diff --git a/admin/views/automattic-connect.php b/admin/views/automattic-connect.php
index 2ce83ad..b4fa62f 100644
--- a/admin/views/automattic-connect.php
+++ b/admin/views/automattic-connect.php
@@ -10,9 +10,7 @@
 remove_all_actions( 'all_admin_notices' );
 
 // Check if form was submitted and redirect.
-$settings_updated = isset( $_GET['settings-updated'] ) && is_scalar( $_GET['settings-updated'] )
-	? sanitize_key( wp_unslash( $_GET['settings-updated'] ) )
-	: '';
+$settings_updated = isset( $_GET['settings-updated'] ) && is_scalar( $_GET['settings-updated'] ) ? sanitize_key( wp_unslash( $_GET['settings-updated'] ) ) : ''; // phpcs:ignore WordPress.Security.NonceVerification.Recommended
 if ( 'true' === $settings_updated ) {
 	wp_safe_redirect( admin_url( 'admin.php?page=wpvdb-settings' ) );
 	exit;
diff --git a/admin/views/embeddings.php b/admin/views/embeddings.php
index e23f232..dc9eef6 100644
--- a/admin/views/embeddings.php
+++ b/admin/views/embeddings.php
@@ -11,7 +11,7 @@
 	global $wpdb;
 
 	// Display debug information if needed.
-	$show_debug = isset( $_GET['debug'] );
+	$show_debug = isset( $_GET['debug'] ); // phpcs:ignore WordPress.Security.NonceVerification.Recommended
 
 	// Also check for debug constant if defined.
 	if ( defined( 'WPVDB_DEBUG' ) ) {
@@ -20,7 +20,7 @@
 
 	$active_provider = \WPVDB\Settings::get_active_provider();
 	$api_key         = \WPVDB\Settings::get_api_key();
-	$search_query    = isset( $_GET['s'] ) ? sanitize_text_field( $_GET['s'] ) : '';
+	$search_query    = isset( $_GET['s'] ) && is_scalar( $_GET['s'] ) ? sanitize_text_field( wp_unslash( $_GET['s'] ) ) : ''; // phpcs:ignore WordPress.Security.NonceVerification.Recommended
 	$search_enabled  = apply_filters( 'wpvdb_embeddings_search_enabled', true, $search_query );
 	if ( ! $search_enabled ) {
 		$search_query = '';
@@ -128,7 +128,7 @@ class="regular-text">
 						\WPVDB\Logger::debug( 'Using vector function: ' . $vector_function );
 
 						// Get total count of vectors.
-						$total_vectors_searched = $wpdb->get_var( "SELECT COUNT(*) FROM $table_name" );
+						$total_vectors_searched = $wpdb->get_var( "SELECT COUNT(*) FROM {$wpdb->prefix}wpvdb_embeddings" ); // phpcs:ignore WordPress.DB.DirectDatabaseQuery.DirectQuery, WordPress.DB.DirectDatabaseQuery.NoCaching
 						\WPVDB\Logger::debug( 'Total vectors searched: ' . $total_vectors_searched );
 
 						// Use Database class to get the appropriate distance function with both vectors.
@@ -142,27 +142,28 @@ class="regular-text">
 
 						// Optimized query that will use the vector index.
 						// The ORDER BY + LIMIT pattern is what triggers the vector index usage.
+						// phpcs:disable WordPress.DB.PreparedSQL.InterpolatedNotPrepared
 						$sql = $wpdb->prepare(
 							"SELECT e.*,
-                            $distance_function as distance
-                            FROM $table_name e
-                            WHERE e.model = %s
-                            ORDER BY distance
-                            LIMIT %d",
+								$distance_function AS distance
+							FROM $table_name e
+							WHERE e.model = %s
+							ORDER BY distance
+							LIMIT %d",
 							$model,
 							20 // Show top 20 matches.
 						);
+						// phpcs:enable WordPress.DB.PreparedSQL.InterpolatedNotPrepared
 
 						\WPVDB\Logger::debug( 'Executing SQL query: ' . $sql );
 
-						$search_results = $wpdb->get_results( $sql );
+						$search_results = $wpdb->get_results( $sql ); // phpcs:ignore WordPress.DB.DirectDatabaseQuery.DirectQuery, WordPress.DB.DirectDatabaseQuery.NoCaching, WordPress.DB.PreparedSQL.NotPrepared
 
 						if ( $wpdb->last_error ) {
 							\WPVDB\Logger::error( 'SQL error: ' . $wpdb->last_error );
 
 							// Try executing a simpler query to test database connection.
-							$test_query  = "SELECT COUNT(*) FROM $table_name";
-							$test_result = $wpdb->get_var( $test_query );
+							$test_result = $wpdb->get_var( "SELECT COUNT(*) FROM {$wpdb->prefix}wpvdb_embeddings" ); // phpcs:ignore WordPress.DB.DirectDatabaseQuery.DirectQuery, WordPress.DB.DirectDatabaseQuery.NoCaching
 
 							if ( $wpdb->last_error ) {
 								\WPVDB\Logger::error( 'Even simple query failed: ' . $wpdb->last_error );
@@ -170,8 +171,7 @@ class="regular-text">
 								\WPVDB\Logger::debug( 'Simple query succeeded, embedding count: ' . $test_result );
 
 								// Try a direct query without the vector function to see if that's the issue.
-								$basic_query   = "SELECT e.* FROM $table_name e LIMIT 20";
-								$basic_results = $wpdb->get_results( $basic_query );
+								$basic_results = $wpdb->get_results( "SELECT e.* FROM {$wpdb->prefix}wpvdb_embeddings e LIMIT 20" ); // phpcs:ignore WordPress.DB.DirectDatabaseQuery.DirectQuery, WordPress.DB.DirectDatabaseQuery.NoCaching
 
 								if ( $wpdb->last_error ) {
 									\WPVDB\Logger::error( 'Basic query failed: ' . $wpdb->last_error );
@@ -181,8 +181,9 @@ class="regular-text">
 
 									// Fall back to PHP-based distance calculation.
 									\WPVDB\Logger::debug( 'Falling back to PHP-based distance calculation' );
+									// phpcs:ignore WordPress.DB.DirectDatabaseQuery.DirectQuery, WordPress.DB.DirectDatabaseQuery.NoCaching
 									$all_rows  = $wpdb->get_results(
-										$wpdb->prepare( "SELECT * FROM $table_name WHERE model = %s", $model ),
+										$wpdb->prepare( "SELECT * FROM {$wpdb->prefix}wpvdb_embeddings WHERE model = %s", $model ),
 										ARRAY_A
 									);
 									$distances = array();
@@ -223,8 +224,9 @@ function ( $a, $b ) {
 					} else {
 						// Fallback: do in PHP.
 						\WPVDB\Logger::debug( 'Using PHP fallback search' );
+						// phpcs:ignore WordPress.DB.DirectDatabaseQuery.DirectQuery, WordPress.DB.DirectDatabaseQuery.NoCaching
 						$all_rows               = $wpdb->get_results(
-							$wpdb->prepare( "SELECT * FROM $table_name WHERE model = %s", $model ),
+							$wpdb->prepare( "SELECT * FROM {$wpdb->prefix}wpvdb_embeddings WHERE model = %s", $model ),
 							ARRAY_A
 						);
 						$total_vectors_searched = count( $all_rows );
@@ -282,34 +284,37 @@ function ( $a, $b ) {
 	?>
 
 	<?php if ( ! empty( $search_query ) ) : ?>
-		<p class="description wpvdb-search-note">
-		<?php
-			printf(
-				esc_html__( 'Showing top %1$d semantic search results for "%2$s"', 'wpvdb' ),
-				count( $embeddings ),
-				esc_html( $search_query )
-			);
-
-												// Display total vectors searched if available.
-		if ( isset( $total_vectors_searched ) && $total_vectors_searched > 0 ) {
-			echo ' <span class="wpvdb-vector-count">' .
-				sprintf(
-					esc_html__( '(searched across %s vectors)', 'wpvdb' ),
-					number_format( $total_vectors_searched )
-				) .
-				'</span>';
-		}
+			<p class="description wpvdb-search-note">
+				<?php
+				printf(
+					/* translators: 1: Number of search results. 2: Search query. */
+					esc_html__( 'Showing top %1$d semantic search results for "%2$s"', 'wpvdb' ),
+					count( $embeddings ),
+					esc_html( $search_query )
+				);
+
+				// Display total vectors searched if available.
+				if ( isset( $total_vectors_searched ) && $total_vectors_searched > 0 ) {
+					echo ' <span class="wpvdb-vector-count">' .
+						sprintf(
+							/* translators: %s: Number of vectors searched. */
+							esc_html__( '(searched across %s vectors)', 'wpvdb' ),
+							esc_html( number_format_i18n( $total_vectors_searched ) )
+						) .
+						'</span>';
+				}
 
-												// Display search time if available.
-		if ( isset( $search_time_result ) && $search_time_result > 0 ) {
-			echo ' <span class="wpvdb-search-time">' .
-				sprintf(
-					esc_html__( '(query completed in %s seconds)', 'wpvdb' ),
-					number_format( $search_time_result, 3 )
-				) .
-				'</span>';
-		}
-		?>
+				// Display search time if available.
+				if ( isset( $search_time_result ) && $search_time_result > 0 ) {
+					echo ' <span class="wpvdb-search-time">' .
+						sprintf(
+							/* translators: %s: Query duration in seconds. */
+							esc_html__( '(query completed in %s seconds)', 'wpvdb' ),
+							esc_html( number_format_i18n( $search_time_result, 3 ) )
+						) .
+					'</span>';
+				}
+				?>
 		</p>
 	<?php endif; ?>
 
