When you are writing code for large open source projects like WordPress, you must realize that your code will potentially be used by millions of other people who use WordPress. WordPress powers nearly one-third of the web and the chances of someone using your code in their project are pretty high.
Security is really important and as a developer, you must take extra steps to keep your codebase secure. You must follow proper WordPress coding standards and ensure that the data you accept, process, store, and display on the website is safe for everyone.
Here’s a good place to get started – Validating, Sanitizing and Escaping User Data.