Security: Updated REST API permission_callback implementation to explicitly declare public chatbot endpoints in compliance with WordPress.org guidelines.
Security: Restricted access to administrative REST endpoints (challenge token) to site administrators only.
Security: Removed nonce-only authorization logic from public REST routes.
Improvement: Refined anonymous session-based chat handling for public users.
Fix: Aligned REST API implementation with plugin review feedback.
1.0.2
Security: Implemented proper ‘permission_callback’ for all REST API endpoints to ensure authorized access.
Security: Added strict nonce verification and ‘manage_options’ capability checks to all AJAX handlers.
Security: Enhanced ‘register_setting’ definitions with explicit data types and sanitization callbacks.
Security: Implemented allow-list validation for data push content types to prevent unauthorized data storage.
Improvement: Added sanitization for custom request headers (x-session-id) and external API requests.
Fix: Resolved PHPCS warnings regarding core hooks and optimized taxonomy queries for performance.
1.0.1
Improved naming and unique identifier for plgin variables and functions.
