                'display_label'     => $escaper->escapeHtml($priceLabel),
+                'price_id'          => $escaper->escapeHtml($block->getPriceId('product-price-' . $idSuffix)),
                 'price_type'        => 'finalPrice',
                 'include_container' => true,
                 'schema' => $schema,
diff --git a/app/code/Magento/Wishlist/view/base/templates/product/price/configurable/configured_price.phtml b/app/code/Magento/Wishlist/view/base/templates/product/price/configurable/configured_price.phtml
index f9517a106a79a..07d4c2bc230e6 100644
--- a/app/code/Magento/Wishlist/view/base/templates/product/price/configurable/configured_price.phtml
+++ b/app/code/Magento/Wishlist/view/base/templates/product/price/configurable/configured_price.phtml
@@ -5,7 +5,10 @@
  */
 ?>
 <?php
-/** @var \Magento\Wishlist\Pricing\Render\ConfiguredPriceBox $block */
+/**
+ * @var \Magento\Wishlist\Pricing\Render\ConfiguredPriceBox $block
+ * @var \Magento\Framework\Escaper $escaper
+ */
 $schema = ($block->getZone() == 'item_view');
 $idSuffix = $block->getIdSuffix() ?: '';
 /** @var \Magento\Wishlist\Pricing\ConfiguredPrice\ConfigurableProduct $configuredPrice */
@@ -20,8 +23,8 @@ $configuredRegularAmountValue = $configuredPrice->getConfiguredRegularAmount()->
             <?= /* @noEscape */ $block->renderAmount(
                 $configuredPrice->getConfiguredAmount(),
                 [
-                    'display_label'     => $block->escapeHtml(__('Special Price')),
-                    'price_id'          => $block->escapeHtml($block->getPriceId('product-price-' . $idSuffix)),
+                    'display_label'     => $escaper->escapeHtml(__('Special Price')),
+                    'price_id'          => $escaper->escapeHtml($block->getPriceId('product-price-' . $idSuffix)),
                     'price_type'        => 'finalPrice',
                     'include_container' => true,
                     'schema' => $schema,
@@ -32,8 +35,8 @@ $configuredRegularAmountValue = $configuredPrice->getConfiguredRegularAmount()->
             <?= /* @noEscape */ $block->renderAmount(
                 $configuredPrice->getConfiguredRegularAmount(),
                 [
-                    'display_label'     => $block->escapeHtml(__('Regular Price')),
-                    'price_id'          => $block->escapeHtml($block->getPriceId('old-price-' . $idSuffix)),
+                    'display_label'     => $escaper->escapeHtml(__('Regular Price')),
+                    'price_id'          => $escaper->escapeHtml($block->getPriceId('old-price-' . $idSuffix)),
                     'price_type'        => 'oldPrice',
                     'include_container' => true,
                     'skip_adjustments'  => true,
@@ -51,8 +54,8 @@ $configuredRegularAmountValue = $configuredPrice->getConfiguredRegularAmount()->
         <?= /* @noEscape */ $block->renderAmount(
             $configuredPrice->getAmount(),
             [
-                'display_label'     => $block->escapeHtml($priceLabel),
-                'price_id'          => $block->escapeHtml($block->getPriceId('product-price-' . $idSuffix)),
+                'display_label'     => $escaper->escapeHtml($priceLabel),
+                'price_id'          => $escaper->escapeHtml($block->getPriceId('product-price-' . $idSuffix)),
                 'price_type'        => 'finalPrice',
                 'include_container' => true,
                 'schema' => $schema,
diff --git a/app/code/Magento/Wishlist/view/frontend/templates/button/share.phtml b/app/code/Magento/Wishlist/view/frontend/templates/button/share.phtml
index 0ec1febaf2f7f..4eb0880e3b929 100644
--- a/app/code/Magento/Wishlist/view/frontend/templates/button/share.phtml
+++ b/app/code/Magento/Wishlist/view/frontend/templates/button/share.phtml
@@ -4,10 +4,13 @@
  * See COPYING.txt for license details.
  */
 
-/** @var \Magento\Wishlist\Block\Customer\Wishlist\Button $block */
+/**
+ * @var \Magento\Wishlist\Block\Customer\Wishlist\Button $block
+ * @var \Magento\Framework\Escaper $escaper
+ */
 ?>
 <?php if ($block->getWishlist()->getItemsCount() && $block->getWishlist()->getShared() < $block->getConfig()->getSharingEmailLimit()) : ?>
-    <button type="submit" name="save_and_share" title="<?= $block->escapeHtmlAttr(__('Share Wish List')) ?>" class="action share">
-        <span><?= $block->escapeHtml(__('Share Wish List')) ?></span>
+    <button type="submit" name="save_and_share" title="<?= $escaper->escapeHtmlAttr(__('Share Wish List')) ?>" class="action share">
+        <span><?= $escaper->escapeHtml(__('Share Wish List')) ?></span>
     </button>
 <?php endif;?>
diff --git a/app/code/Magento/Wishlist/view/frontend/templates/button/tocart.phtml b/app/code/Magento/Wishlist/view/frontend/templates/button/tocart.phtml
index 30d6c85ab64cd..c0a3b1ff3026a 100644
--- a/app/code/Magento/Wishlist/view/frontend/templates/button/tocart.phtml
+++ b/app/code/Magento/Wishlist/view/frontend/templates/button/tocart.phtml
@@ -4,11 +4,14 @@
  * See COPYING.txt for license details.
  */
 
-/** @var \Magento\Wishlist\Block\Customer\Wishlist\Button $block */
+/**
+ * @var \Magento\Wishlist\Block\Customer\Wishlist\Button $block
+ * @var \Magento\Framework\Escaper $escaper
+ */
 ?>
 
 <?php if ($block->getWishlist()->getItemsCount() && $block->getWishlist()->isSalable()) : ?>
-    <button type="button" data-role="all-tocart" title="<?= $block->escapeHtmlAttr(__('Add All to Cart')) ?>" class="action tocart">
-        <span><?= $block->escapeHtml(__('Add All to Cart')) ?></span>
+    <button type="button" data-role="all-tocart" title="<?= $escaper->escapeHtmlAttr(__('Add All to Cart')) ?>" class="action tocart">
+        <span><?= $escaper->escapeHtml(__('Add All to Cart')) ?></span>
     </button>
 <?php endif;?>
diff --git a/app/code/Magento/Wishlist/view/frontend/templates/button/update.phtml b/app/code/Magento/Wishlist/view/frontend/templates/button/update.phtml
index 6d8e13eeca5fd..c6ee61125741a 100644
--- a/app/code/Magento/Wishlist/view/frontend/templates/button/update.phtml
+++ b/app/code/Magento/Wishlist/view/frontend/templates/button/update.phtml
@@ -4,11 +4,14 @@
  * See COPYING.txt for license details.
  */
 
-/** @var \Magento\Wishlist\Block\Customer\Wishlist\Button $block */
+/**
+ * @var \Magento\Wishlist\Block\Customer\Wishlist\Button $block
+ * @var \Magento\Framework\Escaper $escaper
+ */
 ?>
 
 <?php if ($block->getWishlist()->getItemsCount()) : ?>
-    <button type="submit" name="do" title="<?= $block->escapeHtmlAttr(__('Update Wish List')) ?>" class="action update">
-        <span><?= $block->escapeHtml(__('Update Wish List')) ?></span>
+    <button type="submit" name="do" title="<?= $escaper->escapeHtmlAttr(__('Update Wish List')) ?>" class="action update">
+        <span><?= $escaper->escapeHtml(__('Update Wish List')) ?></span>
     </button>
 <?php endif;?>
diff --git a/app/code/Magento/Wishlist/view/frontend/templates/cart/item/renderer/actions/move_to_wishlist.phtml b/app/code/Magento/Wishlist/view/frontend/templates/cart/item/renderer/actions/move_to_wishlist.phtml
index 99732791e108b..373070ef77cae 100644
--- a/app/code/Magento/Wishlist/view/frontend/templates/cart/item/renderer/actions/move_to_wishlist.phtml
+++ b/app/code/Magento/Wishlist/view/frontend/templates/cart/item/renderer/actions/move_to_wishlist.phtml
@@ -4,12 +4,15 @@
  * See COPYING.txt for license details.
  */
 
