From 3b1d66b39013082a61e6fb821bd03a84dfc4426e Mon Sep 17 00:00:00 2001
From: sagarb <sagarb@bsf.io>
Date: Mon, 12 Oct 2020 20:00:42 +0530
Subject: [PATCH 1/2] Fix: escaping name and url.

---
 class-json-ld-breadcrumbs.php | 8 ++++----
 json-ld-breadcrumbs.php       | 4 ++--
 readme.txt                    | 3 +++
 3 files changed, 9 insertions(+), 6 deletions(-)

diff --git a/class-json-ld-breadcrumbs.php b/class-json-ld-breadcrumbs.php
index f758b12..30e62ed 100644
--- a/class-json-ld-breadcrumbs.php
+++ b/class-json-ld-breadcrumbs.php
@@ -128,8 +128,8 @@ private function add_crumb( $name, $url = '', $image = '' ) {
 					'@type'    => 'ListItem',
 					'position' => $this->crumb_position,
 					'item'     => array(
-						'@id'  => $url,
-						'name' => $name,
+						'@id'  => esc_url( $url ),
+						'name' => esc_html( $name ),
 					),
 				);
 			} else {
@@ -137,8 +137,8 @@ private function add_crumb( $name, $url = '', $image = '' ) {
 					'@type'    => 'ListItem',
 					'position' => $this->crumb_position,
 					'item'     => array(
-						'@id'   => $url,
-						'name'  => $name,
+						'@id'   => esc_url( $url ),
+						'name'  => esc_html( $name ),
 						'image' => $image,
 					),
 				);
diff --git a/json-ld-breadcrumbs.php b/json-ld-breadcrumbs.php
index 3155711..741d24b 100644
--- a/json-ld-breadcrumbs.php
+++ b/json-ld-breadcrumbs.php
@@ -7,7 +7,7 @@
  * Author URI:      https://www.nikhilchavan.com/
  * Text Domain:     json-ld-breadcrumbs
  * Domain Path:     /languages
- * Version:         1.0.0
+ * Version:         1.0.2
  *
  * @package         Invisible_Breadcrumbs
  */
@@ -15,7 +15,7 @@
 // Exit if the file is called directy by URL.
 defined( 'ABSPATH' ) || exit;
 
-define( 'JSON_LD_BREADCRUMBS_VER', '1.0.0' );
+define( 'JSON_LD_BREADCRUMBS_VER', '1.0.2' );
 define( 'JSON_LD_BREADCRUMBS_DIR', plugin_dir_path( __FILE__ ) );
 define( 'JSON_LD_BREADCRUMBS_URL', plugins_url( '/', __FILE__ ) );
 define( 'JSON_LD_BREADCRUMBS_PATH', plugin_basename( __FILE__ ) );
diff --git a/readme.txt b/readme.txt
index 8bcff6f..49af80e 100644
--- a/readme.txt
+++ b/readme.txt
@@ -23,6 +23,9 @@ Credits - [SEO Yoast](https://github.com/Yoast/wordpress-seo/blob/trunk/frontend
 
 == Changelog ==
 
+= 1.0.2 =
+* Fix: Hardened the security.
+
 = 1.0.1 =
 * Improvement - Updated code with the latest WordPress PHP_CodeSniffer rules.
 * Improvement - Compatibility with WordPress 5.5.

From b9413ecd2343f2a25ccb404aba14d7b4462a49b5 Mon Sep 17 00:00:00 2001
From: sagarb <sagarb@bsf.io>
Date: Mon, 12 Oct 2020 20:03:02 +0530
Subject: [PATCH 2/2] Fix: escaping name and url.

---
 readme.txt | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/readme.txt b/readme.txt
index 49af80e..0683503 100644
--- a/readme.txt
+++ b/readme.txt
@@ -4,7 +4,7 @@ Donate link: https://www.paypal.me/BrainstormForce
 Tags: schema, json-ld, breadcrumb, google, schema.org, structured data, seo, microdata
 Requires at least: 4.4
 Tested up to: 5.5
-Stable tag: 1.0.1
+Stable tag: 1.0.2
 License: GPLv2 or later
 License URI: http://www.gnu.org/licenses/gpl-2.0.html