diff --git a/core/modules/system/src/Tests/Path/UrlAlterFunctionalTest.php b/core/modules/system/src/Tests/Path/UrlAlterFunctionalTest.php
index 7c3db86..f48ad76 100644
--- a/core/modules/system/src/Tests/Path/UrlAlterFunctionalTest.php
+++ b/core/modules/system/src/Tests/Path/UrlAlterFunctionalTest.php
@@ -27,7 +27,9 @@ function testUrlAlter() {
     // Ensure that the url_alias table exists after Drupal installation.
     $this->assertTrue(Database::getConnection()->schema()->tableExists('url_alias'), 'The url_alias table exists after Drupal installation.');
 
-    $account = $this->drupalCreateUser(array('administer url aliases'));
+    // User names can have quotes and plus signs so we should ensure that URL
+    // altering works with this.
+    $account = $this->drupalCreateUser(array('administer url aliases'), "a'foo+bar");
     $this->drupalLogin($account);
 
     $uid = $account->id();
diff --git a/core/modules/user/src/Plugin/Validation/Constraint/UserNameConstraintValidator.php b/core/modules/user/src/Plugin/Validation/Constraint/UserNameConstraintValidator.php
index c389191..e6bcc3e 100644
--- a/core/modules/user/src/Plugin/Validation/Constraint/UserNameConstraintValidator.php
+++ b/core/modules/user/src/Plugin/Validation/Constraint/UserNameConstraintValidator.php
@@ -29,7 +29,7 @@ public function validate($items, Constraint $constraint) {
     if (strpos($name, '  ') !== FALSE) {
       $this->context->addViolation($constraint->multipleSpacesMessage);
     }
-    if (preg_match('/[^\x{80}-\x{F7} a-z0-9@_.\'-]/i', $name)
+    if (preg_match('/[^\x{80}-\x{F7} a-z0-9@+_.\'-]/i', $name)
       || preg_match(
         '/[\x{80}-\x{A0}' .       // Non-printable ISO-8859-1 + NBSP
         '\x{AD}' .                // Soft-hyphen
diff --git a/core/modules/user/src/Tests/UserSearchTest.php b/core/modules/user/src/Tests/UserSearchTest.php
index 6a73770..49e2e89 100644
--- a/core/modules/user/src/Tests/UserSearchTest.php
+++ b/core/modules/user/src/Tests/UserSearchTest.php
@@ -21,8 +21,9 @@ class UserSearchTest extends WebTestBase {
 
   function testUserSearch() {
     // Verify that a user without 'administer users' permission cannot search
-    // for users by email address.
-    $user1 = $this->drupalCreateUser(array('access user profiles', 'search content'));
+    // for users by email address. Additionally, ensure that the username has a
+    // plus sign to ensure searching works with that.
+    $user1 = $this->drupalCreateUser(array('access user profiles', 'search content'), "foo+bar");
     $this->drupalLogin($user1);
     $keys = $user1->getEmail();
     $edit = array('keys' => $keys);
diff --git a/core/modules/user/tests/src/Kernel/UserValidationTest.php b/core/modules/user/tests/src/Kernel/UserValidationTest.php
index 251c810..b27b00f 100644
--- a/core/modules/user/tests/src/Kernel/UserValidationTest.php
+++ b/core/modules/user/tests/src/Kernel/UserValidationTest.php
@@ -48,6 +48,7 @@ function testUsernames() {
       'foo@example.com'        => array('Valid username', 'assertNull'),
       'foo@-example.com'       => array('Valid username', 'assertNull'), // invalid domains are allowed in usernames
       'þòøÇߪř€'               => array('Valid username', 'assertNull'),
+      'foo+bar'                => array('Valid username', 'assertNull'), // '+' symbol is allowed
       'ᚠᛇᚻ᛫ᛒᛦᚦ'                => array('Valid UTF8 username', 'assertNull'), // runes
       ' foo'                   => array('Invalid username that starts with a space', 'assertNotNull'),
       'foo '                   => array('Invalid username that ends with a space', 'assertNotNull'),