-/** @var \Magento\Wishlist\Block\Cart\Item\Renderer\Actions\MoveToWishlist $block */
+/**
+ * @var \Magento\Wishlist\Block\Cart\Item\Renderer\Actions\MoveToWishlist $block
+ * @var \Magento\Framework\Escaper $escaper
+ */
 ?>
 <?php if ($block->isAllowInCart() && $block->isProductVisibleInSiteVisibility()) : ?>
     <a href="#"
        data-post='<?= /* @noEscape */ $block->getMoveFromCartParams() ?>'
        class="use-ajax action towishlist action-towishlist">
-        <span><?= $block->escapeHtml(__('Move to Wishlist')) ?></span>
+        <span><?= $escaper->escapeHtml(__('Move to Wishlist')) ?></span>
     </a>
 <?php endif ?>
diff --git a/app/code/Magento/Wishlist/view/frontend/templates/catalog/product/list/addto/wishlist.phtml b/app/code/Magento/Wishlist/view/frontend/templates/catalog/product/list/addto/wishlist.phtml
index 2427f883c2b53..40a51986ef494 100644
--- a/app/code/Magento/Wishlist/view/frontend/templates/catalog/product/list/addto/wishlist.phtml
+++ b/app/code/Magento/Wishlist/view/frontend/templates/catalog/product/list/addto/wishlist.phtml
@@ -4,16 +4,19 @@
  * See COPYING.txt for license details.
  */
 
-/** @var Magento\Wishlist\Block\Catalog\Product\ProductList\Item\AddTo\Wishlist $block */
+/**
+ * @var Magento\Wishlist\Block\Catalog\Product\ProductList\Item\AddTo\Wishlist $block
+ * @var \Magento\Framework\Escaper $escaper
+ */
 ?>
 <?php if ($block->getWishlistHelper()->isAllow()) : ?>
     <a href="#"
        class="action towishlist"
-       title="<?= $block->escapeHtmlAttr(__('Add to Wish List')) ?>"
-       aria-label="<?= $block->escapeHtmlAttr(__('Add to Wish List')) ?>"
+       title="<?= $escaper->escapeHtmlAttr(__('Add to Wish List')) ?>"
+       aria-label="<?= $escaper->escapeHtmlAttr(__('Add to Wish List')) ?>"
        data-post='<?= /* @noEscape */ $block->getAddToWishlistParams($block->getProduct()) ?>'
        data-action="add-to-wishlist"
        role="button">
-        <span><?= $block->escapeHtml(__('Add to Wish List')) ?></span>
+        <span><?= $escaper->escapeHtml(__('Add to Wish List')) ?></span>
     </a>
 <?php endif; ?>
diff --git a/app/code/Magento/Wishlist/view/frontend/templates/catalog/product/view/addto/wishlist.phtml b/app/code/Magento/Wishlist/view/frontend/templates/catalog/product/view/addto/wishlist.phtml
index a0c680ea24e32..6b0cc9a3dd6d7 100644
--- a/app/code/Magento/Wishlist/view/frontend/templates/catalog/product/view/addto/wishlist.phtml
+++ b/app/code/Magento/Wishlist/view/frontend/templates/catalog/product/view/addto/wishlist.phtml
@@ -4,13 +4,16 @@
  * See COPYING.txt for license details.
  */
 
-/** @var \Magento\Wishlist\Block\Catalog\Product\View\AddTo\Wishlist $block */
+/**
+ * @var \Magento\Wishlist\Block\Catalog\Product\View\AddTo\Wishlist $block
+ * @var \Magento\Framework\Escaper $escaper
+ */
 ?>
 <?php if ($block->isWishListAllowed()) : ?>
     <a href="#"
        class="action towishlist"
        data-post='<?= /* @noEscape */ $block->getWishlistParams() ?>'
-       data-action="add-to-wishlist"><span><?= $block->escapeHtml(__('Add to Wish List')) ?></span></a>
+       data-action="add-to-wishlist"><span><?= $escaper->escapeHtml(__('Add to Wish List')) ?></span></a>
 <?php endif; ?>
 <script type="text/x-magento-init">
     {
diff --git a/app/code/Magento/Wishlist/view/frontend/templates/email/items.phtml b/app/code/Magento/Wishlist/view/frontend/templates/email/items.phtml
index 782b7d4892e62..4ed958fa92818 100644
--- a/app/code/Magento/Wishlist/view/frontend/templates/email/items.phtml
+++ b/app/code/Magento/Wishlist/view/frontend/templates/email/items.phtml
@@ -4,7 +4,10 @@
  * See COPYING.txt for license details.
  */
 
-/* @var \Magento\Wishlist\Block\Share\Email\Items $block */
+/**
+ * @var \Magento\Framework\Escaper $escaper
+ * @var \Magento\Wishlist\Block\Share\Email\Items $block
+ */
 ?>
 <?php $l = $block->getWishlistItemsCount() ?>
 <div>
@@ -17,26 +20,26 @@
                 <?php $_product = $item->getProduct(); ?>
                 <td class="col product">
                     <p>
-                        <a href="<?= $block->escapeUrl($block->getProductUrl($item)) ?>">
+                        <a href="<?= $escaper->escapeUrl($block->getProductUrl($item)) ?>">
                             <?php $productThumbnail = $block->getProductForThumbnail($item) ?>
                             <?= /* @noEscape */ $block->getImage($productThumbnail, 'product_small_image')->toHtml() ?>
                         </a>
                     </p>
 
                     <p>
-                        <a href="<?= $block->escapeUrl($block->getProductUrl($item)) ?>">
-                            <strong><?= $block->escapeHtml($_product->getName()) ?></strong>
+                        <a href="<?= $escaper->escapeUrl($block->getProductUrl($item)) ?>">
+                            <strong><?= $escaper->escapeHtml($_product->getName()) ?></strong>
                         </a>
                     </p>
                     <?php if ($block->hasDescription($item)): ?>
                         <p>
-                            <strong><?= $block->escapeHtml(__('Comment')) ?>:</strong>
+                            <strong><?= $escaper->escapeHtml(__('Comment')) ?>:</strong>
                             <br/><?= /* @noEscape */  $block->getEscapedDescription($item) ?>
                         </p>
                     <?php endif; ?>
                     <p>
-                        <a href="<?= $block->escapeUrl($block->getProductUrl($item)) ?>">
-                            <?= $block->escapeHtml(__('View Product')) ?>
+                        <a href="<?= $escaper->escapeUrl($block->getProductUrl($item)) ?>">
+                            <?= $escaper->escapeHtml(__('View Product')) ?>
                         </a>
                     </p>
                 </td>
diff --git a/app/code/Magento/Wishlist/view/frontend/templates/item/column/actions.phtml b/app/code/Magento/Wishlist/view/frontend/templates/item/column/actions.phtml
index ce6ac6f2b2641..4a3c2ed0b0807 100644
--- a/app/code/Magento/Wishlist/view/frontend/templates/item/column/actions.phtml
+++ b/app/code/Magento/Wishlist/view/frontend/templates/item/column/actions.phtml
@@ -4,11 +4,14 @@
  * See COPYING.txt for license details.
  */
 
