diff --git a/src/wp-includes/taxonomy.php b/src/wp-includes/taxonomy.php
index 100758ddc6..3aa01b86c5 100644
--- a/src/wp-includes/taxonomy.php
+++ b/src/wp-includes/taxonomy.php
@@ -1916,7 +1916,7 @@ function wp_get_object_terms($object_ids, $taxonomies, $args = array()) {
 	$terms = apply_filters( 'get_object_terms', $terms, $object_ids, $taxonomies, $args );
 
 	$object_ids = implode( ',', $object_ids );
-	$taxonomies = implode( ',', $taxonomies );
+	$taxonomies = "'" . implode( "', '", array_map( 'esc_sql', $taxonomies ) ) . "'";
 
 	/**
 	 * Filters the terms for a given object or objects.
diff --git a/tests/phpunit/tests/term/wpGetObjectTerms.php b/tests/phpunit/tests/term/wpGetObjectTerms.php
index 95c8abcb62..f68e4f674d 100644
--- a/tests/phpunit/tests/term/wpGetObjectTerms.php
+++ b/tests/phpunit/tests/term/wpGetObjectTerms.php
@@ -85,6 +85,25 @@ class Tests_Term_WpGetObjectTerms extends WP_UnitTestCase {
 		}
 	}
 
+	/**
+	 * @ticket 40154
+	 */
+	public function test_taxonomies_passed_to_wp_get_object_terms_filter_should_be_quoted() {
+		register_taxonomy( 'wptests_tax', 'post' );
+		register_taxonomy( 'wptests_tax_2', 'post' );
+
+		add_filter( 'wp_get_object_terms', array( $this, 'wp_get_object_terms_callback' ), 10, 3 );
+		$terms = wp_get_object_terms( 1, array( 'wptests_tax', 'wptests_tax_2' ) );
+		remove_filter( 'wp_get_object_terms', array( $this, 'wp_get_object_terms_callback' ), 10, 3 );
+
+		$this->assertSame( "'wptests_tax', 'wptests_tax_2'", $this->taxonomies );
+	}
+
+	public function wp_get_object_terms_callback( $terms, $object_ids, $taxonomies ) {
+		$this->taxonomies = $taxonomies;
+		return $terms;
+	}
+
 	public function test_orderby_name() {
 		$p = self::factory()->post->create();