diff --git a/src/wp-admin/menu-header.php b/src/wp-admin/menu-header.php
index fdfc3f5eb0..07833f2577 100644
--- a/src/wp-admin/menu-header.php
+++ b/src/wp-admin/menu-header.php
@@ -73,7 +73,7 @@ function _wp_menu_output( $menu, $submenu, $submenu_as_parent = true ) {
 		}
 
 		if ( ! empty( $item[4] ) )
-			$class[] = $item[4];
+			$class[] = esc_attr( $item[4] );
 
 		$class = $class ? ' class="' . join( ' ', $class ) . '"' : '';
 		$id = ! empty( $item[5] ) ? ' id="' . preg_replace( '|[^a-zA-Z0-9_:.]|', '-', $item[5] ) . '"' : '';
@@ -136,7 +136,7 @@ function _wp_menu_output( $menu, $submenu, $submenu_as_parent = true ) {
 
 			$first = true;
 
-			// 0 = menu_title, 1 = capability, 2 = menu_slug, 3 = classes
+			// 0 = menu_title, 1 = capability, 2 = menu_slug, 3 = page_title, 4 = classes
 			foreach ( $submenu_items as $sub_key => $sub_item ) {
 				if ( ! current_user_can( $sub_item[1] ) )
 					continue;
@@ -167,8 +167,8 @@ function _wp_menu_output( $menu, $submenu, $submenu_as_parent = true ) {
 					$class[] = 'current';
 				}
 
-				if ( ! empty( $sub_item[3] ) ) {
-					$class[] = $sub_item[3];
+				if ( ! empty( $sub_item[4] ) ) {
+					$class[] = esc_attr( $sub_item[4] );
 				}
 
 				$class = $class ? ' class="' . join( ' ', $class ) . '"' : '';
diff --git a/src/wp-admin/menu.php b/src/wp-admin/menu.php
index 4910fd456a..d32a133220 100644
--- a/src/wp-admin/menu.php
+++ b/src/wp-admin/menu.php
@@ -148,7 +148,7 @@ $menu[60] = array( __('Appearance'), $appearance_cap, 'themes.php', '', 'menu-to
 	$submenu['themes.php'][5] = array( __( 'Themes' ), $appearance_cap, 'themes.php' );
 
 	$customize_url = add_query_arg( 'return', urlencode( wp_unslash( $_SERVER['REQUEST_URI'] ) ), 'customize.php' );
-	$submenu['themes.php'][6] = array( __( 'Customize' ), 'edit_theme_options', $customize_url, 'hide-if-no-customize' );
+	$submenu['themes.php'][6] = array( __( 'Customize' ), 'edit_theme_options', $customize_url, '', 'hide-if-no-customize' );
 	unset( $customize_url );
 	if ( current_theme_supports( 'menus' ) || current_theme_supports( 'widgets' ) ) {
 		$submenu['themes.php'][10] = array(__( 'Menus' ), 'edit_theme_options', 'nav-menus.php');