-/** @var \Magento\Wishlist\Block\Customer\Wishlist\Item\Column\Actions $block */
+/**
+ * @var \Magento\Wishlist\Block\Customer\Wishlist\Item\Column\Actions $block
+ * @var \Magento\Framework\Escaper $escaper
+ */
 ?>
 <?php $children = $block->getChildNames(); ?>
 <?php if ($children) : ?>
-    <div class="<?= $block->escapeHtmlAttr($block->getCssClass()) ?>">
+    <div class="<?= $escaper->escapeHtmlAttr($block->getCssClass()) ?>">
         <?php foreach ($children as $childName) : ?>
             <?= /* @noEscape */ $block->getLayout()->renderElement($childName, false) ?>
         <?php endforeach;?>
diff --git a/app/code/Magento/Wishlist/view/frontend/templates/item/column/cart.phtml b/app/code/Magento/Wishlist/view/frontend/templates/item/column/cart.phtml
index 32bef54e732a4..3ac2e64410330 100644
--- a/app/code/Magento/Wishlist/view/frontend/templates/item/column/cart.phtml
+++ b/app/code/Magento/Wishlist/view/frontend/templates/item/column/cart.phtml
@@ -4,7 +4,10 @@
  * See COPYING.txt for license details.
  */
 
-/** @var \Magento\Wishlist\Block\Customer\Wishlist\Item\Column\Cart $block */
+/**
+ * @var \Magento\Wishlist\Block\Customer\Wishlist\Item\Column\Cart $block
+ * @var \Magento\Framework\Escaper $escaper
+ */
 
 /** @var \Magento\Wishlist\Model\Item $item */
 $item = $block->getItem();
@@ -20,29 +23,29 @@ $allowedQty = $viewModel->setItem($item)->getMinMaxQty();
     <fieldset class="fieldset">
     <?php if ($item->canHaveQty() && $product->isVisibleInSiteVisibility()) : ?>
         <div class="field qty">
-            <label class="label" for="qty[<?= $block->escapeHtmlAttr($item->getId()) ?>]"><span><?= $block->escapeHtml(__('Qty')) ?></span></label>
+            <label class="label" for="qty[<?= $escaper->escapeHtmlAttr($item->getId()) ?>]"><span><?= $escaper->escapeHtml(__('Qty')) ?></span></label>
             <div class="control">
-                <input type="number" data-role="qty" id="qty[<?= $block->escapeHtmlAttr($item->getId()) ?>]" class="input-text qty" data-validate="{'required-number':true,'validate-greater-than-zero':true, 'validate-item-quantity':{'minAllowed':<?= /* @noEscape */ $allowedQty['minAllowed'] ?>,'maxAllowed':<?= /* @noEscape */ $allowedQty['maxAllowed'] ?>}}"
-               name="qty[<?= $block->escapeHtmlAttr($item->getId()) ?>]" value="<?= /* @noEscape */ $block->getAddToCartQty($item) * 1 ?>" <?= $product->isSaleable() ? '' : 'disabled="disabled"' ?>>
+                <input type="number" data-role="qty" id="qty[<?= $escaper->escapeHtmlAttr($item->getId()) ?>]" class="input-text qty" data-validate="{'required-number':true,'validate-greater-than-zero':true, 'validate-item-quantity':{'minAllowed':<?= /* @noEscape */ $allowedQty['minAllowed'] ?>,'maxAllowed':<?= /* @noEscape */ $allowedQty['maxAllowed'] ?>}}"
+               name="qty[<?= $escaper->escapeHtmlAttr($item->getId()) ?>]" value="<?= /* @noEscape */ $block->getAddToCartQty($item) * 1 ?>" <?= $product->isSaleable() ? '' : 'disabled="disabled"' ?>>
             </div>
         </div>
     <?php endif; ?>
     <?php if ($product->isSaleable()) : ?>
     <div class="product-item-actions">
         <div class="actions-primary">
-            <button type="button" data-role="tocart" data-post='<?= /* @noEscape */ $block->getItemAddToCartParams($item) ?>' title="<?= $block->escapeHtmlAttr(__('Add to Cart')) ?>" data-item-id="<?= $block->escapeHtmlAttr($item->getId()) ?>" class="action tocart primary">
-                <span><?= $block->escapeHtml(__('Add to Cart')) ?></span>
+            <button type="button" data-role="tocart" data-post='<?= /* @noEscape */ $block->getItemAddToCartParams($item) ?>' title="<?= $escaper->escapeHtmlAttr(__('Add to Cart')) ?>" data-item-id="<?= $escaper->escapeHtmlAttr($item->getId()) ?>" class="action tocart primary">
+                <span><?= $escaper->escapeHtml(__('Add to Cart')) ?></span>
             </button>
         </div>
     </div>
     <?php else : ?>
         <?php if ($product->getIsSalable()) : ?>
-            <p class="available stock" title="<?= $block->escapeHtmlAttr(__('Availability')) ?>">
-                <span><?= $block->escapeHtml(__('In stock')) ?></span>
+            <p class="available stock" title="<?= $escaper->escapeHtmlAttr(__('Availability')) ?>">
+                <span><?= $escaper->escapeHtml(__('In stock')) ?></span>
             </p>
         <?php else : ?>
-            <p class="unavailable stock" title="<?= $block->escapeHtmlAttr(__('Availability')) ?>">
-                <span><?= $block->escapeHtml(__('Out of stock')) ?></span>
+            <p class="unavailable stock" title="<?= $escaper->escapeHtmlAttr(__('Availability')) ?>">
+                <span><?= $escaper->escapeHtml(__('Out of stock')) ?></span>
             </p>
         <?php endif; ?>
     <?php endif; ?>
diff --git a/app/code/Magento/Wishlist/view/frontend/templates/item/column/comment.phtml b/app/code/Magento/Wishlist/view/frontend/templates/item/column/comment.phtml
index 0f1c696088bca..bc49812cfc4fe 100644
--- a/app/code/Magento/Wishlist/view/frontend/templates/item/column/comment.phtml
+++ b/app/code/Magento/Wishlist/view/frontend/templates/item/column/comment.phtml
@@ -4,17 +4,20 @@
  * See COPYING.txt for license details.
  */
 
-/* @var \Magento\Wishlist\Block\Customer\Wishlist\Item\Column\Comment $block  */
+/**
+ * @var \Magento\Wishlist\Block\Customer\Wishlist\Item\Column\Comment $block
+ * @var \Magento\Framework\Escaper $escaper
+ */
 
 /* @var \Magento\Wishlist\Model\Item $item */
 $item = $block->getItem();
 ?>
 
 <div class="field comment-box">
-    <label class="label" for="product-item-comment-<?= $block->escapeHtmlAttr($item->getWishlistItemId()) ?>">
-        <span><?= $block->escapeHtml(__('Comment')) ?></span>
+    <label class="label" for="product-item-comment-<?= $escaper->escapeHtmlAttr($item->getWishlistItemId()) ?>">
+        <span><?= $escaper->escapeHtml(__('Comment')) ?></span>
     </label>
     <div class="control">
-        <textarea id="product-item-comment-<?= $block->escapeHtmlAttr($item->getWishlistItemId()) ?>" placeholder="<?= /* @noEscape */ $this->helper(\Magento\Wishlist\Helper\Data::class)->defaultCommentString() ?>" name="description[<?= $block->escapeHtmlAttr($item->getWishlistItemId()) ?>]" title="<?= $block->escapeHtmlAttr(__('Comment')) ?>" class="product-item-comment" <?= $item->getProduct()->isSaleable() ? '' : 'disabled="disabled"' ?>><?= ($block->escapeHtml($item->getDescription())) ?></textarea>
+        <textarea id="product-item-comment-<?= $escaper->escapeHtmlAttr($item->getWishlistItemId()) ?>" placeholder="<?= /* @noEscape */ $this->helper(\Magento\Wishlist\Helper\Data::class)->defaultCommentString() ?>" name="description[<?= $escaper->escapeHtmlAttr($item->getWishlistItemId()) ?>]" title="<?= $escaper->escapeHtmlAttr(__('Comment')) ?>" class="product-item-comment" <?= $item->getProduct()->isSaleable() ? '' : 'disabled="disabled"' ?>><?= ($escaper->escapeHtml($item->getDescription())) ?></textarea>
     </div>
 </div>
diff --git a/app/code/Magento/Wishlist/view/frontend/templates/item/column/edit.phtml b/app/code/Magento/Wishlist/view/frontend/templates/item/column/edit.phtml
index a6fa5d4fccdcf..bd428ad9d4933 100644
--- a/app/code/Magento/Wishlist/view/frontend/templates/item/column/edit.phtml
+++ b/app/code/Magento/Wishlist/view/frontend/templates/item/column/edit.phtml
@@ -4,7 +4,10 @@
  * See COPYING.txt for license details.
  */
 
