diff --git a/includes/Services/TicketService.php b/includes/Services/TicketService.php
index 2d1578f..2ed7135 100644
--- a/includes/Services/TicketService.php
+++ b/includes/Services/TicketService.php
@@ -21,6 +21,7 @@ public function create( int $requester_id, array $data ): object {
         $reference = Ticket::generate_reference();
         $now = current_time( 'mysql' );
         $priority = $data['priority'] ?? \Escalated\Models\Setting::get( 'default_priority', 'medium' );
+        $valid_priorities = array_keys( \Escalated\Helpers\Enums::ticket_priorities() );
 
         $ticket_data = [
             'reference'    => $reference,
@@ -28,7 +29,7 @@ public function create( int $requester_id, array $data ): object {
             'subject'      => sanitize_text_field( $data['subject'] ),
             'description'  => wp_kses_post( $data['description'] ),
             'status'       => 'open',
-            'priority'     => sanitize_text_field( $priority ),
+            'priority'     => in_array( $priority, $valid_priorities, true ) ? $priority : 'medium',
             'ticket_type'  => in_array( $data['ticket_type'] ?? '', ['question', 'problem', 'incident', 'task'], true ) ? $data['ticket_type'] : 'question',
             'channel'      => sanitize_text_field( $data['channel'] ?? 'web' ),
             'department_id'=> ! empty( $data['department_id'] ) ? absint( $data['department_id'] ) : null,
@@ -65,6 +66,7 @@ public function create_guest( array $data ): object {
         $reference = Ticket::generate_reference();
         $now = current_time( 'mysql' );
         $priority = $data['priority'] ?? \Escalated\Models\Setting::get( 'default_priority', 'medium' );
+        $valid_priorities = array_keys( \Escalated\Helpers\Enums::ticket_priorities() );
 
         $ticket_data = [
             'reference'    => $reference,
@@ -72,7 +74,7 @@ public function create_guest( array $data ): object {
             'subject'      => sanitize_text_field( $data['subject'] ),
             'description'  => wp_kses_post( $data['description'] ),
             'status'       => 'open',
-            'priority'     => sanitize_text_field( $priority ),
+            'priority'     => in_array( $priority, $valid_priorities, true ) ? $priority : 'medium',
             'ticket_type'  => in_array( $data['ticket_type'] ?? '', ['question', 'problem', 'incident', 'task'], true ) ? $data['ticket_type'] : 'question',
             'channel'      => sanitize_text_field( $data['channel'] ?? 'web' ),
             'department_id'=> ! empty( $data['department_id'] ) ? absint( $data['department_id'] ) : null,