I would suggest using esc_html instead of esc_attr for that, e.g.
<a href="https://wordpress.stackexchange.com/questions/185318/<?php echo esc_url( $url );?>" class="<?php echo esc_attr( $classes ); ?>">
<?php echo esc_html( $title ); ?>
</a>
<div>
<?php echo wp_kses_post( $html_with_safe_tags );?>
</div>
<script>
<?php echo wp_json_encode( $data_for_js ); ?>
</script>
There is also:
esc_html__esc_attr__etc ( escape translations too! )esc_js– escape strings for javascript e.g.console.log(<?php echo esc_js($var); ?>);esc_url_rawwhen redirecting, use this insteadesc_sqlesc_textareasanitize_text_field- Whitelisting values
- type casting with
(int)orabsint - and others