@@ -317,12 +322,10 @@ function ( $a, $b ) {
 	// If no embeddings are loaded yet (not searching), load the first 20 embeddings.
 	if ( empty( $embeddings ) && empty( $search_query ) ) {
 		// Load the latest embeddings (up to 20).
-		$count_query      = "SELECT COUNT(*) FROM $table_name";
-		$total_embeddings = $wpdb->get_var( $count_query );
+		$total_embeddings = $wpdb->get_var( "SELECT COUNT(*) FROM {$wpdb->prefix}wpvdb_embeddings" ); // phpcs:ignore WordPress.DB.DirectDatabaseQuery.DirectQuery, WordPress.DB.DirectDatabaseQuery.NoCaching
 
 		if ( $total_embeddings > 0 ) {
-			$embeddings_query = "SELECT * FROM $table_name ORDER BY id DESC LIMIT 20";
-			$embeddings       = $wpdb->get_results( $embeddings_query );
+			$embeddings = $wpdb->get_results( "SELECT * FROM {$wpdb->prefix}wpvdb_embeddings ORDER BY id DESC LIMIT 20" ); // phpcs:ignore WordPress.DB.DirectDatabaseQuery.DirectQuery, WordPress.DB.DirectDatabaseQuery.NoCaching
 			\WPVDB\Logger::debug( 'Loaded ' . count( $embeddings ) . ' embeddings for display' );
 		}
 	}
@@ -363,13 +366,21 @@ function ( $a, $b ) {
 									<?php echo esc_html( $post_title ? $post_title : __( '(No title)', 'wpvdb' ) ); ?>
 									<span class="dashicons dashicons-external"></span>
 								</a>
-							<?php else : ?>
-								<?php echo esc_html( $post_title ? $post_title : __( '(No title)', 'wpvdb' ) ); ?>
-							<?php endif; ?>
-							<div class="row-actions">
-								<span class="id"><?php printf( __( 'Post ID: %d', 'wpvdb' ), $embedding->doc_id ); ?></span>
-							</div>
-						</td>
+								<?php else : ?>
+									<?php echo esc_html( $post_title ? $post_title : __( '(No title)', 'wpvdb' ) ); ?>
+								<?php endif; ?>
+								<div class="row-actions">
+									<span class="id">
+										<?php
+										printf(
+											/* translators: %d: Post ID. */
+											esc_html__( 'Post ID: %d', 'wpvdb' ),
+											absint( $embedding->doc_id )
+										);
+										?>
+									</span>
+								</div>
+							</td>
 						<td class="column-chunk"><?php echo esc_html( $embedding->chunk_id ); ?></td>
 						<td class="column-preview">
 							<div class="wpvdb-preview">
@@ -397,16 +408,16 @@ function ( $a, $b ) {
 								// Ensure the percentage is between 0 and 100.
 								$similarity_percentage = max( 0, min( 100, $similarity_percentage ) );
 
-								echo '<div class="similarity-score">' .
-									'<div class="similarity-bar" style="width: ' . esc_attr( $similarity_percentage ) . '%;"></div>' .
-									'<span>' . number_format( $similarity_percentage, 1 ) . '%</span>' .
-									'</div>';
+									echo '<div class="similarity-score">' .
+										'<div class="similarity-bar" style="width: ' . esc_attr( $similarity_percentage ) . '%;"></div>' .
+										'<span>' . esc_html( number_format_i18n( $similarity_percentage, 1 ) ) . '%</span>' .
+										'</div>';
 
-								// Show the raw distance value as well.
-								echo '<div class="distance-value">' .
-									esc_html__( 'Distance: ', 'wpvdb' ) .
-									number_format( $embedding->distance, 4 ) .
-									'</div>';
+									// Show the raw distance value as well.
+									echo '<div class="distance-value">' .
+										esc_html__( 'Distance: ', 'wpvdb' ) .
+										esc_html( number_format_i18n( $embedding->distance, 4 ) ) .
+										'</div>';
 							} else {
 								// If no distance property, check what properties are available.
 								$props = array_keys( get_object_vars( $embedding ) );
@@ -428,25 +439,27 @@ function ( $a, $b ) {
 			</tbody>
 		</table>
 
-		<?php if ( $total_pages > 1 ) : ?>
-			<div class="wpvdb-pagination tablenav">
-				<div class="tablenav-pages">
-					<?php
-					echo paginate_links(
-						array(
-							'base'      => add_query_arg( 'paged', '%#%' ),
-							'format'    => '',
-							'prev_text' => __( '&laquo; Previous' ),
-							'next_text' => __( 'Next &raquo;' ),
-							'total'     => $total_pages,
-							'current'   => $page,
-							'type'      => 'list',
-						)
-					);
-					?>
+			<?php if ( $total_pages > 1 ) : ?>
+				<div class="wpvdb-pagination tablenav">
+					<div class="tablenav-pages">
+						<?php
+						echo wp_kses_post(
+							paginate_links(
+								array(
+									'base'      => add_query_arg( 'paged', '%#%' ),
+									'format'    => '',
+									'prev_text' => __( '&laquo; Previous', 'wpvdb' ),
+									'next_text' => __( 'Next &raquo;', 'wpvdb' ),
+									'total'     => $total_pages,
+									'current'   => $embedding_page,
+									'type'      => 'list',
+								)
+							)
+						);
+						?>
+					</div>
 				</div>
-			</div>
-		<?php endif; ?>
+			<?php endif; ?>
 	<?php endif; ?>
 
 	<div id="wpvdb-full-content-modal" class="wpvdb-modal" style="display:none;">
diff --git a/admin/views/header.php b/admin/views/header.php
index 4b91317..15a98cd 100644
--- a/admin/views/header.php
+++ b/admin/views/header.php
@@ -21,7 +21,8 @@
 $table_name = $wpdb->prefix . 'wpvdb_embeddings';
 
 // Check if table exists.
-$table_exists = $wpdb->get_var( "SHOW TABLES LIKE '{$table_name}'" ) === $table_name;
+// phpcs:disable WordPress.DB.DirectDatabaseQuery.DirectQuery, WordPress.DB.DirectDatabaseQuery.NoCaching
+$table_exists = $wpdb->get_var( $wpdb->prepare( 'SHOW TABLES LIKE %s', $wpdb->esc_like( $table_name ) ) ) === $table_name;
 
 // Default values in case of errors.
 $total_embeddings = 0;
@@ -36,11 +37,11 @@
 // Get statistics only if table exists.
 if ( $table_exists ) {
 	try {
-		$total_embeddings = $wpdb->get_var( "SELECT COUNT(*) FROM {$table_name}" );
+		$total_embeddings = $wpdb->get_var( "SELECT COUNT(*) FROM {$wpdb->prefix}wpvdb_embeddings" );
 		$total_embeddings = $total_embeddings ? $total_embeddings : 0;
-		$total_docs       = $wpdb->get_var( "SELECT COUNT(DISTINCT doc_id) FROM {$table_name}" );
+		$total_docs       = $wpdb->get_var( "SELECT COUNT(DISTINCT doc_id) FROM {$wpdb->prefix}wpvdb_embeddings" );
 		$total_docs       = $total_docs ? $total_docs : 0;
-		$storage_used     = $wpdb->get_var( "SELECT SUM(LENGTH(embedding)) FROM {$table_name}" );
+		$storage_used     = $wpdb->get_var( "SELECT SUM(LENGTH(embedding)) FROM {$wpdb->prefix}wpvdb_embeddings" );
 		$storage_used     = size_format( $storage_used ? $storage_used : 0 );
 	} catch ( \Exception $e ) {
 		// Handle exception.
@@ -49,6 +50,7 @@
 		$storage_used     = size_format( 0 );
 	}
 }
+// phpcs:enable WordPress.DB.DirectDatabaseQuery.DirectQuery, WordPress.DB.DirectDatabaseQuery.NoCaching
 
 // Restore error display.
 $wpdb->show_errors = $show_errors;
@@ -65,34 +67,37 @@
 
 	case 'embeddings':
 		// Get paginated embeddings if table exists.
-		$page     = isset( $_GET['paged'] ) ? absint( $_GET['paged'] ) : 1;
-		$per_page = 20;
-		$offset   = ( $page - 1 ) * $per_page;
+		$embedding_page = isset( $_GET['paged'] ) ? absint( $_GET['paged'] ) : 1; // phpcs:ignore WordPress.Security.NonceVerification.Recommended
+		$items_per_page = 20;
+		$offset         = ( $embedding_page - 1 ) * $items_per_page;
 
 		$embeddings  = array();
 		$total_pages = 0;
 
 		if ( $table_exists ) {
+			// phpcs:disable WordPress.DB.DirectDatabaseQuery.DirectQuery, WordPress.DB.DirectDatabaseQuery.NoCaching
 			try {
 				$embeddings = $wpdb->get_results(
 					$wpdb->prepare(
 						"SELECT id, doc_id, chunk_id, LEFT(chunk_content, 150) as preview, summary
-                    FROM {$table_name} ORDER BY id DESC LIMIT %d OFFSET %d",
-						$per_page,
+							FROM {$wpdb->prefix}wpvdb_embeddings
+							ORDER BY id DESC LIMIT %d OFFSET %d",
+						$items_per_page,
 						$offset
 					)
 				);
 				$embeddings = $embeddings ? $embeddings : array();
 
-				$total_embeddings = $wpdb->get_var( "SELECT COUNT(*) FROM {$table_name}" );
+				$total_embeddings = $wpdb->get_var( "SELECT COUNT(*) FROM {$wpdb->prefix}wpvdb_embeddings" );
 				$total_embeddings = $total_embeddings ? $total_embeddings : 0;
-				$total_pages      = ceil( $total_embeddings / $per_page );
+				$total_pages      = ceil( $total_embeddings / $items_per_page );
 			} catch ( \Exception $e ) {
 				// Handle exception.
 				$embeddings       = array();
 				$total_embeddings = 0;
 				$total_pages      = 0;
 			}
+			// phpcs:enable WordPress.DB.DirectDatabaseQuery.DirectQuery, WordPress.DB.DirectDatabaseQuery.NoCaching
 		}
 		break;
 
@@ -123,25 +128,26 @@
 		);
 
 		// Get database statistics only if table exists.
+		// phpcs:disable WordPress.DB.DirectDatabaseQuery.DirectQuery, WordPress.DB.DirectDatabaseQuery.NoCaching
 		if ( $table_exists ) {
 			try {
 				// Update db_info with actual values.
-				$db_info['total_embeddings'] = $wpdb->get_var( "SELECT COUNT(*) FROM {$table_name}" );
+				$db_info['total_embeddings'] = $wpdb->get_var( "SELECT COUNT(*) FROM {$wpdb->prefix}wpvdb_embeddings" );
 				$db_info['total_embeddings'] = $db_info['total_embeddings'] ? $db_info['total_embeddings'] : 0;
-				$db_info['total_documents']  = $wpdb->get_var( "SELECT COUNT(DISTINCT doc_id) FROM {$table_name}" );
+				$db_info['total_documents']  = $wpdb->get_var( "SELECT COUNT(DISTINCT doc_id) FROM {$wpdb->prefix}wpvdb_embeddings" );
 				$db_info['total_documents']  = $db_info['total_documents'] ? $db_info['total_documents'] : 0;
-				$storage_used                = $wpdb->get_var( "SELECT SUM(LENGTH(embedding)) FROM {$table_name}" );
+				$storage_used                = $wpdb->get_var( "SELECT SUM(LENGTH(embedding)) FROM {$wpdb->prefix}wpvdb_embeddings" );
 				$db_info['storage_used']     = size_format( $storage_used ? $storage_used : 0 );
 
