diff --git a/includes/admin/reports/class-wc-report-coupon-usage.php b/includes/admin/reports/class-wc-report-coupon-usage.php
index 7e8a72ec7a0..dadee28b414 100644
--- a/includes/admin/reports/class-wc-report-coupon-usage.php
+++ b/includes/admin/reports/class-wc-report-coupon-usage.php
@@ -1,7 +1,12 @@
 <?php
+/**
+ * Coupon usage report functionality
+ *
+ * @package WooCommerce/Admin/Reports
+ */
 
 if ( ! defined( 'ABSPATH' ) ) {
-	exit; // Exit if accessed directly
+	exit; // Exit if accessed directly.
 }
 
 /**
@@ -33,9 +38,9 @@ class WC_Report_Coupon_Usage extends WC_Admin_Report {
 	 */
 	public function __construct() {
 		if ( isset( $_GET['coupon_codes'] ) && is_array( $_GET['coupon_codes'] ) ) {
-			$this->coupon_codes = array_filter( array_map( 'sanitize_text_field', $_GET['coupon_codes'] ) );
+			$this->coupon_codes = array_filter( array_map( 'sanitize_text_field', wp_unslash( $_GET['coupon_codes'] ) ) );
 		} elseif ( isset( $_GET['coupon_codes'] ) ) {
-			$this->coupon_codes = array_filter( array( sanitize_text_field( $_GET['coupon_codes'] ) ) );
+			$this->coupon_codes = array_filter( array( sanitize_text_field( wp_unslash( $_GET['coupon_codes'] ) ) ) );
 		}
 	}
 
@@ -138,7 +143,7 @@ class WC_Report_Coupon_Usage extends WC_Admin_Report {
 			'coupon_count'    => '#d4d9dc',
 		);
 
-		$current_range = ! empty( $_GET['range'] ) ? sanitize_text_field( $_GET['range'] ) : '7day';
+		$current_range = ! empty( $_GET['range'] ) ? sanitize_text_field( wp_unslash( $_GET['range'] ) ) : '7day';
 
 		if ( ! in_array( $current_range, array( 'custom', 'year', 'last_month', 'month', '7day' ) ) ) {
 			$current_range = '7day';
@@ -171,56 +176,58 @@ class WC_Report_Coupon_Usage extends WC_Admin_Report {
 	 */
 	public function coupons_widget() {
 		?>
-		<h4 class="section_title"><span><?php _e( 'Filter by coupon', 'woocommerce' ); ?></span></h4>
+		<h4 class="section_title"><span><?php esc_html_e( 'Filter by coupon', 'woocommerce' ); ?></span></h4>
 		<div class="section">
 			<form method="GET">
 				<div>
 					<?php
-						$used_coupons = $this->get_order_report_data( array(
-							'data' => array(
-								'order_item_name' => array(
-									'type'            => 'order_item',
-									'order_item_type' => 'coupon',
-									'function'        => '',
-									'distinct'        => true,
-									'name'            => 'order_item_name',
-								),
+					$used_coupons = $this->get_order_report_data( array(
+						'data' => array(
+							'order_item_name' => array(
+								'type'            => 'order_item',
+								'order_item_type' => 'coupon',
+								'function'        => '',
+								'distinct'        => true,
+								'name'            => 'order_item_name',
 							),
-							'where' => array(
-								array(
-									'key'      => 'order_item_type',
-									'value'    => 'coupon',
-									'operator' => '=',
-								),
+						),
+						'where' => array(
+							array(
+								'key'      => 'order_item_type',
+								'value'    => 'coupon',
+								'operator' => '=',
 							),
-							'query_type'   => 'get_col',
-							'filter_range' => false,
-						) );
+						),
+						'query_type'   => 'get_col',
+						'filter_range' => false,
+					) );
 
