diff --git a/src/lib/unescape.js b/src/lib/unescape.js
index 213a0f70b..a8b13cee9 100644
--- a/src/lib/unescape.js
+++ b/src/lib/unescape.js
@@ -2,12 +2,12 @@ import assertString from './util/assertString';
 
 export default function unescape(str) {
   assertString(str);
-  return (str.replace(/&/g, '&')
-    .replace(/"/g, '"')
+  return (str.replace(/"/g, '"')
     .replace(/'/g, "'")
     .replace(/&lt;/g, '<')
     .replace(/&gt;/g, '>')
     .replace(/&#x2F;/g, '/')
     .replace(/&#x5C;/g, '\\')
-    .replace(/&#96;/g, '`'));
+    .replace(/&#96;/g, '`')
+    .replace(/&amp;/g, '&'));
 }
diff --git a/test/sanitizers.js b/test/sanitizers.js
index 00ec35ab9..ecb0e128f 100644
--- a/test/sanitizers.js
+++ b/test/sanitizers.js
@@ -184,6 +184,9 @@ describe('Sanitizers', () => {
 
         'Backtick: &#96;':
             'Backtick: `',
+
+        'Escaped string: &amp;lt;':
+            'Escaped string: &lt;',
       },
     });
   });