 				// Update db_stats with actual values.
 				$db_stats['total_embeddings']       = $db_info['total_embeddings'];
 				$db_stats['total_docs']             = $db_info['total_documents'];
 				$db_stats['storage_used']           = $db_info['storage_used'];
-				$avg_embedding_size                 = $wpdb->get_var( "SELECT AVG(LENGTH(embedding)) FROM {$table_name}" );
+				$avg_embedding_size                 = $wpdb->get_var( "SELECT AVG(LENGTH(embedding)) FROM {$wpdb->prefix}wpvdb_embeddings" );
 				$db_stats['avg_embedding_size']     = size_format( $avg_embedding_size ? $avg_embedding_size : 0 );
-				$largest_embedding                  = $wpdb->get_var( "SELECT MAX(LENGTH(embedding)) FROM {$table_name}" );
+				$largest_embedding                  = $wpdb->get_var( "SELECT MAX(LENGTH(embedding)) FROM {$wpdb->prefix}wpvdb_embeddings" );
 				$db_stats['largest_embedding']      = size_format( $largest_embedding ? $largest_embedding : 0 );
-				$avg_chunk_content_size             = $wpdb->get_var( "SELECT AVG(LENGTH(chunk_content)) FROM {$table_name}" );
+				$avg_chunk_content_size             = $wpdb->get_var( "SELECT AVG(LENGTH(chunk_content)) FROM {$wpdb->prefix}wpvdb_embeddings" );
 				$db_stats['avg_chunk_content_size'] = size_format( $avg_chunk_content_size ? $avg_chunk_content_size : 0 );
 			} catch ( \Exception $e ) {
 				// In case of error, we already have default values.
@@ -153,12 +159,13 @@
 		$table_structure = array();
 		if ( $table_exists ) {
 			try {
-				$table_structure = $wpdb->get_results( "DESCRIBE {$table_name}" );
+				$table_structure = $wpdb->get_results( "DESCRIBE {$wpdb->prefix}wpvdb_embeddings" );
 				$table_structure = $table_structure ? $table_structure : array();
 			} catch ( \Exception $e ) {
 				$table_structure = array();
 			}
 		}
+		// phpcs:enable WordPress.DB.DirectDatabaseQuery.DirectQuery, WordPress.DB.DirectDatabaseQuery.NoCaching
 
 		// Embedding provider information.
 		$embedding_info = array(
@@ -197,7 +204,7 @@
 				$active = $tab === $tab_id ? ' nav-tab-active' : '';
 				$url    = admin_url( 'admin.php?page=wpvdb-' . $tab_id );
 				?>
-				<a href="<?php echo esc_url( $url ); ?>" class="nav-tab<?php echo $active; ?>"><?php echo esc_html( $tab_label ); ?></a>
+				<a href="<?php echo esc_url( $url ); ?>" class="<?php echo esc_attr( 'nav-tab' . $active ); ?>"><?php echo esc_html( $tab_label ); ?></a>
 			<?php endforeach; ?>
 		</nav>
 	<?php endif; ?>
diff --git a/admin/views/incompatible-db-notice.php b/admin/views/incompatible-db-notice.php
index 9d358b6..7d0cffd 100644
--- a/admin/views/incompatible-db-notice.php
+++ b/admin/views/incompatible-db-notice.php
@@ -10,25 +10,26 @@
 defined( 'ABSPATH' ) || exit;
 ?>
 <div class="notice notice-error">
-	<p><strong><?php _e( 'WordPress Vector Database - Incompatible Database', 'wpvdb' ); ?></strong></p>
+	<p><strong><?php esc_html_e( 'WordPress Vector Database - Incompatible Database', 'wpvdb' ); ?></strong></p>
 	<p>
 		<?php
 		printf(
-			__( 'Your %1$s database is not compatible with WordPress Vector Database. Vector features require %1$s version %2$s or newer.', 'wpvdb' ),
+			/* translators: 1: Database type. 2: Minimum database version. */
+			esc_html__( 'Your %1$s database is not compatible with WordPress Vector Database. Vector features require %1$s version %2$s or newer.', 'wpvdb' ),
 			esc_html( ucfirst( $db_type ) ),
 			esc_html( $min_version )
 		);
 		?>
 	</p>
 	<p>
-		<?php _e( 'For detailed compatibility information, please visit the Vector DB settings page before the plugin is deactivated.', 'wpvdb' ); ?>
+		<?php esc_html_e( 'For detailed compatibility information, please visit the Vector DB settings page before the plugin is deactivated.', 'wpvdb' ); ?>
 	</p>
 	<p>
 		<a href="<?php echo esc_url( admin_url( 'admin.php?page=wpvdb-dashboard' ) ); ?>" class="button button-primary">
-			<?php _e( 'View Compatibility Details', 'wpvdb' ); ?>
+			<?php esc_html_e( 'View Compatibility Details', 'wpvdb' ); ?>
 		</a>
 		<a href="<?php echo esc_url( admin_url( 'plugins.php' ) ); ?>" class="button">
-			<?php _e( 'Manage Plugins', 'wpvdb' ); ?>
+			<?php esc_html_e( 'Manage Plugins', 'wpvdb' ); ?>
 		</a>
 	</p>
 </div>
diff --git a/admin/views/incompatible-db-warning.php b/admin/views/incompatible-db-warning.php
index 0dbb1a2..cebc22a 100644
--- a/admin/views/incompatible-db-warning.php
+++ b/admin/views/incompatible-db-warning.php
@@ -35,11 +35,21 @@
 
 if ( 'mysql' === $db_type ) {
 	if ( version_compare( $version, $min_mysql_version, '<' ) ) {
-		$upgrade_steps[] = sprintf( __( 'Upgrade MySQL from version %1$s to version %2$s or newer', 'wpvdb' ), $version, $min_mysql_version );
+		$upgrade_steps[] = sprintf(
+			/* translators: 1: Current MySQL version. 2: Minimum MySQL version. */
+			__( 'Upgrade MySQL from version %1$s to version %2$s or newer', 'wpvdb' ),
+			$version,
+			$min_mysql_version
+		);
 	}
 } elseif ( 'mariadb' === $db_type ) {
 	if ( version_compare( $version, $min_mariadb_version, '<' ) ) {
-		$upgrade_steps[] = sprintf( __( 'Upgrade MariaDB from version %1$s to version %2$s or newer', 'wpvdb' ), $version, $min_mariadb_version );
+		$upgrade_steps[] = sprintf(
+			/* translators: 1: Current MariaDB version. 2: Minimum MariaDB version. */
+			__( 'Upgrade MariaDB from version %1$s to version %2$s or newer', 'wpvdb' ),
+			$version,
+			$min_mariadb_version
+		);
 	}
 }
 
@@ -62,89 +72,90 @@
 ?>
 
 <div class="wrap wpvdb-admin">
-	<h1><?php _e( 'WordPress Vector Database - Incompatible Database', 'wpvdb' ); ?></h1>
-
-	<div class="notice notice-error">
-		<p><strong><?php _e( 'Your database configuration is not compatible with WordPress Vector Database.', 'wpvdb' ); ?></strong></p>
-		<p>
-			<?php
-			printf(
-				__( 'You are using %1$s version %2$s. Vector Database features require %3$s version %4$s or newer.', 'wpvdb' ),
-				esc_html( ucfirst( $db_type ) ),
-				esc_html( $version ),
-				esc_html( 'mysql' === $db_type ? 'MySQL' : 'MariaDB' ),
-				esc_html( 'mysql' === $db_type ? $min_mysql_version : $min_mariadb_version )
-			);
-			?>
+		<h1><?php esc_html_e( 'WordPress Vector Database - Incompatible Database', 'wpvdb' ); ?></h1>
+
+		<div class="notice notice-error">
+			<p><strong><?php esc_html_e( 'Your database configuration is not compatible with WordPress Vector Database.', 'wpvdb' ); ?></strong></p>
+			<p>
+				<?php
+				printf(
+					/* translators: 1: Current database type. 2: Current database version. 3: Required database type. 4: Minimum database version. */
+					esc_html__( 'You are using %1$s version %2$s. Vector Database features require %3$s version %4$s or newer.', 'wpvdb' ),
+					esc_html( ucfirst( $db_type ) ),
+					esc_html( $version ),
+					esc_html( 'mysql' === $db_type ? 'MySQL' : 'MariaDB' ),
+					esc_html( 'mysql' === $db_type ? $min_mysql_version : $min_mariadb_version )
+				);
+				?>
 		</p>
 	</div>
 
 	<div class="wpvdb-card">
-		<h2><?php _e( 'How to Fix This Issue', 'wpvdb' ); ?></h2>
-
-		<div class="wpvdb-card-section">
-			<h3><?php _e( 'Option 1: Upgrade Your Database', 'wpvdb' ); ?></h3>
-			<?php if ( ! empty( $upgrade_steps ) ) : ?>
+			<h2><?php esc_html_e( 'How to Fix This Issue', 'wpvdb' ); ?></h2>
+
+			<div class="wpvdb-card-section">
+				<h3><?php esc_html_e( 'Option 1: Upgrade Your Database', 'wpvdb' ); ?></h3>
+				<?php if ( ! empty( $upgrade_steps ) ) : ?>
+					<ul>
+						<?php foreach ( $upgrade_steps as $step ) : ?>
+							<li><?php echo esc_html( $step ); ?></li>
+						<?php endforeach; ?>
+					</ul>
+				<?php else : ?>
+					<p><?php esc_html_e( 'Your database version was not detected correctly. Please make sure you\'re using MySQL 8.0.32+ or MariaDB 11.7+.', 'wpvdb' ); ?></p>
+				<?php endif; ?>
+			</div>
+
+			<div class="wpvdb-card-section">
+				<h3><?php esc_html_e( 'Option 2: Use Docker Development Environment', 'wpvdb' ); ?></h3>
+				<p><?php esc_html_e( 'This plugin includes a Docker setup that has properly configured databases ready to use.', 'wpvdb' ); ?></p>
 				<ul>
-					<?php foreach ( $upgrade_steps as $step ) : ?>
-						<li><?php echo $step; ?></li>
+					<?php foreach ( $docker_steps as $step ) : ?>
+						<li><?php echo wp_kses_post( $step ); ?></li>
 					<?php endforeach; ?>
 				</ul>
-			<?php else : ?>
-				<p><?php _e( 'Your database version was not detected correctly. Please make sure you\'re using MySQL 8.0.32+ or MariaDB 11.7+.', 'wpvdb' ); ?></p>
-			<?php endif; ?>
-		</div>
-
-		<div class="wpvdb-card-section">
-			<h3><?php _e( 'Option 2: Use Docker Development Environment', 'wpvdb' ); ?></h3>
-			<p><?php _e( 'This plugin includes a Docker setup that has properly configured databases ready to use.', 'wpvdb' ); ?></p>
-			<ul>
-				<?php foreach ( $docker_steps as $step ) : ?>
-					<li><?php echo $step; ?></li>
+			</div>
+
+			<div class="wpvdb-card-section">
+				<h3><?php esc_html_e( 'Option 3: Enable Fallbacks (Not Recommended)', 'wpvdb' ); ?></h3>
+				<?php foreach ( $enable_fallbacks as $text ) : ?>
+					<p><?php echo wp_kses_post( $text ); ?></p>
 				<?php endforeach; ?>
-			</ul>
-		</div>
-
-		<div class="wpvdb-card-section">
-			<h3><?php _e( 'Option 3: Enable Fallbacks (Not Recommended)', 'wpvdb' ); ?></h3>
-			<?php foreach ( $enable_fallbacks as $text ) : ?>
-				<p><?php echo $text; ?></p>
-			<?php endforeach; ?>
-		</div>
+			</div>
 	</div>
 