-						if ( ! empty( $used_coupons ) && is_array( $used_coupons ) ) :
+					if ( ! empty( $used_coupons ) && is_array( $used_coupons ) ) :
 					?>
 						<select id="coupon_codes" name="coupon_codes" class="wc-enhanced-select" data-placeholder="<?php esc_attr_e( 'Choose coupons&hellip;', 'woocommerce' ); ?>" style="width:100%;">
-							<option value=""><?php _e( 'All coupons', 'woocommerce' ); ?></option>
+							<option value=""><?php esc_html_e( 'All coupons', 'woocommerce' ); ?></option>
 							<?php
-								foreach ( $used_coupons as $coupon ) {
-									echo '<option value="' . esc_attr( $coupon ) . '" ' . selected( in_array( $coupon, $this->coupon_codes ), true, false ) . '>' . $coupon . '</option>';
-								}
-							 ?>
+							foreach ( $used_coupons as $coupon ) {
+								echo '<option value="' . esc_attr( $coupon ) . '" ' . selected( in_array( $coupon, $this->coupon_codes ), true, false ) . '>' . esc_html( $coupon ) . '</option>';
+							}
+							?>
 						</select>
+						<?php // @codingStandardsIgnoreStart ?>
 						<input type="submit" class="submit button" value="<?php esc_attr_e( 'Show', 'woocommerce' ); ?>" />
-						<input type="hidden" name="range" value="<?php echo ( ! empty( $_GET['range'] ) ) ? esc_attr( $_GET['range'] ) : ''; ?>" />
-						<input type="hidden" name="start_date" value="<?php echo ( ! empty( $_GET['start_date'] ) ) ? esc_attr( $_GET['start_date'] ) : ''; ?>" />
-						<input type="hidden" name="end_date" value="<?php echo ( ! empty( $_GET['end_date'] ) ) ? esc_attr( $_GET['end_date'] ) : ''; ?>" />
-						<input type="hidden" name="page" value="<?php echo ( ! empty( $_GET['page'] ) ) ? esc_attr( $_GET['page'] ) : ''; ?>" />
-						<input type="hidden" name="tab" value="<?php echo ( ! empty( $_GET['tab'] ) ) ? esc_attr( $_GET['tab'] ) : ''; ?>" />
-						<input type="hidden" name="report" value="<?php echo ( ! empty( $_GET['report'] ) ) ? esc_attr( $_GET['report'] ) : ''; ?>" />
+						<input type="hidden" name="range" value="<?php echo ( ! empty( $_GET['range'] ) ) ? esc_attr( wp_unslash( $_GET['range'] ) ) : ''; ?>" />
+						<input type="hidden" name="start_date" value="<?php echo ( ! empty( $_GET['start_date'] ) ) ? esc_attr( wp_unslash( $_GET['start_date'] ) ) : ''; ?>" />
+						<input type="hidden" name="end_date" value="<?php echo ( ! empty( $_GET['end_date'] ) ) ? esc_attr( wp_unslash( $_GET['end_date'] ) ) : ''; ?>" />
+						<input type="hidden" name="page" value="<?php echo ( ! empty( $_GET['page'] ) ) ? esc_attr( wp_unslash( $_GET['page'] ) ) : ''; ?>" />
+						<input type="hidden" name="tab" value="<?php echo ( ! empty( $_GET['tab'] ) ) ? esc_attr( wp_unslash( $_GET['tab'] ) ) : ''; ?>" />
+						<input type="hidden" name="report" value="<?php echo ( ! empty( $_GET['report'] ) ) ? esc_attr( wp_unslash( $_GET['report'] ) ) : ''; ?>" />
+						<?php // @codingStandardsIgnoreEnd ?>
 					<?php else : ?>
-						<span><?php _e( 'No used coupons found', 'woocommerce' ); ?></span>
+						<span><?php esc_html_e( 'No used coupons found', 'woocommerce' ); ?></span>
 					<?php endif; ?>
 				</div>
 			</form>
 		</div>
-		<h4 class="section_title"><span><?php _e( 'Most popular', 'woocommerce' ); ?></span></h4>
+		<h4 class="section_title"><span><?php esc_html_e( 'Most popular', 'woocommerce' ); ?></span></h4>
 		<div class="section">
 			<table cellspacing="0">
 				<?php
@@ -257,17 +264,17 @@ class WC_Report_Coupon_Usage extends WC_Admin_Report {
 				if ( ! empty( $most_popular ) && is_array( $most_popular ) ) {
 					foreach ( $most_popular as $coupon ) {
 						echo '<tr class="' . ( in_array( $coupon->coupon_code, $this->coupon_codes ) ? 'active' : '' ) . '">
-							<td class="count" width="1%">' . $coupon->coupon_count . '</td>
-							<td class="name"><a href="' . esc_url( add_query_arg( 'coupon_codes', $coupon->coupon_code ) ) . '">' . $coupon->coupon_code . '</a></td>
+							<td class="count" width="1%">' . esc_html( $coupon->coupon_count ) . '</td>
+							<td class="name"><a href="' . esc_url( add_query_arg( 'coupon_codes', $coupon->coupon_code ) ) . '">' . esc_html( $coupon->coupon_code ) . '</a></td>
 						</tr>';
 					}
 				} else {
-					echo '<tr><td colspan="2">' . __( 'No coupons found in range', 'woocommerce' ) . '</td></tr>';
+					echo '<tr><td colspan="2">' . esc_html__( 'No coupons found in range', 'woocommerce' ) . '</td></tr>';
 				}
 				?>
 			</table>
 		</div>
-		<h4 class="section_title"><span><?php _e( 'Most discount', 'woocommerce' ); ?></span></h4>
+		<h4 class="section_title"><span><?php esc_html_e( 'Most discount', 'woocommerce' ); ?></span></h4>
 		<div class="section">
 			<table cellspacing="0">
 				<?php
@@ -303,13 +310,15 @@ class WC_Report_Coupon_Usage extends WC_Admin_Report {
 