-/** @var \Magento\Wishlist\Block\Customer\Wishlist\Item\Column\Edit $block */
+/**
+ * @var \Magento\Wishlist\Block\Customer\Wishlist\Item\Column\Edit $block
+ * @var \Magento\Framework\Escaper $escaper
+ */
 
 /** @var \Magento\Wishlist\Model\Item $item */
 $item = $block->getItem();
@@ -12,7 +15,7 @@ $product = $item->getProduct();
 ?>
 
 <?php if ($product->isVisibleInSiteVisibility()) : ?>
-    <a class="action edit" href="<?= $block->escapeUrl($block->getItemConfigureUrl($item)) ?>">
-        <span><?= $block->escapeHtml(__('Edit')) ?></span>
+    <a class="action edit" href="<?= $escaper->escapeUrl($block->getItemConfigureUrl($item)) ?>">
+        <span><?= $escaper->escapeHtml(__('Edit')) ?></span>
     </a>
 <?php endif ?>
diff --git a/app/code/Magento/Wishlist/view/frontend/templates/item/column/image.phtml b/app/code/Magento/Wishlist/view/frontend/templates/item/column/image.phtml
index 0053c1d214892..41b00367f65f7 100644
--- a/app/code/Magento/Wishlist/view/frontend/templates/item/column/image.phtml
+++ b/app/code/Magento/Wishlist/view/frontend/templates/item/column/image.phtml
@@ -4,12 +4,15 @@
  * See COPYING.txt for license details.
  */
 
-/** @var \Magento\Wishlist\Block\Customer\Wishlist\Item\Column\Image $block */
+/**
+ * @var \Magento\Wishlist\Block\Customer\Wishlist\Item\Column\Image $block
+ * @var \Magento\Framework\Escaper $escaper
+ */
 
 /** @var \Magento\Wishlist\Model\Item $item */
 $item = $block->getItem();
 $product = $item->getProduct();
 ?>
-<a class="product-item-photo" tabindex="-1" href="<?= $block->escapeUrl($block->getProductUrl($item)) ?>" title="<?= $block->escapeHtmlAttr($product->getName()) ?>">
+<a class="product-item-photo" tabindex="-1" href="<?= $escaper->escapeUrl($block->getProductUrl($item)) ?>" title="<?= $escaper->escapeHtmlAttr($product->getName()) ?>">
     <?= $block->getImage($block->getProductForThumbnail($item), 'wishlist_thumbnail')->toHtml() ?>
 </a>
diff --git a/app/code/Magento/Wishlist/view/frontend/templates/item/column/name.phtml b/app/code/Magento/Wishlist/view/frontend/templates/item/column/name.phtml
index 2626e7745d56b..76ec054614b89 100644
--- a/app/code/Magento/Wishlist/view/frontend/templates/item/column/name.phtml
+++ b/app/code/Magento/Wishlist/view/frontend/templates/item/column/name.phtml
@@ -4,14 +4,17 @@
  * See COPYING.txt for license details.
  */
 
-/** @var \Magento\Wishlist\Block\Customer\Wishlist\Item\Column\Info $block */
+/**
+ * @var \Magento\Wishlist\Block\Customer\Wishlist\Item\Column\Info $block
+ * @var \Magento\Framework\Escaper $escaper
+ */
 
 /** @var \Magento\Wishlist\Model\Item $item */
 $item = $block->getItem();
 $product = $item->getProduct();
 ?>
 <strong class="product-item-name">
-    <a href="<?= $block->escapeUrl($block->getProductUrl($item)) ?>" title="<?= $block->escapeHtmlAttr($product->getName()) ?>" class="product-item-link">
-        <?= $block->escapeHtml($product->getName()) ?>
+    <a href="<?= $escaper->escapeUrl($block->getProductUrl($item)) ?>" title="<?= $escaper->escapeHtmlAttr($product->getName()) ?>" class="product-item-link">
+        <?= $escaper->escapeHtml($product->getName()) ?>
     </a>
 </strong>
diff --git a/app/code/Magento/Wishlist/view/frontend/templates/item/column/remove.phtml b/app/code/Magento/Wishlist/view/frontend/templates/item/column/remove.phtml
index 938b62931171d..236d13be68f96 100644
--- a/app/code/Magento/Wishlist/view/frontend/templates/item/column/remove.phtml
+++ b/app/code/Magento/Wishlist/view/frontend/templates/item/column/remove.phtml
@@ -4,9 +4,12 @@
  * See COPYING.txt for license details.
  */
 
-/* @var \Magento\Wishlist\Block\Customer\Wishlist\Item\Column\Remove $block */
+/**
+ * @var \Magento\Wishlist\Block\Customer\Wishlist\Item\Column\Remove $block
+ * @var \Magento\Framework\Escaper $escaper
+ */
 ?>
 
-<a href="#" data-role="remove" data-post-remove='<?= /* @noEscape */ $block->getItemRemoveParams($block->getItem()) ?>' title="<?= $block->escapeHtmlAttr(__('Remove Item')) ?>" class="btn-remove action delete">
-    <span><?= $block->escapeHtml(__('Remove item')) ?></span>
+<a href="#" data-role="remove" data-post-remove='<?= /* @noEscape */ $block->getItemRemoveParams($block->getItem()) ?>' title="<?= $escaper->escapeHtmlAttr(__('Remove Item')) ?>" class="btn-remove action delete">
+    <span><?= $escaper->escapeHtml(__('Remove item')) ?></span>
 </a>
diff --git a/app/code/Magento/Wishlist/view/frontend/templates/item/configure/addto.phtml b/app/code/Magento/Wishlist/view/frontend/templates/item/configure/addto.phtml
index 3b2e742af8ba0..2e58fdbe87e7b 100644
--- a/app/code/Magento/Wishlist/view/frontend/templates/item/configure/addto.phtml
+++ b/app/code/Magento/Wishlist/view/frontend/templates/item/configure/addto.phtml
@@ -4,20 +4,23 @@
  * See COPYING.txt for license details.
  */
 
-/** @var \Magento\Wishlist\Block\Item\configure $block */
+/**
+ * @var \Magento\Wishlist\Block\Item\configure $block
+ * @var \Magento\Framework\Escaper $escaper
+ */
 ?>
 
 <div class="product-addto-links" data-role="add-to-links">
     <?php if ($this->helper(\Magento\Wishlist\Helper\Data::class)->isAllow()) : ?>
         <a href="#" data-post='<?= /* @noEscape */ $block->getUpdateParams() ?>' class="action towishlist updated" data-action="add-to-wishlist">
-            <span><?= $block->escapeHtml(__('Update Wish List')) ?></span>
+            <span><?= $escaper->escapeHtml(__('Update Wish List')) ?></span>
         </a>
     <?php endif; ?>
     <?php $_product = $block->getProduct(); ?>
     <?php $_compareUrl = $this->helper(\Magento\Catalog\Helper\Product\Compare::class)->getAddUrl($_product); ?>
     <?php if ($_compareUrl) : ?>
-        <a href="<?= $block->escapeUrl($_compareUrl) ?>" class="action tocompare">
-            <span><?= $block->escapeHtml(__('Add to Compare')) ?></span>
+        <a href="<?= $escaper->escapeUrl($_compareUrl) ?>" class="action tocompare">
+            <span><?= $escaper->escapeHtml(__('Add to Compare')) ?></span>
         </a>
     <?php endif; ?>
 </div>
diff --git a/app/code/Magento/Wishlist/view/frontend/templates/item/configure/addto/wishlist.phtml b/app/code/Magento/Wishlist/view/frontend/templates/item/configure/addto/wishlist.phtml
index 05d4eaaa251b8..ae055f5f26bd4 100644
--- a/app/code/Magento/Wishlist/view/frontend/templates/item/configure/addto/wishlist.phtml
+++ b/app/code/Magento/Wishlist/view/frontend/templates/item/configure/addto/wishlist.phtml
@@ -4,11 +4,14 @@
  * See COPYING.txt for license details.
  */
 