 	<div class="wpvdb-card">
-		<h2><?php _e( 'Database Comparison', 'wpvdb' ); ?></h2>
+			<h2><?php esc_html_e( 'Database Comparison', 'wpvdb' ); ?></h2>
 		<table class="wp-list-table widefat fixed striped">
 			<thead>
 				<tr>
-					<th><?php _e( 'Feature', 'wpvdb' ); ?></th>
-					<th><?php _e( 'MySQL 8.0.32+', 'wpvdb' ); ?></th>
-					<th><?php _e( 'MariaDB 11.7+', 'wpvdb' ); ?></th>
-					<th><?php _e( 'Fallback Mode', 'wpvdb' ); ?></th>
+					<th><?php esc_html_e( 'Feature', 'wpvdb' ); ?></th>
+					<th><?php esc_html_e( 'MySQL 8.0.32+', 'wpvdb' ); ?></th>
+					<th><?php esc_html_e( 'MariaDB 11.7+', 'wpvdb' ); ?></th>
+					<th><?php esc_html_e( 'Fallback Mode', 'wpvdb' ); ?></th>
 				</tr>
 			</thead>
 			<tbody>
 				<tr>
-					<td><?php _e( 'Vector Type', 'wpvdb' ); ?></td>
+					<td><?php esc_html_e( 'Vector Type', 'wpvdb' ); ?></td>
 					<td><span class="dashicons dashicons-yes"></span> VECTOR(dim)</td>
 					<td><span class="dashicons dashicons-yes"></span> VECTOR(dim)</td>
 					<td><span class="dashicons dashicons-warning"></span> LONGTEXT (JSON)</td>
 				</tr>
 				<tr>
-					<td><?php _e( 'Vector Indexing', 'wpvdb' ); ?></td>
+					<td><?php esc_html_e( 'Vector Indexing', 'wpvdb' ); ?></td>
 					<td><span class="dashicons dashicons-no"></span> No native support</td>
 					<td><span class="dashicons dashicons-yes"></span> VECTOR index type</td>
 					<td><span class="dashicons dashicons-no"></span> No indexing</td>
 				</tr>
 				<tr>
-					<td><?php _e( 'Performance', 'wpvdb' ); ?></td>
+					<td><?php esc_html_e( 'Performance', 'wpvdb' ); ?></td>
 					<td><span class="dashicons dashicons-yes"></span> High</td>
 					<td><span class="dashicons dashicons-yes"></span> Very High</td>
 					<td><span class="dashicons dashicons-no"></span> Low</td>
 				</tr>
 				<tr>
-					<td><?php _e( 'Query Speed', 'wpvdb' ); ?></td>
+					<td><?php esc_html_e( 'Query Speed', 'wpvdb' ); ?></td>
 					<td><span class="dashicons dashicons-yes"></span> Fast</td>
 					<td><span class="dashicons dashicons-yes"></span> Very Fast</td>
 					<td><span class="dashicons dashicons-no"></span> Slow</td>
diff --git a/admin/views/settings.php b/admin/views/settings.php
index 95d2d9e..270bf15 100644
--- a/admin/views/settings.php
+++ b/admin/views/settings.php
@@ -54,7 +54,8 @@
 <div class="wrap wpvdb-settings">
 	<?php
 	// Show WordPress settings updated notice.
-	if ( isset( $_GET['settings-updated'] ) && $_GET['settings-updated'] ) {
+	$settings_updated = isset( $_GET['settings-updated'] ) && is_scalar( $_GET['settings-updated'] ) ? sanitize_key( wp_unslash( $_GET['settings-updated'] ) ) : ''; // phpcs:ignore WordPress.Security.NonceVerification.Recommended
+	if ( 'true' === $settings_updated ) {
 		add_settings_error( 'wpvdb_settings', 'wpvdb_settings_updated', __( 'Settings saved.', 'wpvdb' ), 'success' );
 	}
 	settings_errors( 'wpvdb_settings' );
@@ -87,7 +88,7 @@
 	);
 
 	// Get the current section from URL or default to 'api'.
-	$current_section = isset( $_GET['section'] ) ? sanitize_key( $_GET['section'] ) : 'api';
+	$current_section = isset( $_GET['section'] ) && is_scalar( $_GET['section'] ) ? sanitize_key( wp_unslash( $_GET['section'] ) ) : 'api'; // phpcs:ignore WordPress.Security.NonceVerification.Recommended
 
 	// Ensure we have a valid section.
 	if ( ! array_key_exists( $current_section, $sections ) ) {
@@ -422,18 +423,17 @@ function wpvdbToggleProviderFields() {
 							</p>
 
 							<?php
-							$post_types = get_post_types( array( 'public' => true ), 'objects' );
-							foreach ( $post_types as $post_type ) :
-								$checked = in_array( $post_type->name, $auto_embed_post_types ) ? 'checked' : '';
+							$available_post_types = get_post_types( array( 'public' => true ), 'objects' );
+							foreach ( $available_post_types as $content_type ) :
 								?>
 								<p>
 									<label>
 										<input type="checkbox"
 												name="wpvdb_settings[post_types][]"
-												value="<?php echo esc_attr( $post_type->name ); ?>"
-												<?php echo $checked; ?>
+												value="<?php echo esc_attr( $content_type->name ); ?>"
+												<?php checked( in_array( $content_type->name, $auto_embed_post_types, true ) ); ?>
 												class="wpvdb-post-type-checkbox">
-										<?php echo esc_html( $post_type->label ); ?>
+										<?php echo esc_html( $content_type->label ); ?>
 									</label>
 								</p>
 							<?php endforeach; ?>
diff --git a/admin/views/status.php b/admin/views/status.php
index 1438248..76495bb 100644
--- a/admin/views/status.php
+++ b/admin/views/status.php
@@ -26,29 +26,31 @@
 	$table_name = $wpdb->prefix . 'wpvdb_embeddings';
 
 	// Check if the table exists first.
-	$table_exists = $wpdb->get_var( "SHOW TABLES LIKE '$table_name'" ) === $table_name;
+	// phpcs:disable WordPress.DB.DirectDatabaseQuery.DirectQuery, WordPress.DB.DirectDatabaseQuery.NoCaching
+	$table_exists = $wpdb->get_var( $wpdb->prepare( 'SHOW TABLES LIKE %s', $wpdb->esc_like( $table_name ) ) ) === $table_name;
 
 	if ( $table_exists ) {
 		// Check if the index exists.
-		$index_exists                  = $wpdb->get_var( "SHOW INDEX FROM $table_name WHERE Key_name = 'embedding_idx'" ) !== null;
+		$index_exists                  = $wpdb->get_var( "SHOW INDEX FROM {$wpdb->prefix}wpvdb_embeddings WHERE Key_name = 'embedding_idx'" ) !== null;
 		$vector_index_status['exists'] = $index_exists;
 
 		if ( $index_exists ) {
 			// Check if other supporting indexes exist for optimal performance.
-			$has_doc_id_index   = $wpdb->get_var( "SHOW INDEX FROM $table_name WHERE Key_name = 'doc_id_idx'" ) !== null;
-			$has_doc_type_index = $wpdb->get_var( "SHOW INDEX FROM $table_name WHERE Key_name = 'doc_type_idx'" ) !== null;
+			$has_doc_id_index   = $wpdb->get_var( "SHOW INDEX FROM {$wpdb->prefix}wpvdb_embeddings WHERE Key_name = 'doc_id_idx'" ) !== null;
+			$has_doc_type_index = $wpdb->get_var( "SHOW INDEX FROM {$wpdb->prefix}wpvdb_embeddings WHERE Key_name = 'doc_type_idx'" ) !== null;
 
 			$vector_index_status['optimization'] = $has_doc_id_index && $has_doc_type_index;
 
 			// Check index health by running EXPLAIN on a simple query.
 			try {
-				$result                        = $wpdb->get_row( "EXPLAIN SELECT * FROM $table_name ORDER BY COSINE_DISTANCE(embedding, '[1,0,0]') LIMIT 1" );
+				$result                        = $wpdb->get_row( "EXPLAIN SELECT * FROM {$wpdb->prefix}wpvdb_embeddings ORDER BY COSINE_DISTANCE(embedding, '[1,0,0]') LIMIT 1" );
 				$vector_index_status['health'] = ( isset( $result->key ) && 'embedding_idx' === $result->key ) ? 'good' : 'suboptimal';
 			} catch ( \Exception $e ) {
 				$vector_index_status['health'] = 'error';
 			}
 		}
 	}
+	// phpcs:enable WordPress.DB.DirectDatabaseQuery.DirectQuery, WordPress.DB.DirectDatabaseQuery.NoCaching
 }
 
 // Get provider change status - CRITICAL FIX: Force fresh data retrieval.
@@ -91,14 +93,14 @@
 $system_info['mysql_version'] = $database->get_db_version();
 
 // Plugin info.
-$plugins                = get_plugins();
+$installed_plugins      = get_plugins();
 $active_plugins         = get_option( 'active_plugins', array() );
 $system_info['plugins'] = array();
-foreach ( $plugins as $plugin_path => $plugin_data ) {
+foreach ( $installed_plugins as $plugin_path => $plugin_data ) {
 	$system_info['plugins'][] = array(
 		'name'    => $plugin_data['Name'],
 		'version' => $plugin_data['Version'],
-		'active'  => in_array( $plugin_path, $active_plugins ),
+		'active'  => in_array( $plugin_path, $active_plugins, true ),
 	);
 }
 
@@ -108,15 +110,17 @@
 $system_info['fallbacks_enabled'] = $database->are_fallbacks_enabled() ? 'Yes' : 'No';
 
