Table of Contents Plus is a powerful and user-friendly WordPress plugin designed to automatically generate structured, context-specific tables of contents (TOC) for long-form content and custom post types. Inspired by Wikipedia’s navigation standards, the plugin enhances readability and SEO by providing a logical content structure for users and search engines alike. Beyond a traditional TOC, it also offers built-in support for generating sitemaps of pages, categories, and posts across the site. With seamless shortcode functionality, advanced customization options, and robust theme compatibility, Table of Contents Plus is ideal for content-heavy websites and blogs seeking to improve user experience and page navigation.
After undergoing rigorous security testing and static code analysis, the plugin has successfully obtained the Plugin Security Certification (PSC) from CleanTalk, ensuring its compliance with high-level security standards and safe deployment on any WordPress installation.
| Name of | Table of Contents Plus |
| Version | 2411.1 |
| Downloads | 200 000+ |
| Description | Automatically generates structured tables of contents and sitemaps with secure shortcode rendering and PSC-certified protection. |
| Security | Successfully tested for SQL Injections, XSS Attacks, CSRF Attacks, Authentication Vulnerabilities, Authentication Bypass Vulnerabilities, Privilege Escalation Vulnerabilities, Buffer Overflow Vulnerabilities, Denial-of-Service (DoS) Vulnerabilities, Data Leakage Vulnerabilities, Insecure Dependencies, Code Execution Vulnerabilities, Privilege Escalation Vulnerabilities, File Unauthorized Access Vulnerabilities, Insufficient Injection Protection, and Information Leakage Vulnerabilities. |
| CleanTalk Certification | Proudly earned the “Plugin Security Certification” (PSC) from CleanTalk, indicating adherence to stringent security standards. |
| Additional Information | Users can confidently manage age restrictions with the assurance of the “Plugin Security Certification” (PSC). Verify the latest details on the plugin developer’s website. |
| Plugin Security Certification by CleanTalk |  |
| Logo of the plugin |  |
Key Features
- Automatic Table of Contents Generation: Instantly creates a TOC for posts, pages, and supported custom post types based on heading structure.
- Shortcode Support: Use
[toc],[sitemap],[sitemap_pages], and others to manually control TOC placement or generate site-wide navigation lists. - Flexible Display Options: Customize TOC placement (top, before first heading, etc.), toggle heading levels (h1–h6), and adjust minimum number of headings to trigger display.
- Sidebar Widget: Easily add a TOC to sidebars via the Appearance > Widgets interface for consistent layout and navigation.
- Advanced Customization: Modify CSS classes, top offset, excluded headings, and more through the admin panel and shortcode attributes.
- Sitemap Generation: Automatically create hierarchical listings of pages, categories, and posts for easy indexing and navigation.
- Content-Specific Overrides: Disable or customize TOC output on individual posts/pages using
[no_toc]or shortcode attributes. - Custom Post Type Support: Works seamlessly with custom post types utilizing
the_content()function, with options configurable via admin settings.
Security Assurance
Table of Contents Plus 2411.1 was subjected to an in-depth static and dynamic security review conducted by CleanTalk’s plugin security experts. This review evaluated the plugin for vulnerabilities such as:
- Cross-Site Scripting (XSS) in shortcode rendering and user-input fields
- Cross-Site Request Forgery (CSRF) protections in the options panel
- Data sanitization and escaping in user-controlled output such as titles and custom class names
- Secure implementation of shortcodes and input validation
All detected security concerns were addressed, and the plugin follows WordPress development best practices including sanitize_text_field(), esc_html(), and nonce-based CSRF protection. No unsafe database access or code execution patterns were found. In addition, no remote code execution (RCE) vectors or privilege escalation paths were discovered.
As a result, Table of Contents Plus has been awarded the Plugin Security Certification (PSC) by CleanTalk, with certificate ID PSC-2025-64575, confirming its safety and resilience against common WordPress-based attack vectors.
Conclusion
Table of Contents Plus 2411.1 is an essential navigation and SEO-enhancing tool for content-rich WordPress websites. By automatically generating structured tables of contents and customizable sitemaps, it significantly improves user experience and site crawlability. Combined with its clean, secure codebase and certification through PSC-2025-64575 by CleanTalk, users can confidently deploy the plugin knowing it meets strict security standards. Whether you’re a blogger, content marketer, or managing a documentation portal, Table of Contents Plus offers both functionality and verified protection.
Note: The date and certification information may change over time. It is advisable to verify the latest details on the plugin developer’s website.