-/** @var \Magento\Wishlist\Block\Item\Configure $block */
+/**
+ * @var \Magento\Wishlist\Block\Item\Configure $block
+ * @var \Magento\Framework\Escaper $escaper
+ */
 ?>
 <?php if ($this->helper(\Magento\Wishlist\Helper\Data::class)->isAllow()) : ?>
     <a href="#" data-post='<?= /* @noEscape */ $block->getUpdateParams() ?>' class="action towishlist updated" data-action="add-to-wishlist">
-        <span><?= $block->escapeHtml(__('Update Wish List')) ?></span>
+        <span><?= $escaper->escapeHtml(__('Update Wish List')) ?></span>
     </a>
 <?php endif; ?>
 <script type="text/x-magento-init">
diff --git a/app/code/Magento/Wishlist/view/frontend/templates/item/list.phtml b/app/code/Magento/Wishlist/view/frontend/templates/item/list.phtml
index f11c9ac9a5cef..a0364cc257f53 100644
--- a/app/code/Magento/Wishlist/view/frontend/templates/item/list.phtml
+++ b/app/code/Magento/Wishlist/view/frontend/templates/item/list.phtml
@@ -5,7 +5,10 @@
  */
 ?>
 <?php
-/** @var \Magento\Wishlist\Block\Customer\Wishlist\Items $block */
+/**
+ * @var \Magento\Wishlist\Block\Customer\Wishlist\Items $block
+ * @var \Magento\Framework\Escaper $escaper
+ */
 $columns = $block->getColumns();
 ?>
 
@@ -13,7 +16,7 @@ $columns = $block->getColumns();
     <?php if (count($block->getItems())) : ?>
     <ol class="product-items">
         <?php foreach ($block->getItems() as $item) : ?>
-            <li data-row="product-item" class="product-item" id="item_<?= $block->escapeHtmlAttr($item->getId()) ?>">
+            <li data-row="product-item" class="product-item" id="item_<?= $escaper->escapeHtmlAttr($item->getId()) ?>">
                 <div class="product-item-info" data-container="product-grid">
                     <?php foreach ($columns as $column) : ?>
                         <?= $column->setItem($item)->toHtml();?>
@@ -24,7 +27,7 @@ $columns = $block->getColumns();
     </ol>
     <?php else : ?>
         <div class="message info empty">
-            <span><?= $block->escapeHtml(__('This Wish List has no Items')) ?></span>
+            <span><?= $escaper->escapeHtml(__('This Wish List has no Items')) ?></span>
         </div>
     <?php endif; ?>
 </div>
diff --git a/app/code/Magento/Wishlist/view/frontend/templates/link.phtml b/app/code/Magento/Wishlist/view/frontend/templates/link.phtml
index e3ef3cf4f009b..24d702c816105 100644
--- a/app/code/Magento/Wishlist/view/frontend/templates/link.phtml
+++ b/app/code/Magento/Wishlist/view/frontend/templates/link.phtml
@@ -4,10 +4,13 @@
  * See COPYING.txt for license details.
  */
 
-/* @var \Magento\Wishlist\Block\Link $block */
+/**
+ * @var \Magento\Wishlist\Block\Link $block
+ * @var \Magento\Framework\Escaper $escaper
+ */
 ?>
 <li class="link wishlist" data-bind="scope: 'wishlist'">
-    <a <?= /* @noEscape */ $block->getLinkAttributes() ?>><?= $block->escapeHtml($block->getLabel()) ?>
+    <a <?= /* @noEscape */ $block->getLinkAttributes() ?>><?= $escaper->escapeHtml($block->getLabel()) ?>
         <!-- ko if: wishlist().counter -->
         <span data-bind="text: wishlist().counter" class="counter qty"></span>
         <!-- /ko -->
diff --git a/app/code/Magento/Wishlist/view/frontend/templates/messages/addProductSuccessMessage.phtml b/app/code/Magento/Wishlist/view/frontend/templates/messages/addProductSuccessMessage.phtml
index 5abb0dd8e0144..57c1c829a2a7d 100644
--- a/app/code/Magento/Wishlist/view/frontend/templates/messages/addProductSuccessMessage.phtml
+++ b/app/code/Magento/Wishlist/view/frontend/templates/messages/addProductSuccessMessage.phtml
@@ -4,7 +4,10 @@
  * See COPYING.txt for license details.
  */
 
-/** @var \Magento\Framework\View\Element\Template $block */
+/**
+ * @var \Magento\Framework\View\Element\Template $block
+ * @var \Magento\Framework\Escaper $escaper
+ */
 ?>
 
-<?= $block->escapeHtml(__('%1 has been added to your Wish List.', $block->getData('product_name'))) ?> <?= $block->escapeHtml(__('Click <a href="%1">here</a> to continue shopping.', $block->getData('referer')), ['a']);
+<?= $escaper->escapeHtml(__('%1 has been added to your Wish List.', $block->getData('product_name'))) ?> <?= $escaper->escapeHtml(__('Click <a href="%1">here</a> to continue shopping.', $block->getData('referer')), ['a']);
diff --git a/app/code/Magento/Wishlist/view/frontend/templates/messages/removeWishlistItemSuccessMessage.phtml b/app/code/Magento/Wishlist/view/frontend/templates/messages/removeWishlistItemSuccessMessage.phtml
index 0f222598b536d..9089959af771c 100644
--- a/app/code/Magento/Wishlist/view/frontend/templates/messages/removeWishlistItemSuccessMessage.phtml
+++ b/app/code/Magento/Wishlist/view/frontend/templates/messages/removeWishlistItemSuccessMessage.phtml
@@ -4,8 +4,11 @@
  * See COPYING.txt for license details.
  */
 
-/** @var \Magento\Framework\View\Element\Template $block */
+/**
+ * @var \Magento\Framework\View\Element\Template $block
+ * @var \Magento\Framework\Escaper $escaper
+ */
 ?>
 
-<?= $block->escapeHtml(__('%1 has been removed from your Wish List.', $block->getData('product_name'))); ?>
+<?= $escaper->escapeHtml(__('%1 has been removed from your Wish List.', $block->getData('product_name'))); ?>
 
diff --git a/app/code/Magento/Wishlist/view/frontend/templates/options_list.phtml b/app/code/Magento/Wishlist/view/frontend/templates/options_list.phtml
index 9e9cf1b64adc5..01bf2e6c056bb 100644
--- a/app/code/Magento/Wishlist/view/frontend/templates/options_list.phtml
+++ b/app/code/Magento/Wishlist/view/frontend/templates/options_list.phtml
@@ -4,18 +4,21 @@
  * See COPYING.txt for license details.
  */
 
-/* @var \Magento\Wishlist\Block\Customer\Wishlist\Item\Options $block */
+/**
+ * @var \Magento\Wishlist\Block\Customer\Wishlist\Item\Options $block
+ * @var \Magento\Framework\Escaper $escaper
+ */
 ?>
 
