== Changelog == = 1.2.5 = * WordPress.org compliance: add `TOPPPA_Elementor_Kses` central sanitizer; all Elementor template/shortcode output uses `wp_kses()` at output time. * Fix escaping in scroll-to-top, mega menu titles, page title links, CF7/Woo/form shortcodes, theme builder admin labels, and CPT dashboard markup. * Rename unprefixed AJAX actions (`topppa_handle_live_editor`, `topppa_check_temp_validity`), option key (`topppa_interactive_animations`), and script/style handles (`topppa-bootstrap`, `topppa-swiper`, etc.). * Theme Builder SQL queries refactored to use `$wpdb->prepare()`; CPT refresh AJAX requires `edit_posts`. = 1.2.4 = * Security/escaping pass for WordPress.org review: every flagged output now goes through a context-appropriate escape function (`esc_url`, `esc_attr`, `esc_html`, `esc_html__`, `wp_kses` with explicit allowlists). * Theme Builder conditions UI: escape every interpolated attribute and label inside the rule-builder template; replace `echo $output;` with `wp_kses($output, ...)` using a dedicated allowlist; switch `__()` to `esc_html__()` for the "Select" placeholder. * Elementor link outputs in Button, Flip Box, Advanced Tab, Pricing Table, Icon Box, Item Box, and Team widgets no longer rely on `echo $this->get_render_attribute_string()`; URLs and link relations are now built and escaped explicitly with `esc_url()` / `esc_attr()`. * Testimonial widget: wrap every `rating_render()` output with `wp_kses()` allowing only `` with `class` / `aria-hidden`. * Product Cart Button widget: rewrite the variations `
` output so every attribute is escaped via `esc_attr()` / `absint()`; escape the `selected` attribute on variation options. * Trip widgets: rename `$discount_html` to `$discount_text` so the text value (`"X% Off"`) no longer triggers the "esc_html on HTML" heuristic. = 1.2.3 = * **API Settings** (third-party keys) are provided only with **Topper Pack Pro**; the free plugin exposes dashboard hooks so Pro can add the tab and submenu without duplicating the dashboard shell. * WordPress.org submission build: remove Freemius SDK, in-plugin upgrade loader, Ready Site import, settings import/export, and Template Library integration from this package; trim readme external-services disclosures accordingly. * Privacy/readme: document Google Fonts; document bundled readable + minified CSS/JS paths (no public GitHub requirement). * Ship expanded/unminified CSS and JS alongside minified production files for directory review. * Hardening: sanitize nonces and mega menu settings payload; remove global `log_errors` override in CPT add-tag handling; use `WP_PLUGIN_DIR` to resolve the Pro add-on path; small sanitization fixes in theme builder meta and shop sort query preservation. = 1.2.2 = * Security: validate setup wizard step parameter against a fixed allowlist to prevent local file inclusion (addresses CVE-2025-68841). * Security: verify AJAX nonce on dashboard widget/extension/extra settings saves (CSRF protection); require edit_posts for theme builder post search AJAX. * Security: mega menu live editor AJAX now requires edit_theme_options before creating Elementor library templates. * Now CPT Builder is fully Free = 1.2.1 = * Added New Style on Blog Widget * Fix the contact form 7 output issue * Modify the icon box width and add new control * Update PHP file * Update css file = 1.2.0 = * Added New Widgets * Trip Activities Accordion * Slider v3 widget * Hero Banner One * Vertical Marquee * Project V3 * Testimonial Four * Image Tab * Accordion Service * Added New Extensions * Dots Particle Animation * Hover Image Viewer * Modified Wodgets * Blog * Counter * Header Info * Icon Box * Advanced Tab * Image * Marquee * Service * Team * Hero slider * Timeline * Testimonial * Trip Activities Accordion * Trip Destination Tab * Trip Destination Taxonomy = 1.1.0 = * placeholder image issue fixed * contact form issue fixed * shop widget updated * slider v2 max width control added * heading widget issue fixed * header info icon min width added * list item box hover control added * contact form title typo issue fixed * team widget hover blur added * pricing icon hover bg added * blog icon button bg control added * destination version fixed * trip destination widget added * slider animation duration fixed * mega menu content align control fixed * team box height width issue fixed * slider allowed html fixed * new control breadcrumb added * slider max width control added = 1.0.9 = * Added New Addons * Added woocommerce mini cart addons for Header * Added texonomy addons * dot border control added for Swiper, * slide dot border scale control added * dot border animation added * Fix the Theme builder issue. * Update Pot File * Added New Timeline Design * Fixed the assets manager(only load active addons file when you enable assets manager) * improved site load speed * Improved shop addons = 1.0.8 = * Immediately Fix the PHP issue * Update topper-pack.php file = 1.0.7 = * Modified Cpt Builder Meta Widget control * Modified service V2 Widget control * Modified Slider Widget control * Modified Slider Css * Fixed PHP issue. * Update CSS File * Update POT file = 1.0.6 = * Fixed the Setup Wizard section * Optimized JS files * Optimized CSS files * Modified Video Button style control * Modified Slider Widget dot style * Added Trip Search Widget style control * Added Trip Activities Module Widget * Added Trip Activities Tab Widget * Added Trip Activities Taxonomy Widget * Added Trip Destination Module Widget * Added Trip Destination Tab Widget * Added Trip Destination Taxonomy Widget * Added Trip Types Module Widget * Added Trip Types Tab Widget * Added Trip Types Taxonomy Widget * Added Gallery Widget style control * Added Contact Form 7 Textarea Control * Fixed Item Box style issue * Fixed Icon Box style issue * Fixed Trade Icon Button responsive issue * Added Mega Menu Alignment Control * Fixed Ready template Import Issue. * Fix the Page title Builder Issue * Support Top Wordpress Theme like wordpress officeal theme * Fix the Smooth Scrolling issue. * Added New Pro Extensions (Border Animation, Advance Hover Image animation and Pin section) * Update Pot File = 1.0.5 = * Fixed The Image issue on deshboard * Fixed the Swiper slide issue on Editor mode * Fixed the PHP issue * Mega Menu: Sub Menu Positioning Issue Fixed * item box: Item box description Link color/hover fixed * contact form: Contact Form Button Responsive Positioning Fixed * social widget: Social Spacing Issue Fixed * Trip widget: New Feature Added * slider widget: Slider Video Button Position Issue Fixed * video button widget: Video Button Svg , Thumbnail Issue Fixed * Added Tread icon widgets * Added Trip Module v1 widget * Added Trip Module v2 widget * Added Trip search widget * Added Trip texonomy Module widget = 1.0.4 = * Fixed the setup wizard section * Optimize JS File * Optimize the CSS file = 1.0.3 = * Added More Addons widget * Added 13+ Extensions * Added Setup Wizard for initial plugin configuration * Added WooCommerce widget dependency management * Added "Activate All" and "Deactivate All" functionality with smart filtering * Added WooCommerce widget visual indicators and styling * Added widget display limit with "Show More" functionality * Added smooth animations for widget reveal * Improved admin interface with modern design and better UX * Fixed JavaScript compatibility issues and jQuery conflicts * Enhanced security with proper nonce verification and output escaping * Optimized code structure and removed unnecessary dependencies * Added comprehensive error handling and debugging capabilities = 1.0.2 = * Initial release of Topper Pack with 100+ widgets, 20+ extensions, and premium features. == Upgrade Notice == = 1.0.0 = First release of Topper Pack. No upgrades required at this time.