release: v1.1.0

README.de.md

@@ -3,7 +3,7 @@
 ![PHP 8.0+](https://img.shields.io/badge/PHP-8.0%2B-blue)
 ![WordPress 6.0+](https://img.shields.io/badge/WordPress-6.0%2B-21759b)
 ![License: GPL-2.0](https://img.shields.io/badge/License-GPL--2.0--or--later-green)
-![Version](https://img.shields.io/badge/Version-1.0.0-orange)
+![Version](https://img.shields.io/badge/Version-1.1.0-orange)
 ![Tests](https://img.shields.io/badge/Tests-112%20passing-brightgreen)
 
 🇬🇧 [English version → README.md](README.md)

README.md

@@ -3,7 +3,7 @@
 ![PHP 8.0+](https://img.shields.io/badge/PHP-8.0%2B-blue)
 ![WordPress 6.0+](https://img.shields.io/badge/WordPress-6.0%2B-21759b)
 ![License: GPL-2.0](https://img.shields.io/badge/License-GPL--2.0--or--later-green)
-![Version](https://img.shields.io/badge/Version-1.0.0-orange)
+![Version](https://img.shields.io/badge/Version-1.1.0-orange)
 ![Tests](https://img.shields.io/badge/Tests-112%20passing-brightgreen)
 
 🇩🇪 [Deutsche Version → README.de.md](README.de.md)

brezngeo/brezngeo.php

@@ -3,7 +3,7 @@
  * Plugin Name:       BreznGEO
  * Plugin URI:        https://brezngeo.com/
  * Description:       AI-powered meta descriptions, GEO structured data, and llms.txt for WordPress.
- * Version:           1.0.0
+ * Version:           1.1.0
  * Requires at least: 6.0
  * Requires PHP:      8.0
  * Author:            NoSchmarrn.dev
@@ -18,7 +18,7 @@ if ( ! defined( 'ABSPATH' ) ) {
 	exit;
 }
 
-define( 'BREZNGEO_VERSION', '1.0.0' );
+define( 'BREZNGEO_VERSION', '1.1.0' );
 define( 'BREZNGEO_FILE', __FILE__ );
 define( 'BREZNGEO_DIR', plugin_dir_path( __FILE__ ) );
 define( 'BREZNGEO_URL', plugin_dir_url( __FILE__ ) );

brezngeo/includes/Admin/SchemaMetaBox.php

@@ -62,18 +62,15 @@ class SchemaMetaBox {
 		}
 		// phpcs:ignore WordPress.Security.NonceVerification.Missing
 		if ( ! isset( $_POST['_brezngeo_schema_nonce'] )
-			// phpcs:ignore WordPress.Security.ValidatedSanitizedInput.InputNotSanitized
+			|| ! wp_verify_nonce( sanitize_key( wp_unslash( $_POST['_brezngeo_schema_nonce'] ) ), 'brezngeo_schema_meta_box' ) ) {
-			|| ! wp_verify_nonce( sanitize_key( $_POST['_brezngeo_schema_nonce'] ), 'brezngeo_schema_meta_box' ) ) {
 			return;
 		}
 		if ( ! current_user_can( 'edit_post', $post_id ) ) {
 			return;
 		}
 		// phpcs:ignore WordPress.Security.NonceVerification.Missing
-		// phpcs:ignore WordPress.Security.ValidatedSanitizedInput.InputNotSanitized
 		$input = isset( $_POST['brezngeo_schema'] ) && is_array( $_POST['brezngeo_schema'] )
-			// phpcs:ignore WordPress.Security.ValidatedSanitizedInput.InputNotSanitized
+			? map_deep( wp_unslash( $_POST['brezngeo_schema'] ), 'sanitize_textarea_field' )
-			? wp_unslash( $_POST['brezngeo_schema'] )
 			: array();
 		$clean = self::sanitizeData( $input );
 		update_post_meta( $post_id, self::META_TYPE, $clean['schema_type'] );

brezngeo/includes/Features/LinkSuggest.php

@@ -431,10 +431,10 @@ class LinkSuggest {
 			return;
 		}
 
-		// phpcs:disable WordPress.Security.NonceVerification.Missing,WordPress.Security.ValidatedSanitizedInput.InputNotSanitized
+		// phpcs:ignore WordPress.Security.NonceVerification.Missing -- verified via check_ajax_referer() above
-		$post_id = (int) ( wp_unslash( $_POST['post_id'] ?? 0 ) );
+		$post_id = isset( $_POST['post_id'] ) ? absint( wp_unslash( $_POST['post_id'] ) ) : 0;
-		$content = wp_kses_post( wp_unslash( $_POST['post_content'] ?? '' ) );
+		// phpcs:ignore WordPress.Security.NonceVerification.Missing -- verified via check_ajax_referer() above
-		// phpcs:enable
+		$content = isset( $_POST['post_content'] ) ? wp_kses_post( wp_unslash( $_POST['post_content'] ) ) : '';
 
 		if ( $post_id && ! current_user_can( 'edit_post', $post_id ) ) {
 			wp_send_json_error( 'Insufficient permissions' );

brezngeo/readme.txt

@@ -3,7 +3,7 @@ Contributors: mifupadev
 Tags: seo, ai, meta description, schema, llms.txt
 Requires at least: 6.0
 Tested up to: 6.9
-Stable tag: 1.0.0
+Stable tag: 1.1.0
 Requires PHP: 8.0
 License: GPL-2.0-or-later
 License URI: https://www.gnu.org/licenses/gpl-2.0.html
@@ -208,7 +208,7 @@ No data is transmitted during normal page loads or to visitors.
 * Data sent: Post title and content excerpt (meta descriptions, GEO Block); candidate post titles and URLs (link suggestions).
 * API endpoint: `https://generativelanguage.googleapis.com/`
 * Privacy policy: https://policies.google.com/privacy
-* Terms of use: https://ai.google.dev/gemini-api/terms
+* Terms of use: https://ai.google.dev/gemini-api/terms?hl=en
 
 = xAI Grok =
 * Data sent: Post title and content excerpt (meta descriptions, GEO Block); candidate post titles and URLs (link suggestions).
@@ -218,6 +218,12 @@ No data is transmitted during normal page loads or to visitors.
 
 == Changelog ==
 
+= 1.1.0 =
+* Fixed Google Gemini API terms URL that caused too many redirects during WordPress.org review.
+* Improved input sanitization in Schema.org meta box — uses `map_deep()` with `sanitize_textarea_field` instead of relying on downstream sanitization with phpcs suppression.
+* Improved input sanitization in Internal Link Suggestions AJAX handler — uses `absint()` and standard `isset()` pattern.
+* Removed all `phpcs:ignore WordPress.Security.ValidatedSanitizedInput.InputNotSanitized` comments — all `$_POST` data is now sanitized inline at the point of access.
+
 = 1.0.0 =
 * Initial release as BreznGEO.
 * AI Meta Generator with auto-publish trigger, customizable prompt, and Polylang/WPML language detection.
@@ -240,5 +246,8 @@ No data is transmitted during normal page loads or to visitors.
 
 == Upgrade Notice ==
 
+= 1.1.0 =
+Fixes WordPress.org review issues: corrected Google Gemini terms URL and improved inline input sanitization.
+
 = 1.0.0 =
 Initial release.