 <?php $options = $block->getOptionList(); ?>
 <?php if ($options) : ?>
 <div class="tooltip wrapper product-item-tooltip">
-    <span class="action details tooltip toggle"><?= $block->escapeHtml(__('See Details')) ?></span>
+    <span class="action details tooltip toggle"><?= $escaper->escapeHtml(__('See Details')) ?></span>
     <div class="tooltip content">
-        <strong class="subtitle"><?= $block->escapeHtml(__('Options Details')) ?></strong>
+        <strong class="subtitle"><?= $escaper->escapeHtml(__('Options Details')) ?></strong>
         <dl>
             <?php foreach ($options as $option) : ?>
-            <dt class="label"><?= $block->escapeHtml($option['label']) ?></dt>
+            <dt class="label"><?= $escaper->escapeHtml($option['label']) ?></dt>
             <dd class="values">
                 <?php if (is_array($option['value'])) : ?>
                     <?= /* @noEscape */ nl2br(implode("\n", $option['value'])) ?>
diff --git a/app/code/Magento/Wishlist/view/frontend/templates/rss/email.phtml b/app/code/Magento/Wishlist/view/frontend/templates/rss/email.phtml
index f221e50608ca4..b7a182000e4f2 100644
--- a/app/code/Magento/Wishlist/view/frontend/templates/rss/email.phtml
+++ b/app/code/Magento/Wishlist/view/frontend/templates/rss/email.phtml
@@ -4,7 +4,10 @@
  * See COPYING.txt for license details.
  */
 
-/* @var \Magento\Wishlist\Block\Rss\EmailLink $block */
+/**
+ * @var \Magento\Wishlist\Block\Rss\EmailLink $block
+ * @var \Magento\Framework\Escaper $escaper
+ */
 /** @var \Magento\Framework\View\Helper\SecureHtmlRenderer $secureRenderer */
 
 /** @var \Magento\Wishlist\Helper\Data $wishlistHelper */
@@ -12,9 +15,9 @@ $wishlistHelper = $block->getData('wishlistHelper');
 ?>
 <?php if ($block->getLink()): ?>
 <p id="wishlist-rss-email-link">
-    <?= $block->escapeHtml(__("RSS link to %1's wishlist", $wishlistHelper->getCustomerName())) ?>
+    <?= $escaper->escapeHtml(__("RSS link to %1's wishlist", $wishlistHelper->getCustomerName())) ?>
     <br />
-    <a href="<?= $block->escapeUrl($block->getLink()) ?>"><?= $block->escapeUrl($block->getLink()) ?></a>
+    <a href="<?= $escaper->escapeUrl($block->getLink()) ?>"><?= $escaper->escapeUrl($block->getLink()) ?></a>
 </p>
     <?= /* @noEscape */ $secureRenderer->renderStyleAsTag(
         "font-size:12px; line-height:16px; margin:0 0 16px;",
diff --git a/app/code/Magento/Wishlist/view/frontend/templates/rss/wishlist.phtml b/app/code/Magento/Wishlist/view/frontend/templates/rss/wishlist.phtml
index d9cca05d667be..312ac9d70ef6e 100644
--- a/app/code/Magento/Wishlist/view/frontend/templates/rss/wishlist.phtml
+++ b/app/code/Magento/Wishlist/view/frontend/templates/rss/wishlist.phtml
@@ -4,10 +4,13 @@
  * See COPYING.txt for license details.
  */
 
-/** @var \Magento\Wishlist\Block\Rss\Link $block */
+/**
+ * @var \Magento\Wishlist\Block\Rss\Link $block
+ * @var \Magento\Framework\Escaper $escaper
+ */
 ?>
 <?php if ($block->isRssAllowed() && $block->getLink() && $this->helper(\Magento\Wishlist\Helper\Data::class)->getWishlist()->getItemsCount()) : ?>
-    <a href="<?= $block->escapeUrl($block->getLink()) ?>" class="action rss wishlist">
-        <span><?= $block->escapeHtml(__('RSS Feed')) ?></span>
+    <a href="<?= $escaper->escapeUrl($block->getLink()) ?>" class="action rss wishlist">
+        <span><?= $escaper->escapeHtml(__('RSS Feed')) ?></span>
     </a>
 <?php endif; ?>
diff --git a/app/code/Magento/Wishlist/view/frontend/templates/shared.phtml b/app/code/Magento/Wishlist/view/frontend/templates/shared.phtml
index 0d3158abb0532..ae042ac7aa5cf 100644
--- a/app/code/Magento/Wishlist/view/frontend/templates/shared.phtml
+++ b/app/code/Magento/Wishlist/view/frontend/templates/shared.phtml
@@ -4,21 +4,24 @@
  * See COPYING.txt for license details.
  */
 
-/** @var \Magento\Wishlist\Block\Share\Wishlist $block */
+/**
+ * @var \Magento\Wishlist\Block\Share\Wishlist $block
+ * @var \Magento\Framework\Escaper $escaper
+ */
 /** @var \Magento\Framework\View\Helper\SecureHtmlRenderer $secureRenderer */
 ?>
 
