Ajejey Smart Table of Contents Security & Risk Analysis

wordpress.org/plugins/ajejey-smart-toc

Automatically generate a beautiful table of contents from your post/page headings with smooth scroll navigation.

0 active installs v1.0.0 PHP 7.4+ WP 5.8+ Updated Nov 8, 2025
headingsnavigationsmooth-scrolltable-of-contentstoc
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Safety Verdict

Is Ajejey Smart Table of Contents Safe to Use in 2026?

Generally Safe

Score 100/100

Ajejey Smart Table of Contents has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 8mo ago
Risk Assessment

The "ajejey-smart-toc" plugin v1.0.0 exhibits a strong security posture based on the provided static analysis. The plugin demonstrates excellent adherence to secure coding practices, with all identified SQL queries utilizing prepared statements and all output being properly escaped. The absence of dangerous functions, file operations, and external HTTP requests further contributes to its secure design. Furthermore, the plugin has no recorded vulnerability history, including no known CVEs, which suggests a history of secure development and maintenance.

However, a primary concern arises from the complete lack of nonce checks. While the plugin only has one entry point (a shortcode), and it does have a capability check, the absence of nonce verification on any potential handler, even if not explicitly identified in the static analysis, opens a theoretical window for CSRF attacks. The attack surface is small and seemingly protected, but the missing nonce check is a significant omission in secure WordPress development, especially as the plugin grows or new functionalities are added.

In conclusion, "ajejey-smart-toc" v1.0.0 is well-developed with respect to SQL injection and output escaping, and its clean vulnerability history is a significant positive. The main weakness lies in the missing nonce checks, which, despite the current limited attack surface, represents a departure from best practices. Future development should prioritize the implementation of nonce checks for all user-facing actions.

Key Concerns

  • Missing nonce checks
Vulnerabilities
None known

Ajejey Smart Table of Contents Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Version History

Ajejey Smart Table of Contents Release Timeline

v1.0.0Current
Code Analysis
Analyzed Apr 16, 2026

Ajejey Smart Table of Contents Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
0
100 escaped
Nonce Checks
0
Capability Checks
1
File Operations
0
External Requests
0
Bundled Libraries
0

Output Escaping

100% escaped100 total outputs
Attack Surface

Ajejey Smart Table of Contents Attack Surface

Entry Points1
Unprotected0

Shortcodes 1

[ajejsmta_toc] includes/class-toc-frontend.php:55
WordPress Hooks 8
actionplugins_loadedajejey-smart-toc.php:48
actionadmin_menuincludes/class-toc-admin.php:34
actionadmin_enqueue_scriptsincludes/class-toc-admin.php:37
actionadmin_initincludes/class-toc-admin.php:40
actioninitincludes/class-toc-block.php:33
actionenqueue_block_editor_assetsincludes/class-toc-block.php:34
actionwp_enqueue_scriptsincludes/class-toc-frontend.php:49
filterthe_contentincludes/class-toc-frontend.php:52
Maintenance & Trust

Ajejey Smart Table of Contents Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5
Last updatedNov 8, 2025
PHP min version7.4
Downloads192

Community Trust

Rating0/100
Number of ratings0
Active installs0
Developer Profile

Ajejey Smart Table of Contents Developer Profile

ajejey

1 plugin · 0 total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Ajejey Smart Table of Contents

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/ajejey-smart-toc/assets/css/admin.css/wp-content/plugins/ajejey-smart-toc/assets/js/admin.js
Script Paths
/wp-content/plugins/ajejey-smart-toc/assets/js/admin.js
Version Parameters
ajejey-smart-toc/assets/css/admin.css?ver=ajejey-smart-toc/assets/js/admin.js?ver=

HTML / DOM Fingerprints

FAQ

Frequently Asked Questions about Ajejey Smart Table of Contents