diff --git a/includes/class-frontend.php b/includes/class-frontend.php
index ec0da2ab..5b491ac4 100644
--- a/includes/class-frontend.php
+++ b/includes/class-frontend.php
@@ -759,7 +759,7 @@ public function ajax_star_friend_user() {
 			exit;
 		}
 
-		$friend_id = intval( $_POST['friend_id'] );
+		$friend_id = sanitize_text_field( wp_unslash( $_POST['friend_id'] ) );
 		check_ajax_referer( "star-$friend_id" );
 
 		$friend_user = User::get_by_username( $friend_id );