security: add |esc_url to all template URLs, register escape Twig filters (v1.1.3)

5th OWASP Top-10 pass: added |esc_url filter to all unescaped URL outputs across 8 Twig template partials (headers, footers, search, comments). Registered esc_html, esc_attr, esc_url as Twig filters with is_safe option. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-07 10:34:41 +01:00
parent 02689f687f
commit 6c8526d2a5
10 changed files with 33 additions and 24 deletions
--- a/style.css
+++ b/style.css
@@ -7,7 +7,7 @@ Description: A modern WordPress Block Theme built from scratch with Bootstrap 5.
 Requires at least: 6.7
 Tested up to: 6.7
 Requires PHP: 8.3
-Version: 1.1.2
+Version: 1.1.3
 License: GNU General Public License v2 or later
 License URI: http://www.gnu.org/licenses/gpl-2.0.html
 Text Domain: wp-bootstrap