diff --git a/src/wp-includes/kses.php b/src/wp-includes/kses.php
index 637fac4627..7fa383779c 100644
--- a/src/wp-includes/kses.php
+++ b/src/wp-includes/kses.php
@@ -521,7 +521,7 @@ if ( ! CUSTOM_TAGS ) {
 function wp_kses( $string, $allowed_html, $allowed_protocols = array() ) {
 	if ( empty( $allowed_protocols ) )
 		$allowed_protocols = wp_allowed_protocols();
-	$string = wp_kses_no_null($string);
+	$string = wp_kses_no_null( $string, array( 'slash_zero' => 'keep' ) );
 	$string = wp_kses_js_entities($string);
 	$string = wp_kses_normalize_entities($string);
 	$string = wp_kses_hook($string, $allowed_html, $allowed_protocols); // WP changed the order of these funcs and added args to wp_kses_hook
@@ -1044,11 +1044,18 @@ function wp_kses_bad_protocol($string, $allowed_protocols) {
  * @since 1.0.0
  *
  * @param string $string
+ * @param array $options Set 'slash_zero' => 'keep' when '\0' is allowed. Default is 'remove'.
  * @return string
  */
-function wp_kses_no_null($string) {
-	$string = preg_replace('/[\x00-\x08\x0B\x0C\x0E-\x1F]/', '', $string);
-	$string = preg_replace('/(\\\\0)+/', '', $string);
+function wp_kses_no_null( $string, $options = null ) {
+	if ( ! isset( $options['slash_zero'] ) ) {
+		$options = array( 'slash_zero' => 'remove' );
+	}
+
+	$string = preg_replace( '/[\x00-\x08\x0B\x0C\x0E-\x1F]/', '', $string );
+	if ( 'remove' == $options['slash_zero'] ) {
+		$string = preg_replace( '/\\\\+0+/', '', $string );
+	}
 
 	return $string;
 }
diff --git a/tests/phpunit/tests/kses.php b/tests/phpunit/tests/kses.php
index 657fb30002..cd4d4654cf 100644
--- a/tests/phpunit/tests/kses.php
+++ b/tests/phpunit/tests/kses.php
@@ -411,4 +411,57 @@ EOF;
 			),
 		);
 	}
+	
+	/**
+	 * Test removal of '\0' strings.
+	 *
+	 * @ticket 28699
+	 * @dataProvider data_slash_zero_removal
+	 */
+	function test_slash_zero_removal( $input, $output ) {
+		global $allowedposttags;
+
+		return $this->assertEquals( $output, wp_kses( $input, $allowedposttags ) );
+	}
+	
+	function data_slash_zero_removal() {
+		return array(
+			array(
+				'This \\0 should be no big deal.',
+				'This \\0 should be no big deal.',
+			),
+			array(
+				'<div>This \\0 should be no big deal.</div>',
+				'<div>This \\0 should be no big deal.</div>',
+			),
+			array(
+				'<div align="\\0left">This should be no big deal.</div>',
+				'<div align="\\0left">This should be no big deal.</div>',
+			),
+			array(
+				'This <div style="float:\\0left"> is more of a concern.',
+				'This <div style="float:left"> is more of a concern.',
+			),
+			array(
+				'This <div style="float:\\0\\0left"> is more of a concern.',
+				'This <div style="float:left"> is more of a concern.',
+			),
+			array(
+				'This <div style="float:\\\\00left"> is more of a concern.',
+				'This <div style="float:left"> is more of a concern.',
+			),
+			array(
+				'This <div style="float:\\\\\\\\0000left"> is more of a concern.',
+				'This <div style="float:left"> is more of a concern.',
+			),
+			array(
+				'This <div style="float:\\0000left"> is more of a concern.',
+				'This <div style="float:left"> is more of a concern.',
+			),
+			array(
+				'<style type="text/css">div {background-image:\\0}</style>',
+				'div {background-image:\\0}',
+			),
+		);
+	}
 }