 // Get embedding tables info.
-$embedding_table                       = $wpdb->prefix . 'wpvdb_embeddings';
-$embedding_table_exists                = $wpdb->get_var( "SHOW TABLES LIKE '$embedding_table'" ) === $embedding_table;
+$embedding_table = $wpdb->prefix . 'wpvdb_embeddings';
+// phpcs:disable WordPress.DB.DirectDatabaseQuery.DirectQuery, WordPress.DB.DirectDatabaseQuery.NoCaching
+$embedding_table_exists                = $wpdb->get_var( $wpdb->prepare( 'SHOW TABLES LIKE %s', $wpdb->esc_like( $embedding_table ) ) ) === $embedding_table;
 $system_info['embedding_table_exists'] = $embedding_table_exists ? 'Yes' : 'No';
 
 if ( $embedding_table_exists ) {
-	$system_info['embedding_count'] = $wpdb->get_var( "SELECT COUNT(*) FROM $embedding_table" );
+	$system_info['embedding_count'] = $wpdb->get_var( "SELECT COUNT(*) FROM {$wpdb->prefix}wpvdb_embeddings" );
 } else {
 	$system_info['embedding_count'] = '0';
 }
+// phpcs:enable WordPress.DB.DirectDatabaseQuery.DirectQuery, WordPress.DB.DirectDatabaseQuery.NoCaching
 
 // Define available sections.
 $sections = array(
@@ -125,7 +129,7 @@
 );
 
 // Get the current section from URL or default to 'info'.
-$current_section = isset( $_GET['section'] ) ? sanitize_key( $_GET['section'] ) : 'info';
+$current_section = isset( $_GET['section'] ) && is_scalar( $_GET['section'] ) ? sanitize_key( wp_unslash( $_GET['section'] ) ) : 'info'; // phpcs:ignore WordPress.Security.NonceVerification.Recommended
 
 // Ensure we have a valid section.
 if ( ! array_key_exists( $current_section, $sections ) ) {
@@ -165,7 +169,7 @@
 			<?php
 			echo esc_html(
 				sprintf(
-				/* translators: 1: job id, 2: status, 3: provider, 4: model, 5: scanned count, 6: queued count, 7: skipped count, 8: updated_at timestamp */
+					/* translators: 1: job id, 2: status, 3: provider, 4: model, 5: scanned count, 6: queued count, 7: skipped count, 8: updated_at timestamp */
 					__( 'Job #%1$d (%2$s) for %3$s / %4$s. Scanned: %5$d. Queued: %6$d. Skipped: %7$d. Updated: %8$s.', 'wpvdb' ),
 					(int) $active_reindex_job['job_id'],
 					$active_reindex_job['status'],
@@ -237,9 +241,9 @@
 				</tr>
 				<tr>
 					<th>
-					<?php
+						<?php
 						echo esc_html( ucfirst( $system_info['db_type'] ) . ' ' . __( 'Version', 'wpvdb' ) );
-					?>
+						?>
 					</th>
 					<td><?php echo isset( $system_info['mysql_version'] ) ? esc_html( $system_info['mysql_version'] ) : esc_html__( 'Not available', 'wpvdb' ); ?></td>
 				</tr>
@@ -296,8 +300,9 @@
 							<span class="dashicons dashicons-yes" style="color:green;"></span>
 							<?php
 							printf(
-								_n( 'Exists (%s record)', 'Exists (%s records)', intval( $system_info['embedding_count'] ), 'wpvdb' ),
-								number_format_i18n( intval( $system_info['embedding_count'] ) )
+								/* translators: %s: Number of embedding records. */
+								esc_html( _n( 'Exists (%s record)', 'Exists (%s records)', intval( $system_info['embedding_count'] ), 'wpvdb' ) ),
+								esc_html( number_format_i18n( intval( $system_info['embedding_count'] ) ) )
 							);
 							?>
 						<?php else : ?>
@@ -307,53 +312,53 @@
 				</tr>
 
 				<?php if ( $database->get_db_type() === 'mariadb' && $database->has_native_vector_support() ) : ?>
-				<tr>
-					<th><?php _e( 'Vector Index', 'wpvdb' ); ?></th>
-					<td>
-						<?php if ( $vector_index_status['exists'] ) : ?>
-							<span class="dashicons dashicons-yes" style="color:green;"></span> <?php _e( 'Available', 'wpvdb' ); ?>
-						<?php else : ?>
-							<span class="dashicons dashicons-no" style="color:red;"></span> <?php _e( 'Not Created', 'wpvdb' ); ?>
-							<?php if ( 'Yes' === $system_info['embedding_table_exists'] ) : ?>
-							<a href="<?php echo esc_url( admin_url( 'admin.php?page=wpvdb-status&section=tools' ) ); ?>" class="button button-small" style="margin-left: 10px;">
-								<?php _e( 'Create Index', 'wpvdb' ); ?>
-							</a>
+					<tr>
+						<th><?php _e( 'Vector Index', 'wpvdb' ); ?></th>
+						<td>
+							<?php if ( $vector_index_status['exists'] ) : ?>
+								<span class="dashicons dashicons-yes" style="color:green;"></span> <?php _e( 'Available', 'wpvdb' ); ?>
+							<?php else : ?>
+								<span class="dashicons dashicons-no" style="color:red;"></span> <?php _e( 'Not Created', 'wpvdb' ); ?>
+								<?php if ( 'Yes' === $system_info['embedding_table_exists'] ) : ?>
+									<a href="<?php echo esc_url( admin_url( 'admin.php?page=wpvdb-status&section=tools' ) ); ?>" class="button button-small" style="margin-left: 10px;">
+										<?php _e( 'Create Index', 'wpvdb' ); ?>
+									</a>
+								<?php endif; ?>
 							<?php endif; ?>
-						<?php endif; ?>
-					</td>
-				</tr>
+						</td>
+					</tr>
 					<?php if ( $vector_index_status['exists'] ) : ?>
-				<tr>
-					<th><?php _e( 'Vector Index Health', 'wpvdb' ); ?></th>
-					<td>
-						<?php if ( 'good' === $vector_index_status['health'] ) : ?>
-							<span class="dashicons dashicons-yes" style="color:green;"></span> <?php _e( 'Good', 'wpvdb' ); ?>
-						<?php elseif ( 'suboptimal' === $vector_index_status['health'] ) : ?>
-							<span class="dashicons dashicons-warning" style="color:orange;"></span> <?php _e( 'Suboptimal', 'wpvdb' ); ?>
-							<span class="description" style="display:block;margin-top:4px">
-								<?php _e( 'Index may not be used for all queries.', 'wpvdb' ); ?>
-							</span>
-						<?php elseif ( 'error' === $vector_index_status['health'] ) : ?>
-							<span class="dashicons dashicons-no" style="color:red;"></span> <?php _e( 'Error', 'wpvdb' ); ?>
-						<?php else : ?>
-							<span class="dashicons dashicons-editor-help"></span> <?php _e( 'Unknown', 'wpvdb' ); ?>
-						<?php endif; ?>
-					</td>
-				</tr>
-				<tr>
-					<th><?php _e( 'Index Optimization', 'wpvdb' ); ?></th>
-					<td>
-						<?php if ( $vector_index_status['optimization'] ) : ?>
-							<span class="dashicons dashicons-yes" style="color:green;"></span> <?php _e( 'Optimized', 'wpvdb' ); ?>
-						<?php else : ?>
-							<span class="dashicons dashicons-no" style="color:orange;"></span> <?php _e( 'Not Fully Optimized', 'wpvdb' ); ?>
-							<a href="#" id="wpvdb-optimize-vector-index" class="button button-small" style="margin-left: 10px;">
-								<?php _e( 'Optimize Now', 'wpvdb' ); ?>
-							</a>
-						<?php endif; ?>
-					</td>
-				</tr>
-				<?php endif; ?>
+						<tr>
+							<th><?php _e( 'Vector Index Health', 'wpvdb' ); ?></th>
+							<td>
+								<?php if ( 'good' === $vector_index_status['health'] ) : ?>
+									<span class="dashicons dashicons-yes" style="color:green;"></span> <?php _e( 'Good', 'wpvdb' ); ?>
+								<?php elseif ( 'suboptimal' === $vector_index_status['health'] ) : ?>
+									<span class="dashicons dashicons-warning" style="color:orange;"></span> <?php _e( 'Suboptimal', 'wpvdb' ); ?>
+									<span class="description" style="display:block;margin-top:4px">
+										<?php _e( 'Index may not be used for all queries.', 'wpvdb' ); ?>
+									</span>
+								<?php elseif ( 'error' === $vector_index_status['health'] ) : ?>
+									<span class="dashicons dashicons-no" style="color:red;"></span> <?php _e( 'Error', 'wpvdb' ); ?>
+								<?php else : ?>
+									<span class="dashicons dashicons-editor-help"></span> <?php _e( 'Unknown', 'wpvdb' ); ?>
+								<?php endif; ?>
+							</td>
+						</tr>
+						<tr>
+							<th><?php _e( 'Index Optimization', 'wpvdb' ); ?></th>
+							<td>
+								<?php if ( $vector_index_status['optimization'] ) : ?>
+									<span class="dashicons dashicons-yes" style="color:green;"></span> <?php _e( 'Optimized', 'wpvdb' ); ?>
+								<?php else : ?>
+									<span class="dashicons dashicons-no" style="color:orange;"></span> <?php _e( 'Not Fully Optimized', 'wpvdb' ); ?>
+									<a href="#" id="wpvdb-optimize-vector-index" class="button button-small" style="margin-left: 10px;">
+										<?php _e( 'Optimize Now', 'wpvdb' ); ?>
+									</a>
+								<?php endif; ?>
+							</td>
+						</tr>
+					<?php endif; ?>
 				<?php endif; ?>
 			</tbody>
 		</table>
@@ -385,6 +390,7 @@
 						<?php
 						echo esc_html(
 							sprintf(
+								/* translators: 1: Current provider. 2: Pending provider. */
 								__( 'Change from %1$s to %2$s is pending', 'wpvdb' ),
 								ucfirst( $active_provider ),
 								ucfirst( $pending_provider )
@@ -400,6 +406,7 @@
 						<?php
 						echo esc_html(
 							sprintf(
+								/* translators: 1: Current model. 2: Pending model. */
 								__( 'Change from %1$s to %2$s is pending', 'wpvdb' ),
 								$active_model,
 								$pending_model
@@ -421,7 +428,7 @@
 							<form method="post" action="<?php echo esc_url( admin_url( 'admin-post.php' ) ); ?>" style="display:inline-block; margin-left:10px;">
 								<input type="hidden" name="action" value="wpvdb_cancel_provider_change">
 								<?php wp_nonce_field( 'wpvdb-admin' ); ?>
-								<input type="submit" id="wpvdb-cancel-provider-change-direct" class="button" value="<?php esc_attr_e( 'Cancel Change', 'wpvdb' ); ?>" onclick="return confirm('Are you sure you want to cancel the pending provider change?');">
+								<input type="submit" id="wpvdb-cancel-provider-change-direct" class="button" value="<?php esc_attr_e( 'Cancel Change', 'wpvdb' ); ?>" onclick="return confirm('<?php echo esc_js( __( 'Are you sure you want to cancel the pending provider change?', 'wpvdb' ) ); ?>');">
 							</form>
 
