diff --git a/accounting-for-woocommerce/views/settings-accounting-general.php b/accounting-for-woocommerce/views/settings-accounting-general.php
index 520437e4f3f78d2e3dd8f02fac20ea8edccc9cee..1823417cef0cd3213c0ab89dc015fb76d280db75 100644
--- a/accounting-for-woocommerce/views/settings-accounting-general.php
+++ b/accounting-for-woocommerce/views/settings-accounting-general.php
@@ -13,6 +13,14 @@
   </tr>
 
       <?php
+      if ( isset( $_POST['woocommerce_accounting_status_code'] ) ) {
+          $status_code_sanitized = array_map( 'sanitize_text_field', $_POST['woocommerce_accounting_status_code'] );
+          update_option( 'woocommerce_accounting_status_code', $status_code_sanitized );
+      }
+      if ( isset( $_POST['woocommerce_accounting_status_account'] ) ) {
+          $status_account_sanitized = array_map( 'sanitize_text_field', $_POST['woocommerce_accounting_status_account'] );
+          update_option( 'woocommerce_accounting_status_account', $status_account_sanitized );
+      }
       $order_statuses = wc_get_order_statuses();
       $status_checked = get_option('woocommerce_accounting_status');
       $status_code = get_option('woocommerce_accounting_status_code');
@@ -33,10 +41,18 @@
             <input type="checkbox" name="woocommerce_accounting_status[<?php echo ($key_status ?? '') ;?>]" id="woocommerce_accounting_status_<?php echo ($key_status ?? '') ;?>" value="<?php echo $key_status ;?>" <?php  if(is_array ($status_checked)) { if (in_array($key_status,$status_checked)) { echo 'checked' ;} } ?>/><?php echo $order_status ; ?>
           </td>
           <td>
-            <input type="text" name="woocommerce_accounting_status_code[<?php echo ($key_status ?? '') ;?>]" id="woocommerce_accounting_status_code_<?php echo ($key_status ?? '') ;?>" value="<?php echo ($status_code[$key_status] ?? ''); ?>">
+            <input type="text"
+              name="woocommerce_accounting_status_code[<?php echo esc_attr($key_status ?? ''); ?>]"
+              id="woocommerce_accounting_status_code_<?php echo esc_attr($key_status ?? ''); ?>"
+              value="<?php echo esc_attr($status_code[$key_status] ?? ''); ?>"
+            />
           </td>
-          <td colspan="2">
-            <input type="text" name="woocommerce_accounting_status_account[<?php echo ($key_status ?? '') ;?>]" id="woocommerce_accounting_status_account_<?php echo $key_status ;?>" value="<?php echo ($status_account[$key_status] ?? ''); ?>">
+          <td>
+            <input type="text"
+              name="woocommerce_accounting_status_account[<?php echo esc_attr($key_status ?? ''); ?>]"
+              id="woocommerce_accounting_status_account_<?php echo esc_attr($key_status ?? ''); ?>"
+              value="<?php echo esc_attr($status_account[$key_status] ?? ''); ?>"
+            />
           </td>
         </tr>
       <?php } ?>