 				if ( ! empty( $most_discount ) && is_array( $most_discount ) ) {
 					foreach ( $most_discount as $coupon ) {
+						// @codingStandardsIgnoreStart
 						echo '<tr class="' . ( in_array( $coupon->coupon_code, $this->coupon_codes ) ? 'active' : '' ) . '">
 							<td class="count" width="1%">' . wc_price( $coupon->discount_amount ) . '</td>
-							<td class="name"><a href="' . esc_url( add_query_arg( 'coupon_codes', $coupon->coupon_code ) ) . '">' . $coupon->coupon_code . '</a></td>
+							<td class="name"><a href="' . esc_url( add_query_arg( 'coupon_codes', $coupon->coupon_code ) ) . '">' . esc_html( $coupon->coupon_code ) . '</a></td>
 						</tr>';
+						// @codingStandardsIgnoreEnd
 					}
 				} else {
-					echo '<tr><td colspan="3">' . __( 'No coupons found in range', 'woocommerce' ) . '</td></tr>';
+					echo '<tr><td colspan="3">' . esc_html__( 'No coupons found in range', 'woocommerce' ) . '</td></tr>';
 				}
 				?>
 			</table>
@@ -342,17 +351,17 @@ class WC_Report_Coupon_Usage extends WC_Admin_Report {
 	 * Output an export link.
 	 */
 	public function get_export_button() {
-		$current_range = ! empty( $_GET['range'] ) ? sanitize_text_field( $_GET['range'] ) : '7day';
+		$current_range = ! empty( $_GET['range'] ) ? sanitize_text_field( wp_unslash( $_GET['range'] ) ) : '7day';
 		?>
 		<a
 			href="#"
-			download="report-<?php echo esc_attr( $current_range ); ?>-<?php echo date_i18n( 'Y-m-d', current_time( 'timestamp' ) ); ?>.csv"
+			download="report-<?php echo esc_attr( $current_range ); ?>-<?php echo esc_attr( date_i18n( 'Y-m-d', current_time( 'timestamp' ) ) ); ?>.csv"
 			class="export_csv"
 			data-export="chart"
 			data-xaxes="<?php esc_attr_e( 'Date', 'woocommerce' ); ?>"
-			data-groupby="<?php echo $this->chart_groupby; ?>"
+			data-groupby="<?php echo esc_attr( $this->chart_groupby ); ?>"
 		>
-			<?php _e( 'Export CSV', 'woocommerce' ); ?>
+			<?php esc_html_e( 'Export CSV', 'woocommerce' ); ?>
 		</a>
 		<?php
 	}
@@ -363,7 +372,7 @@ class WC_Report_Coupon_Usage extends WC_Admin_Report {
 	public function get_main_chart() {
 		global $wp_locale;
 
-		// Get orders and dates in range - we want the SUM of order totals, COUNT of order items, COUNT of orders, and the date
+		// Get orders and dates in range - we want the SUM of order totals, COUNT of order items, COUNT of orders, and the date.
 		$order_coupon_counts_query = array(
 			'data' => array(
 				'order_item_name' => array(
@@ -435,11 +444,11 @@ class WC_Report_Coupon_Usage extends WC_Admin_Report {
 		$order_coupon_counts    = $this->get_order_report_data( $order_coupon_counts_query );
 		$order_discount_amounts = $this->get_order_report_data( $order_discount_amounts_query );
 
