Does Heroic Table of Contents have any unpatched vulnerabilities?

No. All known vulnerabilities in Heroic Table of Contents have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Heroic Table of Contents compatible with WordPress 6.9.0?

According to WordPress.org data, Heroic Table of Contents 1.2.7 has been tested up to WordPress 6.9.0. Check the plugin's changelog for the latest compatibility information.

Is Heroic Table of Contents compatible with PHP 8.0+?

Heroic Table of Contents requires PHP 8.0 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Heroic Table of Contents updated?

Heroic Table of Contents was last updated on Jan 7, 2026. Frequent updates are generally a positive security signal.

What is Heroic Table of Contents's security score?

Heroic Table of Contents has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Heroic Table of Contents Security & Risk Analysis

wordpress.org/plugins/heroic-table-of-contents

Heroic Table of Contents is the easiest way to add a table of contents to your site.

5K active installs v1.2.7 PHP 8.0+ WP 6.7+ Updated Jan 7, 2026

indexnavigationseotable-of-contentstoc

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Heroic Table of Contents Safe to Use in 2026?

Generally Safe

Score 100/100

Heroic Table of Contents has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 2mo ago

Risk Assessment

Based on the provided static analysis and vulnerability history, the 'heroic-table-of-contents' plugin v1.2.7 exhibits an exceptionally strong security posture. The code analysis reveals no identified attack vectors, dangerous functions, SQL injection vulnerabilities, unescaped output, file operations, external requests, or missing security checks like nonces and capability checks. The complete absence of these common security pitfalls is a significant strength. Furthermore, the plugin has no recorded vulnerabilities, including critical or high-severity issues, which indicates a mature and well-maintained codebase over time. The lack of any taint flows also suggests that data is handled securely, preventing potential injection attacks. While the analysis shows an ideal scenario with no apparent weaknesses, it is important to acknowledge that static analysis is not exhaustive. However, given the data, the plugin currently presents a very low security risk.

Vulnerabilities

None known

Heroic Table of Contents Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Heroic Table of Contents Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

0 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Attack Surface

Heroic Table of Contents Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 1

filterrank_math/researches/toc_pluginsht-toc.php:29

Maintenance & Trust

Heroic Table of Contents Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.0

Last updatedJan 7, 2026

PHP min version8.0

Downloads64K

Community Trust

Rating94/100

Number of ratings9

Active installs5K

Alternatives

Heroic Table of Contents Alternatives

NexIndex – Auto Table of Contents & SEO Links

nexindex

100

NexIndex is the Next-Gen Table of Contents plugin. Beautiful skins, Smart SEO Anchors, Inline Headings (News Style), and Mobile-First design.

0 No CVEs

LuckyWP Table of Contents

luckywp-table-of-contents

Creates SEO-friendly table of contents for your posts/pages. Works automatically or manually (via shortcode, Gutenberg block or widget).

100K 5 CVEs

Rich Table of Contents

rich-table-of-content

RTOC is a table of contents generation plugin from Japan that allows anyone to easily create a table of contents. Equipped with the functions of the c …

20K 2 CVEs

F70 Simple Table of Contents

f70-simple-table-of-contents

Display a table of contents in your posts by automatically generated from the headings. No Javascript code, simple to use.

100 No CVEs

Developer Profile

Heroic Table of Contents Developer Profile

HeroThemes

3 plugins · 16K total installs

trust score

Avg Security Score

95/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Heroic Table of Contents

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/heroic-table-of-contents/dist/styles/ht-toc.css/wp-content/plugins/heroic-table-of-contents/dist/scripts/ht-toc.js

Script Paths

/wp-content/plugins/heroic-table-of-contents/dist/scripts/ht-toc.js

Version Parameters

heroic-table-of-contents/dist/styles/ht-toc.css?ver=heroic-table-of-contents/dist/scripts/ht-toc.js?ver=

HTML / DOM Fingerprints

CSS Classes

ht-toc-containerht-toc-listht-toc-itemht-toc-linkht-toc-title

Data Attributes

data-toc-heading-leveldata-toc-scroll-offsetdata-toc-fixed-header

JS Globals

ht_toc_params

Shortcode Output

[heroic_table_of_contents]

FAQ