Not sure to what extent I need to escape in wordpress.
I am building a child theme on my local machine, and want to make sure its secure.
So when ever I echo data contained in a variable I am using this:
esc_html_e( $user_info->first_name, 'onepress' );
Now if I have a html element like the following:
Would I need to escape it like this:
<span class="subscribeText"><?php esc_html_e( 'Subscribe', 'onepress' ); ?></span>
or would this be going too far.
Read more here: Escaping text in WordPress using built in functions