-		// Prepare data for report
+		// Prepare data for report.
 		$order_coupon_counts    = $this->prepare_chart_data( $order_coupon_counts, 'post_date', 'order_coupon_count' , $this->chart_interval, $this->start_date, $this->chart_groupby );
 		$order_discount_amounts = $this->prepare_chart_data( $order_discount_amounts, 'post_date', 'discount_amount', $this->chart_interval, $this->start_date, $this->chart_groupby );
 
-		// Encode in json format
+		// Encode in json format.
 		$chart_data = json_encode( array(
 			'order_coupon_counts'    => array_values( $order_coupon_counts ),
 			'order_discount_amounts' => array_values( $order_discount_amounts ),
@@ -452,15 +461,15 @@ class WC_Report_Coupon_Usage extends WC_Admin_Report {
 			var main_chart;
 
 			jQuery(function(){
-				var order_data = jQuery.parseJSON( '<?php echo $chart_data; ?>' );
+				var order_data = jQuery.parseJSON( '<?php echo esc_html( $chart_data ); ?>' );
 
 				var drawGraph = function( highlight ) {
 					var series = [
 						{
 							label: "<?php echo esc_js( __( 'Number of coupons used', 'woocommerce' ) ) ?>",
 							data: order_data.order_coupon_counts,
-							color: '<?php echo $this->chart_colours['coupon_count']; ?>',
-							bars: { fillColor: '<?php echo $this->chart_colours['coupon_count']; ?>', fill: true, show: true, lineWidth: 0, barWidth: <?php echo $this->barwidth; ?> * 0.5, align: 'center' },
+							color: '<?php echo esc_js( $this->chart_colours['coupon_count'] ); ?>',
+							bars: { fillColor: '<?php echo esc_js( $this->chart_colours['coupon_count'] ); ?>', fill: true, show: true, lineWidth: 0, barWidth: <?php echo esc_js( $this->barwidth ); ?> * 0.5, align: 'center' },
 							shadowSize: 0,
 							hoverable: false
 						},
@@ -468,11 +477,11 @@ class WC_Report_Coupon_Usage extends WC_Admin_Report {
 							label: "<?php echo esc_js( __( 'Discount amount', 'woocommerce' ) ) ?>",
 							data: order_data.order_discount_amounts,
 							yaxis: 2,
-							color: '<?php echo $this->chart_colours['discount_amount']; ?>',
+							color: '<?php echo esc_js( $this->chart_colours['discount_amount'] ); ?>',
 							points: { show: true, radius: 5, lineWidth: 3, fillColor: '#fff', fill: true },
 							lines: { show: true, lineWidth: 4, fill: false },
 							shadowSize: 0,
-							<?php echo $this->get_currency_tooltip(); ?>
+							<?php echo esc_js( $this->get_currency_tooltip() ); ?>
 						}
 					];
 
@@ -510,7 +519,7 @@ class WC_Report_Coupon_Usage extends WC_Admin_Report {
 								timeformat: "<?php echo ( 'day' === $this->chart_groupby ) ? '%d %b' : '%b'; ?>",
 								monthNames: <?php echo json_encode( array_values( $wp_locale->month_abbrev ) ) ?>,
 								tickLength: 1,
-								minTickSize: [1, "<?php echo $this->chart_groupby; ?>"],
+								minTickSize: [1, "<?php echo esc_js( $this->chart_groupby ); ?>"],
 								font: {
 									color: "#aaa"
 								}

' . $coupon->coupon_count . '	' . $coupon->coupon_code . '	' . esc_html( $coupon->coupon_count ) . '	' . esc_html( $coupon->coupon_code ) . '
' . __( 'No coupons found in range', 'woocommerce' ) . '
' . esc_html__( 'No coupons found in range', 'woocommerce' ) . '
' . wc_price( $coupon->discount_amount ) . '	' . $coupon->coupon_code . '	' . esc_html( $coupon->coupon_code ) . '
' . __( 'No coupons found in range', 'woocommerce' ) . '
' . esc_html__( 'No coupons found in range', 'woocommerce' ) . '