 							<!-- Keep the original buttons as backup -->
@@ -501,165 +508,168 @@
 				<p><?php esc_html_e( 'Maintenance tools are hidden for this demo site.', 'wpvdb' ); ?></p>
 			</div>
 		<?php else : ?>
-		<div class="wpvdb-card">
-			<h3><?php _e( 'Database Tables', 'wpvdb' ); ?></h3>
-			<p><?php _e( 'If you are experiencing issues with embeddings, you can recreate the database tables.', 'wpvdb' ); ?></p>
-			<p>
-				<?php
-				$has_vector = $database->has_native_vector_support();
-				if ( $has_vector ) {
-					esc_html_e( 'Re-create the database tables with native vector support.', 'wpvdb' );
-					echo ' <span class="dashicons dashicons-yes" style="color:green;"></span>';
-				} else {
-					esc_html_e( 'Re-create the database tables with fallback support.', 'wpvdb' );
-					echo ' <span class="dashicons dashicons-warning" style="color:orange;"></span>';
-				}
-				?>
-			</p>
-			<p>
-				<a href="<?php echo wp_nonce_url( add_query_arg( array( 'action' => 'wpvdb_recreate_tables' ), admin_url( 'admin.php?page=wpvdb-status' ) ), 'wpvdb_recreate_tables' ); ?>" class="button" onclick="return confirm('<?php esc_attr_e( 'This will delete and recreate all Vector Database tables. Your embeddings will be lost and need to be regenerated. Are you sure?', 'wpvdb' ); ?>');">
-					<?php _e( 'Recreate Database Tables', 'wpvdb' ); ?>
-				</a>
-			</p>
-		</div>
+			<div class="wpvdb-card">
+				<h3><?php _e( 'Database Tables', 'wpvdb' ); ?></h3>
+				<p><?php _e( 'If you are experiencing issues with embeddings, you can recreate the database tables.', 'wpvdb' ); ?></p>
+				<p>
+					<?php
+					$has_vector = $database->has_native_vector_support();
+					if ( $has_vector ) {
+						esc_html_e( 'Re-create the database tables with native vector support.', 'wpvdb' );
+						echo ' <span class="dashicons dashicons-yes" style="color:green;"></span>';
+					} else {
+						esc_html_e( 'Re-create the database tables with fallback support.', 'wpvdb' );
+						echo ' <span class="dashicons dashicons-warning" style="color:orange;"></span>';
+					}
+					?>
+				</p>
+				<p>
+					<a href="<?php echo esc_url( wp_nonce_url( add_query_arg( array( 'action' => 'wpvdb_recreate_tables' ), admin_url( 'admin.php?page=wpvdb-status' ) ), 'wpvdb_recreate_tables' ) ); ?>" class="button" onclick="return confirm('<?php echo esc_js( __( 'This will delete and recreate all Vector Database tables. Your embeddings will be lost and need to be regenerated. Are you sure?', 'wpvdb' ) ); ?>');">
+						<?php _e( 'Recreate Database Tables', 'wpvdb' ); ?>
+					</a>
+				</p>
+			</div>
 
 			<?php if ( $has_pending_change ) : ?>
-		<div class="wpvdb-card wpvdb-pending-change-card">
-			<h3><?php _e( 'Pending Provider Change', 'wpvdb' ); ?></h3>
-			<p><?php _e( 'There is a pending change to your embedding provider configuration.', 'wpvdb' ); ?></p>
-			<div class="wpvdb-provider-change-info">
-				<p><strong><?php _e( 'From:', 'wpvdb' ); ?></strong> <?php echo esc_html( ucfirst( $active_provider ) . ' (' . $active_model . ')' ); ?></p>
-				<p><strong><?php _e( 'To:', 'wpvdb' ); ?></strong> <?php echo esc_html( ucfirst( $pending_provider ) . ' (' . $pending_model . ')' ); ?></p>
-			</div>
-			<div class="wpvdb-action-buttons">
-				<!-- CRITICAL FIX: Use direct form submission instead of JavaScript -->
-				<form method="post" action="<?php echo esc_url( admin_url( 'admin-post.php' ) ); ?>" style="display:inline-block;">
-					<input type="hidden" name="action" value="wpvdb_apply_provider_change">
-					<?php wp_nonce_field( 'wpvdb-admin' ); ?>
-					<input type="submit" id="wpvdb-apply-provider-change-direct-tool" class="button button-primary" value="<?php esc_attr_e( 'Apply Change', 'wpvdb' ); ?>" onclick="return confirm('<?php echo esc_js( __( 'This will activate the new provider and start a background re-embed job for posts on the old model. Existing rows for the old model stay in place until each post is re-processed. Continue?', 'wpvdb' ) ); ?>');">
-				</form>
-				<form method="post" action="<?php echo esc_url( admin_url( 'admin-post.php' ) ); ?>" style="display:inline-block; margin-left:10px;">
-					<input type="hidden" name="action" value="wpvdb_cancel_provider_change">
-					<?php wp_nonce_field( 'wpvdb-admin' ); ?>
-					<input type="submit" id="wpvdb-cancel-provider-change-direct-tool" class="button" value="<?php esc_attr_e( 'Cancel Change', 'wpvdb' ); ?>" onclick="return confirm('Are you sure you want to cancel the pending provider change?');">
-				</form>
-
-				<!-- Keep the original buttons as backup -->
-				<button id="wpvdb-apply-provider-change-tool" class="button button-primary" style="display:none;">
-					<?php _e( 'Apply Change', 'wpvdb' ); ?>
-				</button>
-				<button id="wpvdb-cancel-provider-change-tool" class="button" style="display:none;">
-					<?php _e( 'Cancel Change', 'wpvdb' ); ?>
-				</button>
-			</div>
-			<p class="description">
-				<?php _e( 'Applying the change activates the new provider and queues a background re-embed for posts on the old model.', 'wpvdb' ); ?>
-			</p>
-		</div>
-		<?php endif; ?>
+				<div class="wpvdb-card wpvdb-pending-change-card">
+					<h3><?php _e( 'Pending Provider Change', 'wpvdb' ); ?></h3>
+					<p><?php _e( 'There is a pending change to your embedding provider configuration.', 'wpvdb' ); ?></p>
+					<div class="wpvdb-provider-change-info">
+						<p><strong><?php _e( 'From:', 'wpvdb' ); ?></strong> <?php echo esc_html( ucfirst( $active_provider ) . ' (' . $active_model . ')' ); ?></p>
+						<p><strong><?php _e( 'To:', 'wpvdb' ); ?></strong> <?php echo esc_html( ucfirst( $pending_provider ) . ' (' . $pending_model . ')' ); ?></p>
+					</div>
+					<div class="wpvdb-action-buttons">
+						<!-- CRITICAL FIX: Use direct form submission instead of JavaScript -->
+						<form method="post" action="<?php echo esc_url( admin_url( 'admin-post.php' ) ); ?>" style="display:inline-block;">
+							<input type="hidden" name="action" value="wpvdb_apply_provider_change">
+							<?php wp_nonce_field( 'wpvdb-admin' ); ?>
+							<input type="submit" id="wpvdb-apply-provider-change-direct-tool" class="button button-primary" value="<?php esc_attr_e( 'Apply Change', 'wpvdb' ); ?>" onclick="return confirm('<?php echo esc_js( __( 'This will activate the new provider and start a background re-embed job for posts on the old model. Existing rows for the old model stay in place until each post is re-processed. Continue?', 'wpvdb' ) ); ?>');">
+						</form>
+						<form method="post" action="<?php echo esc_url( admin_url( 'admin-post.php' ) ); ?>" style="display:inline-block; margin-left:10px;">
+							<input type="hidden" name="action" value="wpvdb_cancel_provider_change">
+							<?php wp_nonce_field( 'wpvdb-admin' ); ?>
+							<input type="submit" id="wpvdb-cancel-provider-change-direct-tool" class="button" value="<?php esc_attr_e( 'Cancel Change', 'wpvdb' ); ?>" onclick="return confirm('<?php echo esc_js( __( 'Are you sure you want to cancel the pending provider change?', 'wpvdb' ) ); ?>');">
+						</form>
+
+						<!-- Keep the original buttons as backup -->
+						<button id="wpvdb-apply-provider-change-tool" class="button button-primary" style="display:none;">
+							<?php _e( 'Apply Change', 'wpvdb' ); ?>
+						</button>
+						<button id="wpvdb-cancel-provider-change-tool" class="button" style="display:none;">
+							<?php _e( 'Cancel Change', 'wpvdb' ); ?>
+						</button>
+					</div>
+					<p class="description">
+						<?php _e( 'Applying the change activates the new provider and queues a background re-embed for posts on the old model.', 'wpvdb' ); ?>
+					</p>
+				</div>
+			<?php endif; ?>
 
-		<div class="wpvdb-card">
-			<h3><?php _e( 'Run Diagnostics', 'wpvdb' ); ?></h3>
-			<p><?php _e( 'Run database diagnostics to check vector capabilities.', 'wpvdb' ); ?></p>
-			<p>
-				<a href="
+			<div class="wpvdb-card">
+				<h3><?php _e( 'Run Diagnostics', 'wpvdb' ); ?></h3>
+				<p><?php _e( 'Run database diagnostics to check vector capabilities.', 'wpvdb' ); ?></p>
 				<?php
-				echo esc_url(
+				$diagnostics_url = wp_nonce_url(
 					add_query_arg(
 						array(
 							'diagnostics' => 'run',
 							'section'     => 'tools',
 						),
 						admin_url( 'admin.php?page=wpvdb-status' )
-					)
+					),
+					'wpvdb_run_diagnostics'
 				);
 				?>
-							" class="button">
-					<?php _e( 'Run Diagnostics', 'wpvdb' ); ?>
-				</a>
-			</p>
-
-			<?php
-			// Display diagnostic results if available.
-			if ( isset( $_GET['diagnostics'] ) && 'run' === $_GET['diagnostics'] ) {
-				$diagnostics = $database->run_diagnostics();
-				?>
-				<div class="wpvdb-diagnostics-results <?php echo isset( $diagnostics['error'] ) ? 'has-error' : ''; ?>">
-					<h4><?php esc_html_e( 'Diagnostic Results', 'wpvdb' ); ?></h4>
-
-					<?php if ( ! empty( $diagnostics['note'] ) ) : ?>
-						<p class="description"><?php echo esc_html( $diagnostics['note'] ); ?></p>
-					<?php endif; ?>
+				<p>
+					<a href="<?php echo esc_url( $diagnostics_url ); ?>" class="button">
+						<?php _e( 'Run Diagnostics', 'wpvdb' ); ?>
+					</a>
+				</p>
 
