diff --git a/src/wp-includes/class-wp-xmlrpc-server.php b/src/wp-includes/class-wp-xmlrpc-server.php
index 6aa76207ba..6399491dfc 100644
--- a/src/wp-includes/class-wp-xmlrpc-server.php
+++ b/src/wp-includes/class-wp-xmlrpc-server.php
@@ -3244,7 +3244,7 @@ class wp_xmlrpc_server extends IXR_Server {
 			if ( $this->blog_options[$o_name]['readonly'] == true )
 				continue;
 
-			update_option( $this->blog_options[$o_name]['option'], $o_value );
+			update_option( $this->blog_options[$o_name]['option'], wp_unslash( $o_value ) );
 		}
 
 		//Now return the updated values
diff --git a/tests/phpunit/tests/xmlrpc/wp/setOptions.php b/tests/phpunit/tests/xmlrpc/wp/setOptions.php
new file mode 100644
index 0000000000..34232f7c33
--- /dev/null
+++ b/tests/phpunit/tests/xmlrpc/wp/setOptions.php
@@ -0,0 +1,24 @@
+<?php
+/**
+ * @group xmlrpc
+ */
+class Tests_XMLRPC_wp_setOptions extends WP_XMLRPC_UnitTestCase {
+
+	/**
+	 * @ticket 22936
+	 */
+	function test_set_option_no_escape_strings() {
+		$this->make_user_by_role( 'administrator' );
+		$string_with_quote = "Mary's Lamb Shop";
+		$escaped_string_with_quote = esc_html( $string_with_quote ); // title is passed through esc_html()
+
+		$result = $this->myxmlrpcserver->wp_setOptions( array( 1, 'administrator', 'administrator', array(
+			'blog_title' => $string_with_quote,
+			'users_can_register' => true,
+		) ) );
+
+		$this->assertInternalType( 'array', $result );
+		$this->assertEquals( $escaped_string_with_quote, $result['blog_title']['value'] );
+		$this->assertEquals( true, $result['users_can_register']['value'] );
+	}
+}