Prep Plugin for release on WordPress.org (#23)

* Update translation text domain
* Escape everything that should be escaped.
* Add nonce checks where needed.
* Sanitize all inputs.
* Apply Code style changes across the codebase.
* Correct many deprecation notices.
* Optimize load order of many filters.
* Add Proper Build script
* Use emojii flags
* Fix i18n deprecation  notice for translating too early
* Put all scripts in footer and load async

views/checkout/fields/form.php

@@ -7,21 +7,21 @@
 ?>
 <?php if ($form->wrap_in_form_tag) : ?>
 
-	<form id="<?php echo esc_attr($form_slug); ?>" method="<?php echo esc_attr($form->method); ?>" <?php echo $form->get_html_attributes(); ?>>
+	<form id="<?php echo esc_attr($form_slug); ?>" method="<?php echo esc_attr($form->method); ?>" <?php echo $form->get_html_attributes(); // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped ?>>
 
 <?php else : ?>
 
-	<<?php echo $form->wrap_tag; ?> class="<?php echo esc_attr(trim($form->classes ? $form->classes . ' ' . $step->classes . ' wu-mt-2' : $step->classes . ' wu-mt-2')); ?>" <?php echo $form->get_html_attributes(); ?>>
+	<<?php echo $form->wrap_tag; ?> class="<?php echo esc_attr(trim($form->classes ? $form->classes . ' ' . $step->classes . ' wu-mt-2' : $step->classes . ' wu-mt-2')); ?>" <?php echo $form->get_html_attributes(); // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped ?>>
 
 <?php endif; ?>
 
 	<?php if ($form->title) : ?>
 
-	<h3 class="wu-checkout-section-title"><?php echo $form->title; ?></h3>
+	<h3 class="wu-checkout-section-title"><?php echo esc_html($form->title); ?></h3>
 
 	<?php endif; ?>
 
-	<?php echo $rendered_fields; ?>
+	<?php echo $rendered_fields; // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped ?>
 
 <?php if ($form->wrap_in_form_tag) : ?>
 
@@ -29,6 +29,6 @@
 
 <?php else : ?>
 
-	</<?php echo $form->wrap_tag; ?>>
+	</<?php echo $form->wrap_tag; // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped ?>>
 
 <?php endif; ?>