-					<ul>
-						<li><strong><?php esc_html_e( 'Database Type:', 'wpvdb' ); ?></strong> <?php echo esc_html( ucfirst( $diagnostics['db_type'] ) ); ?></li>
-						<li><strong><?php esc_html_e( 'Database Version:', 'wpvdb' ); ?></strong> <?php echo esc_html( isset( $diagnostics['db_version'] ) ? $diagnostics['db_version'] : '' ); ?></li>
-						<li><strong><?php esc_html_e( 'Vector Support:', 'wpvdb' ); ?></strong>
-							<?php if ( $diagnostics['has_vector_support'] ) : ?>
-								<span style="color:green;">✓</span>
-							<?php else : ?>
-								<span style="color:red;">✗</span>
-							<?php endif; ?>
-						</li>
-						<li><strong><?php esc_html_e( 'Fallbacks Enabled:', 'wpvdb' ); ?></strong>
-							<?php if ( $diagnostics['fallbacks_enabled'] ) : ?>
-								<span style="color:orange;">✓</span>
-							<?php else : ?>
-								<span style="color:gray;">✗</span>
-							<?php endif; ?>
-						</li>
+				<?php
+				// Display diagnostic results if available.
+				$diagnostics_action = isset( $_GET['diagnostics'] ) && is_scalar( $_GET['diagnostics'] ) ? sanitize_key( wp_unslash( $_GET['diagnostics'] ) ) : ''; // phpcs:ignore WordPress.Security.NonceVerification.Recommended
+				$diagnostics_nonce  = isset( $_GET['_wpnonce'] ) && is_scalar( $_GET['_wpnonce'] ) ? sanitize_key( wp_unslash( $_GET['_wpnonce'] ) ) : ''; // phpcs:ignore WordPress.Security.NonceVerification.Recommended
+				$run_diagnostics    = 'run' === $diagnostics_action && wp_verify_nonce( $diagnostics_nonce, 'wpvdb_run_diagnostics' );
+				if ( $run_diagnostics ) {
+					$diagnostics = $database->run_diagnostics();
+					?>
+					<div class="wpvdb-diagnostics-results <?php echo isset( $diagnostics['error'] ) ? 'has-error' : ''; ?>">
+						<h4><?php esc_html_e( 'Diagnostic Results', 'wpvdb' ); ?></h4>
 
-						<?php if ( $diagnostics['has_vector_support'] && isset( $diagnostics['create_table'] ) ) : ?>
-							<li><strong><?php esc_html_e( 'Create Vector Table:', 'wpvdb' ); ?></strong>
-								<?php if ( $diagnostics['create_table'] ) : ?>
-									<span style="color:green;">✓</span>
-								<?php else : ?>
-									<span style="color:red;">✗</span>
-								<?php endif; ?>
-							</li>
+						<?php if ( ! empty( $diagnostics['note'] ) ) : ?>
+							<p class="description"><?php echo esc_html( $diagnostics['note'] ); ?></p>
 						<?php endif; ?>
 
-						<?php if ( isset( $diagnostics['insert_data'] ) ) : ?>
-							<li><strong><?php esc_html_e( 'Insert Vector Data:', 'wpvdb' ); ?></strong>
-								<?php if ( $diagnostics['insert_data'] ) : ?>
+						<ul>
+							<li><strong><?php esc_html_e( 'Database Type:', 'wpvdb' ); ?></strong> <?php echo esc_html( ucfirst( $diagnostics['db_type'] ) ); ?></li>
+							<li><strong><?php esc_html_e( 'Database Version:', 'wpvdb' ); ?></strong> <?php echo esc_html( isset( $diagnostics['db_version'] ) ? $diagnostics['db_version'] : '' ); ?></li>
+							<li><strong><?php esc_html_e( 'Vector Support:', 'wpvdb' ); ?></strong>
+								<?php if ( $diagnostics['has_vector_support'] ) : ?>
 									<span style="color:green;">✓</span>
 								<?php else : ?>
 									<span style="color:red;">✗</span>
 								<?php endif; ?>
 							</li>
-						<?php endif; ?>
-
-						<?php if ( isset( $diagnostics['cosine_distance'] ) ) : ?>
-							<li><strong><?php esc_html_e( 'Cosine Distance:', 'wpvdb' ); ?></strong>
-								<?php if ( $diagnostics['cosine_distance'] ) : ?>
-									<span style="color:green;">✓</span>
+							<li><strong><?php esc_html_e( 'Fallbacks Enabled:', 'wpvdb' ); ?></strong>
+								<?php if ( $diagnostics['fallbacks_enabled'] ) : ?>
+									<span style="color:orange;">✓</span>
 								<?php else : ?>
-									<span style="color:red;">✗</span>
+									<span style="color:gray;">✗</span>
 								<?php endif; ?>
 							</li>
-						<?php endif; ?>
 
-						<?php if ( isset( $diagnostics['vector_index'] ) ) : ?>
-							<li><strong><?php esc_html_e( 'Vector Index:', 'wpvdb' ); ?></strong>
-								<?php if ( true === $diagnostics['vector_index'] ) : ?>
-									<span style="color:green;">✓</span>
-								<?php elseif ( is_string( $diagnostics['vector_index'] ) ) : ?>
-									<?php echo esc_html( $diagnostics['vector_index'] ); ?>
-								<?php else : ?>
-									<span style="color:red;">✗</span>
-								<?php endif; ?>
-							</li>
-						<?php endif; ?>
+							<?php if ( $diagnostics['has_vector_support'] && isset( $diagnostics['create_table'] ) ) : ?>
+								<li><strong><?php esc_html_e( 'Create Vector Table:', 'wpvdb' ); ?></strong>
+									<?php if ( $diagnostics['create_table'] ) : ?>
+										<span style="color:green;">✓</span>
+									<?php else : ?>
+										<span style="color:red;">✗</span>
+									<?php endif; ?>
+								</li>
+							<?php endif; ?>
 
-						<?php if ( isset( $diagnostics['error'] ) ) : ?>
-							<li><strong><?php esc_html_e( 'Error:', 'wpvdb' ); ?></strong> <span style="color:red;"><?php echo esc_html( $diagnostics['error'] ); ?></span></li>
-						<?php endif; ?>
-					</ul>
-				</div>
-				<?php
-			}
-			?>
-		</div>
+							<?php if ( isset( $diagnostics['insert_data'] ) ) : ?>
+								<li><strong><?php esc_html_e( 'Insert Vector Data:', 'wpvdb' ); ?></strong>
+									<?php if ( $diagnostics['insert_data'] ) : ?>
+										<span style="color:green;">✓</span>
+									<?php else : ?>
+										<span style="color:red;">✗</span>
+									<?php endif; ?>
+								</li>
+							<?php endif; ?>
+
+							<?php if ( isset( $diagnostics['cosine_distance'] ) ) : ?>
+								<li><strong><?php esc_html_e( 'Cosine Distance:', 'wpvdb' ); ?></strong>
+									<?php if ( $diagnostics['cosine_distance'] ) : ?>
+										<span style="color:green;">✓</span>
+									<?php else : ?>
+										<span style="color:red;">✗</span>
+									<?php endif; ?>
+								</li>
+							<?php endif; ?>
+
+							<?php if ( isset( $diagnostics['vector_index'] ) ) : ?>
+								<li><strong><?php esc_html_e( 'Vector Index:', 'wpvdb' ); ?></strong>
+									<?php if ( true === $diagnostics['vector_index'] ) : ?>
+										<span style="color:green;">✓</span>
+									<?php elseif ( is_string( $diagnostics['vector_index'] ) ) : ?>
+										<?php echo esc_html( $diagnostics['vector_index'] ); ?>
+									<?php else : ?>
+										<span style="color:red;">✗</span>
+									<?php endif; ?>
+								</li>
+							<?php endif; ?>
+
+							<?php if ( isset( $diagnostics['error'] ) ) : ?>
+								<li><strong><?php esc_html_e( 'Error:', 'wpvdb' ); ?></strong> <span style="color:red;"><?php echo esc_html( $diagnostics['error'] ); ?></span></li>
+							<?php endif; ?>
+						</ul>
+					</div>
+					<?php
+				}
+				?>
+			</div>
 		<?php endif; ?>
 
 		<?php if ( apply_filters( 'wpvdb_render_test_embedding_ui', true ) ) : ?>
@@ -686,8 +696,7 @@
 								<?php
 								$providers = \WPVDB\Providers::get_available_providers();
 								foreach ( $providers as $provider_id => $provider_data ) {
-									$selected = ( $provider_id === $active_provider ) ? 'selected' : '';
-									echo '<option value="' . esc_attr( $provider_id ) . '" ' . $selected . '>' . esc_html( $provider_data['label'] ) . '</option>';
+									echo '<option value="' . esc_attr( $provider_id ) . '" ' . selected( $provider_id, $active_provider, false ) . '>' . esc_html( $provider_data['label'] ) . '</option>';
 								}
 								?>
 							</select>
@@ -702,8 +711,7 @@
 								foreach ( $models as $provider_id => $provider_models ) {
 									echo '<optgroup label="' . esc_attr( ucfirst( $provider_id ) ) . '">';
 									foreach ( $provider_models as $model_id => $model_data ) {
-										$selected = ( $model_id === $active_model ) ? 'selected' : '';
-										echo '<option value="' . esc_attr( $model_id ) . '" ' . $selected . ' data-provider="' . esc_attr( $provider_id ) . '">'
+										echo '<option value="' . esc_attr( $model_id ) . '" ' . selected( $model_id, $active_model, false ) . ' data-provider="' . esc_attr( $provider_id ) . '">'
 											. esc_html( $model_data['label'] ) . '</option>';
 									}
 									echo '</optgroup>';
@@ -791,14 +799,53 @@
 </div>
 </div><!-- .wrap -->
 
