I am trying to build a web CMS application using PHP and SQL. I haven't fully learned Laravel yet and I may need more time to complete my course. My question is, does Laravel come in with built-in extra security or is it the same as coding in our PHP. No one told me this, I have a feeling, I would have to do a lot of manual coding to secure my app using pure PHP.
Using a framework does not secure your code magically. You still have to protect it.
you can see your web app as a house with many doors. with pure PHP, you will have to build your doors before using them. On the other side, Laravel (or any framework) comes with built-in doors but if you don't use them, your app will not be secured.
All protections listed above can be done with pure PHP but you will have to write a lot of code.