 <?php if ($block->hasWishlistItems()): ?>
-    <form class="form shared wishlist" action="<?= $block->escapeUrl($block->getUrl('wishlist/index/update')) ?>"
+    <form class="form shared wishlist" action="<?= $escaper->escapeUrl($block->getUrl('wishlist/index/update')) ?>"
           method="post">
         <div class="wishlist table-wrapper">
             <table class="table data wishlist" id="wishlist-table">
-                <caption class="table-caption"><?= $block->escapeHtml(__('Wish List')) ?></caption>
+                <caption class="table-caption"><?= $escaper->escapeHtml(__('Wish List')) ?></caption>
                 <thead>
                 <tr>
-                    <th class="col product" scope="col"><?= $block->escapeHtml(__('Product')) ?></th>
-                    <th class="col comment" scope="col"><?= $block->escapeHtml(__('Comment')) ?></th>
-                    <th class="col actions" scope="col"><?= $block->escapeHtml(__('Add to Cart')) ?></th>
+                    <th class="col product" scope="col"><?= $escaper->escapeHtml(__('Product')) ?></th>
+                    <th class="col comment" scope="col"><?= $escaper->escapeHtml(__('Comment')) ?></th>
+                    <th class="col actions" scope="col"><?= $escaper->escapeHtml(__('Add to Cart')) ?></th>
                 </tr>
                 </thead>
                 <tbody>
@@ -28,14 +31,14 @@
                     $isVisibleProduct = $product->isVisibleInSiteVisibility();
                     ?>
                     <tr>
-                        <td data-th="<?= $block->escapeHtmlAttr(__('Product')) ?>" class="col product">
-                            <a class="product photo" href="<?= $block->escapeUrl($block->getProductUrl($item)) ?>"
-                               title="<?= $block->escapeHtmlAttr($product->getName()) ?>">
+                        <td data-th="<?= $escaper->escapeHtmlAttr(__('Product')) ?>" class="col product">
+                            <a class="product photo" href="<?= $escaper->escapeUrl($block->getProductUrl($item)) ?>"
+                               title="<?= $escaper->escapeHtmlAttr($product->getName()) ?>">
                                 <?= $block->getImage($product, 'customer_shared_wishlist')->toHtml() ?>
                             </a>
                             <strong class="product name">
-                                <a href="<?= $block->escapeUrl($block->getProductUrl($item)) ?>">
-                                    <?= $block->escapeHtml($product->getName()) ?>
+                                <a href="<?= $escaper->escapeUrl($block->getProductUrl($item)) ?>">
+                                    <?= $escaper->escapeHtml($product->getName()) ?>
                                 </a>
                             </strong>
                             <?=
@@ -48,25 +51,25 @@
                             ?>
                             <?= $block->getDetailsHtml($item) ?>
                         </td>
-                        <td data-th="<?= $block->escapeHtmlAttr(__('Comment')) ?>"
+                        <td data-th="<?= $escaper->escapeHtmlAttr(__('Comment')) ?>"
                             class="col comment"><?= /* @noEscape */ $block->getEscapedDescription($item) ?>
                         </td>
-                        <td data-th="<?= $block->escapeHtmlAttr(__('Add to Cart')) ?>" class="col actions"
+                        <td data-th="<?= $escaper->escapeHtmlAttr(__('Add to Cart')) ?>" class="col actions"
                             data-role="add-to-links">
                             <?php if ($product->isSaleable()): ?>
                                 <?php if ($isVisibleProduct): ?>
                                     <button type="button"
-                                            title="<?= $block->escapeHtmlAttr(__('Add to Cart')) ?>"
+                                            title="<?= $escaper->escapeHtmlAttr(__('Add to Cart')) ?>"
                                             data-post='<?= /* @noEscape */ $block->getSharedItemAddToCartUrl($item) ?>'
                                             class="action tocart">
-                                        <span><?= $block->escapeHtml(__('Add to Cart')) ?></span>
+                                        <span><?= $escaper->escapeHtml(__('Add to Cart')) ?></span>
                                     </button>
                                 <?php endif ?>
                             <?php endif; ?>
                             <a href="#" data-post='<?= /* @noEscape */ $block->getAddToWishlistParams($item) ?>'
                                id="wishlist-shared-item-<?= /* @noEscape */ $item->getId() ?>"
                                class="action towishlist" data-action="add-to-wishlist">
-                                <span><?= $block->escapeHtml(__('Add to Wish List')) ?></span>
+                                <span><?= $escaper->escapeHtml(__('Add to Wish List')) ?></span>
                             </a>
                             <?= /* @noEscape */ $secureRenderer->renderEventListenerAsTag(
                                 'onclick',
@@ -84,20 +87,20 @@
             <?php if ($block->isSaleable()): ?>
                 <div class="primary">
                     <button type="button"
-                            title="<?= $block->escapeHtmlAttr(__('Add All to Cart')) ?>"
-                            data-post='<?= $block->escapeUrl($block->getSharedAddAllToCartUrl()) ?>'
+                            title="<?= $escaper->escapeHtmlAttr(__('Add All to Cart')) ?>"
+                            data-post='<?= $escaper->escapeUrl($block->getSharedAddAllToCartUrl()) ?>'
                             class="action tocart primary">
-                        <span><?= $block->escapeHtml(__('Add All to Cart')) ?></span>
+                        <span><?= $escaper->escapeHtml(__('Add All to Cart')) ?></span>
                     </button>
                 </div>
             <?php endif;?>
             <div class="secondary">
-                <a href="<?= $block->escapeUrl($block->getBackUrl()) ?>" class="action back">
-                    <span><?= $block->escapeHtml(__('Back')) ?></span>
+                <a href="<?= $escaper->escapeUrl($block->getBackUrl()) ?>" class="action back">
+                    <span><?= $escaper->escapeHtml(__('Back')) ?></span>
                 </a>
             </div>
         </div>
     </form>
 <?php else: ?>
-    <div class="message info empty"><div><?= $block->escapeHtml(__('Wish List is empty now.')) ?></div></div>
+    <div class="message info empty"><div><?= $escaper->escapeHtml(__('Wish List is empty now.')) ?></div></div>
 <?php endif ?>
diff --git a/app/code/Magento/Wishlist/view/frontend/templates/sharing.phtml b/app/code/Magento/Wishlist/view/frontend/templates/sharing.phtml
index 6591b480e73d4..16b5c591f8112 100644
--- a/app/code/Magento/Wishlist/view/frontend/templates/sharing.phtml
+++ b/app/code/Magento/Wishlist/view/frontend/templates/sharing.phtml
@@ -4,35 +4,38 @@
  * See COPYING.txt for license details.
  */
 
-/** @var \Magento\Wishlist\Block\Customer\Sharing $block */
+/**
+ * @var \Magento\Wishlist\Block\Customer\Sharing $block
+ * @var \Magento\Framework\Escaper $escaper
+ */
 ?>
 <form class="form wishlist share"
-      action="<?= $block->escapeUrl($block->getSendUrl()) ?>"
+      action="<?= $escaper->escapeUrl($block->getSendUrl()) ?>"
       id="form-validate"
       method="post"
-      data-hasrequired="<?= $block->escapeHtmlAttr(__('* Required Fields')) ?>"
+      data-hasrequired="<?= $escaper->escapeHtmlAttr(__('* Required Fields')) ?>"
       data-mage-init='{"validation":{}}'>
     <fieldset class="fieldset">
         <?= $block->getBlockHtml('formkey') ?>
-        <legend class="legend"><span><?= $block->escapeHtml(__('Sharing Information')) ?></span></legend><br />
+        <legend class="legend"><span><?= $escaper->escapeHtml(__('Sharing Information')) ?></span></legend><br />
         <div class="field emails required">
-            <label class="label" for="email_address"><span><?= $block->escapeHtml(__('Email addresses, separated by commas')) ?></span></label>
+            <label class="label" for="email_address"><span><?= $escaper->escapeHtml(__('Email addresses, separated by commas')) ?></span></label>
             <div class="control">
                 <textarea name="emails" cols="60" rows="5" id="email_address" data-validate="{required:true,'validate-emails':true}"><?= /* @noEscape */ $block->getEnteredData('emails') ?></textarea>
             </div>
         </div>
         <div class="field text">
-            <label class="label" for="message"><span><?= $block->escapeHtml(__('Message')) ?></span></label>
+            <label class="label" for="message"><span><?= $escaper->escapeHtml(__('Message')) ?></span></label>
             <div class="control">
                 <textarea id="message" name="message" cols="60" rows="5"><?= /* @noEscape */ $block->getEnteredData('message') ?></textarea>
             </div>
         </div>
         <?php if ($this->helper(\Magento\Wishlist\Helper\Rss::class)->isRssAllow()) : ?>
             <div class="field choice rss">
-                <input type="checkbox" name="rss_url" id="rss_url" value="1" title="<?= $block->escapeHtmlAttr(__('Check here to link an RSS feed to your Wish List.')) ?>" class="checkbox">
+                <input type="checkbox" name="rss_url" id="rss_url" value="1" title="<?= $escaper->escapeHtmlAttr(__('Check here to link an RSS feed to your Wish List.')) ?>" class="checkbox">
                 <label class="label" for="rss_url">
                     <span>
-                        <?= $block->escapeHtml(__('Check here to link an RSS feed to your Wish List.')) ?>
+                        <?= $escaper->escapeHtml(__('Check here to link an RSS feed to your Wish List.')) ?>
                     </span>
                 </label>
             </div>
@@ -41,12 +44,12 @@
     <?= $block->getChildHtml('captcha'); ?>
     <div class="actions-toolbar">
         <div class="primary">
-            <button type="submit" title="<?= $block->escapeHtmlAttr(__('Share Wish List')) ?>" class="action submit primary">
-                <span><?= $block->escapeHtml(__('Share Wish List')) ?></span>
+            <button type="submit" title="<?= $escaper->escapeHtmlAttr(__('Share Wish List')) ?>" class="action submit primary">
+                <span><?= $escaper->escapeHtml(__('Share Wish List')) ?></span>
             </button>
         </div>
         <div class="secondary">
-            <a class="action back" href="<?= $block->escapeUrl($block->getBackUrl()) ?>"><span><?= $block->escapeHtml(__('Back')) ?></span></a>
+            <a class="action back" href="<?= $escaper->escapeUrl($block->getBackUrl()) ?>"><span><?= $escaper->escapeHtml(__('Back')) ?></span></a>
         </div>
     </div>
 </form>
diff --git a/app/code/Magento/Wishlist/view/frontend/templates/sidebar.phtml b/app/code/Magento/Wishlist/view/frontend/templates/sidebar.phtml
index 6e678a8916372..caa27a1fb1990 100644
--- a/app/code/Magento/Wishlist/view/frontend/templates/sidebar.phtml
+++ b/app/code/Magento/Wishlist/view/frontend/templates/sidebar.phtml
@@ -4,7 +4,10 @@
  * See COPYING.txt for license details.
  */
 