-<?php if ( $has_pending_change || apply_filters( 'wpvdb_render_test_embedding_ui', true ) ) : ?>
-<script type="text/javascript">
-jQuery(document).ready(function($) {
-	console.log('WPVDB CRITICAL FIX: Direct inline JavaScript loaded');
+		<?php if ( $has_pending_change || apply_filters( 'wpvdb_render_test_embedding_ui', true ) ) : ?>
+	<script type="text/javascript">
+	jQuery(document).ready(function($) {
+		console.log('WPVDB CRITICAL FIX: Direct inline JavaScript loaded');
+
+		// Check if the test embedding modal is already working
+		var testEmbeddingHandled = false;
+		var testButtonClicked = false;
+
+	function normalizeDisplayValue(value) {
+		return null === value || 'undefined' === typeof value ? '' : String(value);
+	}
+
+	function renderStatusNotice(type, message) {
+		var $notice = $('<div>').addClass('notice notice-' + type);
+		$('<p>').text(message).appendTo($notice);
+		$('.wpvdb-status-message').empty().append($notice);
+	}
+
+	function appendEmbeddingDetail($details, label, value, suffix) {
+		var $row = $('<p>');
+		$('<strong>').text(label + ': ').appendTo($row);
+		$row.append(document.createTextNode(normalizeDisplayValue(value) + (suffix || '')));
+		$details.append($row);
+	}
+
+	function renderEmbeddingDetails(data) {
+		var $details = $('<div>').addClass('wpvdb-embedding-details');
+
+		appendEmbeddingDetail($details, '<?php echo esc_js( __( 'Provider', 'wpvdb' ) ); ?>', data.provider);
+		appendEmbeddingDetail($details, '<?php echo esc_js( __( 'Model', 'wpvdb' ) ); ?>', data.model);
+		appendEmbeddingDetail($details, '<?php echo esc_js( __( 'Dimensions', 'wpvdb' ) ); ?>', data.dimensions);
+		appendEmbeddingDetail($details, '<?php echo esc_js( __( 'Time', 'wpvdb' ) ); ?>', data.time, '<?php echo esc_js( __( ' seconds', 'wpvdb' ) ); ?>');
+
+		if (data.embedding && data.embedding.length > 0) {
+			var sampleSize = Math.min(10, data.embedding.length);
+			var sample = data.embedding.slice(0, sampleSize);
+			var $sampleLabel = $('<p>');
+			<?php /* translators: %s: Placeholder replaced in JavaScript with the number of embedding sample values shown. */ ?>
+			var sampleLabelTemplate = '<?php echo esc_js( sprintf( __( 'Sample (first %s values):', 'wpvdb' ), '__COUNT__' ) ); ?>';
+			$('<strong>').text(sampleLabelTemplate.replace('__COUNT__', sampleSize)).appendTo($sampleLabel);
+			$details.append($sampleLabel);
+			$('<pre>').text(JSON.stringify(sample) + '...').appendTo($details);
+		}
 
-	// Check if the test embedding modal is already working
-	var testEmbeddingHandled = false;
-	var testButtonClicked = false;
+		$('.wpvdb-embedding-info').empty().append($details);
+	}
 
 	// CRITICAL FIX: Create a test function to check if event handlers already exist
 	function checkIfHandlersExist() {
@@ -856,7 +903,7 @@ function attachCriticalFixHandlers() {
 				e.stopPropagation(); // Prevent multiple handlers
 				console.log('WPVDB CRITICAL: Apply provider change button clicked directly');
 
-				if (!confirm('This will activate the new provider and start a background re-embed job for posts on the old model. Existing rows for the old model stay in place until each post is re-processed. Continue?')) {
+				if (!confirm('<?php echo esc_js( __( 'This will activate the new provider and start a background re-embed job for posts on the old model. Existing rows for the old model stay in place until each post is re-processed. Continue?', 'wpvdb' ) ); ?>')) {
 					return;
 				}
 
@@ -869,22 +916,22 @@ function attachCriticalFixHandlers() {
 					type: 'POST',
 					data: {
 						action: 'wpvdb_confirm_provider_change',
-						nonce: '<?php echo wp_create_nonce( 'wpvdb-admin' ); ?>',
+						nonce: '<?php echo esc_js( wp_create_nonce( 'wpvdb-admin' ) ); ?>',
 						cancel: false
 					},
 					success: function(response) {
 						console.log('WPVDB CRITICAL: Provider change response received', response);
 						if (response.success) {
-							alert('Provider change successful. Page will reload.');
+							alert('<?php echo esc_js( __( 'Provider change successful. Page will reload.', 'wpvdb' ) ); ?>');
 							window.location.reload();
 						} else {
-							alert(response.data && response.data.message ? response.data.message : 'Error applying provider change');
+							alert(response.data && response.data.message ? response.data.message : '<?php echo esc_js( __( 'Error applying provider change', 'wpvdb' ) ); ?>');
 							$('.button').removeClass('updating-message').prop('disabled', false);
 						}
 					},
 					error: function(xhr, status, error) {
 						console.error('WPVDB CRITICAL: AJAX error:', xhr.responseText);
-						alert('Error applying provider change: ' + error);
+						alert('<?php echo esc_js( __( 'Error applying provider change: ', 'wpvdb' ) ); ?>' + error);
 						$('.button').removeClass('updating-message').prop('disabled', false);
 					}
 				});
@@ -895,7 +942,7 @@ function attachCriticalFixHandlers() {
 				e.stopPropagation(); // Prevent multiple handlers
 				console.log('WPVDB CRITICAL: Cancel provider change button clicked directly');
 
-				if (!confirm('Are you sure you want to cancel the pending provider change?')) {
+				if (!confirm('<?php echo esc_js( __( 'Are you sure you want to cancel the pending provider change?', 'wpvdb' ) ); ?>')) {
 					return;
 				}
 
@@ -908,22 +955,22 @@ function attachCriticalFixHandlers() {
 					type: 'POST',
 					data: {
 						action: 'wpvdb_confirm_provider_change',
-						nonce: '<?php echo wp_create_nonce( 'wpvdb-admin' ); ?>',
+						nonce: '<?php echo esc_js( wp_create_nonce( 'wpvdb-admin' ) ); ?>',
 						cancel: true
 					},
 					success: function(response) {
 						console.log('WPVDB CRITICAL: Provider change cancel response received', response);
 						if (response.success) {
-							alert('Provider change cancelled. Page will reload.');
+							alert('<?php echo esc_js( __( 'Provider change cancelled. Page will reload.', 'wpvdb' ) ); ?>');
 							window.location.reload();
 						} else {
-							alert(response.data && response.data.message ? response.data.message : 'Error cancelling provider change');
+							alert(response.data && response.data.message ? response.data.message : '<?php echo esc_js( __( 'Error cancelling provider change', 'wpvdb' ) ); ?>');
 							$('.button').removeClass('updating-message').prop('disabled', false);
 						}
 					},
 					error: function(xhr, status, error) {
 						console.error('WPVDB CRITICAL: AJAX error:', xhr.responseText);
-						alert('Error cancelling provider change: ' + error);
+						alert('<?php echo esc_js( __( 'Error cancelling provider change: ', 'wpvdb' ) ); ?>' + error);
 						$('.button').removeClass('updating-message').prop('disabled', false);
 					}
 				});
@@ -962,12 +1009,12 @@ function attachCriticalFixHandlers() {
 			var text = $('#wpvdb-test-text').val();
 
 			if (!text.trim()) {
-				alert('Please enter some text to embed.');
+				alert('<?php echo esc_js( __( 'Please enter some text to embed.', 'wpvdb' ) ); ?>');
 				return;
 			}
 
 			// Show loading state
-			$('.wpvdb-status-message').html('<div class="notice notice-info"><p>Generating embedding...</p></div>');
+			renderStatusNotice('info', '<?php echo esc_js( __( 'Generating embedding...', 'wpvdb' ) ); ?>');
 			$('#wpvdb-test-embedding-results').show();
 
 			// Make AJAX request directly
@@ -976,7 +1023,7 @@ function attachCriticalFixHandlers() {
 				type: 'POST',
 				data: {
 					action: 'wpvdb_test_embedding',
-					nonce: '<?php echo wp_create_nonce( 'wpvdb-admin' ); ?>',
+					nonce: '<?php echo esc_js( wp_create_nonce( 'wpvdb-admin' ) ); ?>',
 					provider: provider,
 					model: model,
 					text: text
@@ -984,32 +1031,15 @@ function attachCriticalFixHandlers() {
 				success: function(response) {
 					console.log('WPVDB CRITICAL: Test embedding response received', response);
 					if (response.success) {
-						$('.wpvdb-status-message').html('<div class="notice notice-success"><p>Embedding generated successfully!</p></div>');
-
-						// Display embedding info
-						var html = '<div class="wpvdb-embedding-details">';
-						html += '<p><strong>Provider:</strong> ' + response.data.provider + '</p>';
-						html += '<p><strong>Model:</strong> ' + response.data.model + '</p>';
-						html += '<p><strong>Dimensions:</strong> ' + response.data.dimensions + '</p>';
-						html += '<p><strong>Time:</strong> ' + response.data.time + ' seconds</p>';
-
-						// Show a sample of the embedding vector
-						if (response.data.embedding && response.data.embedding.length > 0) {
-							var sampleSize = Math.min(10, response.data.embedding.length);
-							var sample = response.data.embedding.slice(0, sampleSize);
-							html += '<p><strong>Sample (first ' + sampleSize + ' values):</strong></p>';
-							html += '<pre>' + JSON.stringify(sample) + '...</pre>';
-						}
-
-						html += '</div>';
-						$('.wpvdb-embedding-info').html(html);
+						renderStatusNotice('success', '<?php echo esc_js( __( 'Embedding generated successfully!', 'wpvdb' ) ); ?>');
+						renderEmbeddingDetails(response.data);
 					} else {
-						$('.wpvdb-status-message').html('<div class="notice notice-error"><p>Error: ' + (response.data ? response.data.message : 'Unknown error') + '</p></div>');
+						renderStatusNotice('error', '<?php echo esc_js( __( 'Error: ', 'wpvdb' ) ); ?>' + (response.data ? response.data.message : '<?php echo esc_js( __( 'Unknown error', 'wpvdb' ) ); ?>'));
 					}
 				},
 				error: function(xhr, status, error) {
 					console.error('WPVDB CRITICAL: AJAX error:', xhr.responseText);
-					$('.wpvdb-status-message').html('<div class="notice notice-error"><p>Error connecting to the server: ' + error + '</p></div>');
+					renderStatusNotice('error', '<?php echo esc_js( __( 'Error connecting to the server: ', 'wpvdb' ) ); ?>' + error);
 				}
 			});
 		});
diff --git a/includes/class-wpvdb-admin.php b/includes/class-wpvdb-admin.php
index 8976c35..1550388 100644
--- a/includes/class-wpvdb-admin.php
+++ b/includes/class-wpvdb-admin.php
@@ -1860,7 +1860,7 @@ public function ajax_test_embedding() {
 	 */
 	public function ajax_get_embedding_content() {
 		// Check nonce.
-		if ( ! check_ajax_referer( 'wpvdb_ajax_nonce', 'nonce', false ) ) {
+		if ( ! check_ajax_referer( 'wpvdb-admin', 'nonce', false ) ) {
 			wp_send_json_error( array( 'message' => __( 'Security check failed', 'wpvdb' ) ) );
 		}