diff --git a/scripts/pi-hole/js/messages.js b/scripts/pi-hole/js/messages.js
index 15a415fd..7e9a7240 100644
--- a/scripts/pi-hole/js/messages.js
+++ b/scripts/pi-hole/js/messages.js
@@ -98,13 +98,10 @@ $(function () {
         className: "btn-sm datatable-bt deleteSelected",
         action: function () {
           // For each ".selected" row ...
-          var ids = [];
           $("tr.selected").each(function () {
-            // ... add the row identified by "data-id".
-            ids.push(parseInt($(this).attr("data-id"), 10));
+            // ... delete the row identified by "data-id".
+            delMsg($(this).attr("data-id"));
           });
-          // Delete all selected rows at once
-          delMsg(ids);
         },
       },
     ],
diff --git a/scripts/pi-hole/js/settings-dhcp.js b/scripts/pi-hole/js/settings-dhcp.js
index 56b10ab4..57ca6702 100644
--- a/scripts/pi-hole/js/settings-dhcp.js
+++ b/scripts/pi-hole/js/settings-dhcp.js
@@ -115,13 +115,10 @@ $(function () {
         className: "btn-sm datatable-bt deleteSelected",
         action: function () {
           // For each ".selected" row ...
-          var ids = [];
           $("tr.selected").each(function () {
-            // ... add the row identified by "data-id".
-            ids.push(parseInt($(this).attr("data-id"), 10));
+            // ... delete the row identified by "data-id".
+            delLease($(this).attr("data-id"));
           });
-          // Delete all selected rows at once
-          delLease(ids);
         },
       },
     ],
@@ -161,17 +158,7 @@ $(function () {
 
 function deleteLease() {
   // Passes the button data-del-id attribute as IP
-  var ips = [$(this).attr("data-del-ip")];
-
-  // Check input validity
-  if (!Array.isArray(ips)) return;
-
-  // Exploit prevention: Return early for non-numeric IDs
-  for (var ip in ips) {
-    if (Object.hasOwnProperty.call(ips, ip)) {
-      delLease(ips);
-    }
-  }
+  delLease($(this).attr("data-del-ip"));
 }
 
 function delLease(ip) {
@@ -179,7 +166,7 @@ function delLease(ip) {
   utils.showAlert("info", "", "Deleting lease...");
 
   $.ajax({
-    url: "/api/dhcp/leases/" + ip,
+    url: "/api/dhcp/leases/" + encodeURIComponent(ip),
     method: "DELETE",
   })
     .done(function (response) {
diff --git a/scripts/pi-hole/js/settings-dns-records.js b/scripts/pi-hole/js/settings-dns-records.js
index d664d8ee..28f61de0 100644
--- a/scripts/pi-hole/js/settings-dns-records.js
+++ b/scripts/pi-hole/js/settings-dns-records.js
@@ -141,19 +141,8 @@ $(function () {
 });
 
 function deleteRecord() {
-  // Get the tags
-  var tags = [$(this).attr("data-tag")];
-  var types = [$(this).attr("data-type")];
-  // Check input validity
-  if (!Array.isArray(tags)) return;
-
-  // Exploit prevention: Return early for non-numeric IDs
-  for (var tag in tags) {
-    if (Object.hasOwnProperty.call(tags, tag)) {
-      if (types[0] === "hosts") delHosts(tags);
-      else delCNAME(tags);
-    }
-  }
+  if ($(this).attr("data-type") === "hosts") delHosts($(this).attr("data-tag"));
+  else delCNAME($(this).attr("data-tag"));
 }
 
 function delHosts(elem) {