-/** @var \Magento\Wishlist\Block\Customer\Sidebar $block */
+/**
+ * @var \Magento\Wishlist\Block\Customer\Sidebar $block
+ * @var \Magento\Framework\Escaper $escaper
+ */
 ?>
 <?php
 $wishlistHelper = $this->helper(\Magento\Wishlist\Helper\Data::class);
@@ -12,13 +15,13 @@ $wishlistHelper = $this->helper(\Magento\Wishlist\Helper\Data::class);
 <?php if ($wishlistHelper->isAllow()) : ?>
     <div class="block block-wishlist" data-bind="scope: 'wishlist'">
         <div class="block-title">
-            <strong role="heading" aria-level="2"><?= $block->escapeHtml($block->getTitle()) ?></strong>
+            <strong role="heading" aria-level="2"><?= $escaper->escapeHtml($block->getTitle()) ?></strong>
             <!-- ko if: wishlist().counter -->
             <span data-bind="text: wishlist().counter" class="counter"></span>
             <!-- /ko -->
         </div>
         <div class="block-content">
-            <strong class="subtitle"><?= $block->escapeHtml(__('Last Added Items')) ?></strong>
+            <strong class="subtitle"><?= $escaper->escapeHtml(__('Last Added Items')) ?></strong>
             <!-- ko if: wishlist().counter -->
                 <ol class="product-items no-display" id="wishlist-sidebar" data-bind="foreach: wishlist().items, css: {'no-display': null}">
                     <li class="product-item">
@@ -37,18 +40,18 @@ $wishlistHelper = $this->helper(\Magento\Wishlist\Helper\Data::class);
                                     <!-- ko if: product_is_saleable_and_visible -->
                                     <div class="actions-primary">
                                         <!-- ko if: product_has_required_options -->
-                                        <a href="#" data-bind="attr: {'data-post': add_to_cart_params}" class="action tocart primary"><span><?= $block->escapeHtml(__('Add to Cart')) ?></span></a>
+                                        <a href="#" data-bind="attr: {'data-post': add_to_cart_params}" class="action tocart primary"><span><?= $escaper->escapeHtml(__('Add to Cart')) ?></span></a>
                                         <!-- /ko -->
                                         <!-- ko ifnot: product_has_required_options -->
-                                            <button type="button" class="action tocart primary" data-bind="attr: {'data-post': add_to_cart_params}"><span><?= $block->escapeHtml(__('Add to Cart')) ?></span></button>
+                                            <button type="button" class="action tocart primary" data-bind="attr: {'data-post': add_to_cart_params}"><span><?= $escaper->escapeHtml(__('Add to Cart')) ?></span></button>
                                         <!-- /ko -->
                                     </div>
                                     <!-- /ko -->
                                     <div class="actions-secondary">
                                         <a href="#"  data-bind="attr: {'data-post': delete_item_params}"
-                                           title="<?= $block->escapeHtmlAttr(__('Remove This Item')) ?>"
+                                           title="<?= $escaper->escapeHtmlAttr(__('Remove This Item')) ?>"
                                            class="btn-remove action delete">
-                                            <span><?= $block->escapeHtml(__('Remove This Item')) ?></span>
+                                            <span><?= $escaper->escapeHtml(__('Remove This Item')) ?></span>
                                         </a>
                                     </div>
                                 </div>
@@ -59,13 +62,13 @@ $wishlistHelper = $this->helper(\Magento\Wishlist\Helper\Data::class);
                 <div class="actions-toolbar no-display" data-bind="css: {'no-display': null}">
                     <div class="primary">
                         <a class="action details"
-                           href="<?= $block->escapeUrl($this->helper(\Magento\Wishlist\Helper\Data::class)->getListUrl()) ?>"
-                           title="<?= $block->escapeHtmlAttr(__('Go to Wish List')) ?>"><span><?= $block->escapeHtml(__('Go to Wish List')) ?></span></a>
+                           href="<?= $escaper->escapeUrl($this->helper(\Magento\Wishlist\Helper\Data::class)->getListUrl()) ?>"
+                           title="<?= $escaper->escapeHtmlAttr(__('Go to Wish List')) ?>"><span><?= $escaper->escapeHtml(__('Go to Wish List')) ?></span></a>
                     </div>
                 </div>
             <!-- /ko -->
             <!-- ko ifnot: wishlist().counter -->
-                <div class="empty"><?= $block->escapeHtml(__('You have no items in your wish list.')) ?></div>
+                <div class="empty"><?= $escaper->escapeHtml(__('You have no items in your wish list.')) ?></div>
             <!-- /ko -->
         </div>
     </div>
diff --git a/app/code/Magento/Wishlist/view/frontend/templates/view.phtml b/app/code/Magento/Wishlist/view/frontend/templates/view.phtml
index 81bb5bd195091..4116b5b6befd4 100644
--- a/app/code/Magento/Wishlist/view/frontend/templates/view.phtml
+++ b/app/code/Magento/Wishlist/view/frontend/templates/view.phtml
@@ -4,7 +4,10 @@
  * See COPYING.txt for license details.
  */
 
-/** @var \Magento\Wishlist\Block\Customer\Wishlist $block */
+/**
+ * @var \Magento\Wishlist\Block\Customer\Wishlist $block
+ * @var \Magento\Framework\Escaper $escaper
+ */
 ?>
 
 <?php if ($this->helper(\Magento\Wishlist\Helper\Data::class)->isAllow()) : ?>
@@ -15,14 +18,14 @@
           "addToCartUrl":<?= /* @noEscape */ $block->getItemAddToCartParams("%item%") ?>,
           "addAllToCartUrl":<?= /* @noEscape */ $block->getAddAllToCartParams() ?>,
           "commentString":""},
-          "validation": {}}' action="<?= $block->escapeUrl($block->getUrl('wishlist/index/update', ['wishlist_id' => $block->getWishlistInstance()->getId()])) ?>" method="post">
+          "validation": {}}' action="<?= $escaper->escapeUrl($block->getUrl('wishlist/index/update', ['wishlist_id' => $block->getWishlistInstance()->getId()])) ?>" method="post">
         <?= $block->getChildHtml('top') ?>
         <?php if ($block->hasWishlistItems()) : ?>
             <?= $block->getBlockHtml('formkey') ?>
             <?php $block->getChildBlock('items')->setItems($block->getWishlistItems()); ?>
             <?= $block->getChildHtml('items') ?>
         <?php else : ?>
-            <div class="message info empty"><span><?= $block->escapeHtml(__('You have no items in your wish list.')) ?></span></div>
+            <div class="message info empty"><span><?= $escaper->escapeHtml(__('You have no items in your wish list.')) ?></span></div>
         <?php endif ?>
         <?= $block->getChildHtml('bottom') ?>
         <div class="actions-toolbar">
@@ -30,8 +33,8 @@
                 <?= $block->getChildHtml('control_buttons') ?>
             </div>
             <div class="secondary">
-                <a href="<?= $block->escapeUrl($block->getBackUrl()) ?>" class="action back">
-                    <span><?= $block->escapeHtml(__('Back')) ?></span>
+                <a href="<?= $escaper->escapeUrl($block->getBackUrl()) ?>" class="action back">
+                    <span><?= $escaper->escapeHtml(__('Back')) ?></span>
                 </a>
             </div>
         </div>
@@ -41,11 +44,11 @@
           <% if (data.qty) { %>
           <input name="qty" value="<%- data.qty %>">
           <% } %>
-          
+
           <% if (data.item) { %>
           <input name="item" value="<%- data.item %>">
           <% } %>
-          
+
           <% if (data.entity) { %>
           <input name="entity" value="<%- data.entity %>">
           <% } %>