feat(mail-return): add mail return tool page

[Nyeriah]

Summary

• Adds a new Mail Return tool page under Profile menu
• Users can select a character to view sent mails that have not yet been read by the recipient
• Each mail displays the receiver's nameplate (race/class icons, level), subject, sent/expiry dates, attached items (as Wowhead links with tooltips and icons), and money
• Clicking "Return" executes .mail return <receiverName> <mailId> via SOAP to return the mail to the sender

Security

• All SQL queries use prepared statements with bound parameters
• charGuid and mailId validated as numeric and cast to intval()
• Account ownership verified server-side before listing or returning mails
• Receiver existence verified from database before SOAP execution
• SOAP command uses database-sourced names, never user input
• HTML output escaped with esc_html(), esc_attr(), esc_url(), esc_js()

Test plan

• Log in to the CMS and navigate to Profile → Mail Return
• Select a character and verify sent unread mails are listed
• Verify items display as Wowhead links with icons and tooltips
• Click Return on a mail and verify it is returned to the sender in-game
• Verify returned mail disappears from the list
• Verify you cannot return mails from characters you don't own
• Verify already-read mails are not listed

🤖 Generated with Claude Code

[TheSCREWEDSoftware]

Requires: azerothcore/azerothcore-wotlk#25213 to be merged