
Ajejey Smart Table of Contents Security & Risk Analysis
wordpress.org/plugins/ajejey-smart-tocAutomatically generate a beautiful table of contents from your post/page headings with smooth scroll navigation.
Is Ajejey Smart Table of Contents Safe to Use in 2026?
Generally Safe
Score 100/100Ajejey Smart Table of Contents has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.
The "ajejey-smart-toc" plugin v1.0.0 exhibits a strong security posture based on the provided static analysis. The plugin demonstrates excellent adherence to secure coding practices, with all identified SQL queries utilizing prepared statements and all output being properly escaped. The absence of dangerous functions, file operations, and external HTTP requests further contributes to its secure design. Furthermore, the plugin has no recorded vulnerability history, including no known CVEs, which suggests a history of secure development and maintenance.
However, a primary concern arises from the complete lack of nonce checks. While the plugin only has one entry point (a shortcode), and it does have a capability check, the absence of nonce verification on any potential handler, even if not explicitly identified in the static analysis, opens a theoretical window for CSRF attacks. The attack surface is small and seemingly protected, but the missing nonce check is a significant omission in secure WordPress development, especially as the plugin grows or new functionalities are added.
In conclusion, "ajejey-smart-toc" v1.0.0 is well-developed with respect to SQL injection and output escaping, and its clean vulnerability history is a significant positive. The main weakness lies in the missing nonce checks, which, despite the current limited attack surface, represents a departure from best practices. Future development should prioritize the implementation of nonce checks for all user-facing actions.
Key Concerns
- Missing nonce checks
Ajejey Smart Table of Contents Security Vulnerabilities
Ajejey Smart Table of Contents Release Timeline
Ajejey Smart Table of Contents Code Analysis
Output Escaping
Ajejey Smart Table of Contents Attack Surface
Shortcodes 1
WordPress Hooks 8
Maintenance & Trust
Ajejey Smart Table of Contents Maintenance & Trust
Maintenance Signals
Community Trust
Ajejey Smart Table of Contents Alternatives
Digital Table of Contents
digital-table-of-contents
A powerful and customizable TOC plugin. Effortlessly navigate your content with advanced features and flexible styling.
NanoTOC — Fast Lightweight Table of Contents
nanotoc
Fast, lightweight TOC for WordPress with nested/flat lists, smooth scroll, and optional offset.
Protos TOC Generator
protos-toc-generator
Auto-generates a floating or inline table of contents with anchor links based on headings in your post. Improves readability and SEO.
SmoothTOC
smooth-toc
Automatically generates a Table of Contents for your posts and pages.
Supplyist TOC Block
supplyist-toc-block
A simple Gutenberg block that automatically generates a nested table of contents from post headings.
Ajejey Smart Table of Contents Developer Profile
1 plugin · 0 total installs
How We Detect Ajejey Smart Table of Contents
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
/wp-content/plugins/ajejey-smart-toc/assets/css/admin.css/wp-content/plugins/ajejey-smart-toc/assets/js/admin.js/wp-content/plugins/ajejey-smart-toc/assets/js/admin.jsajejey-smart-toc/assets/css/admin.css?ver=ajejey-smart-toc/assets/js/admin.js?ver=