This scanner identifies improper file process vulnerabilities in the WordPress Plugin Table of Contents Plus. The tool detects instances where the plugin may expose full server paths through error messages, which can aid attackers in conducting directory traversal or local file inclusion attacks. The scanner operates by checking specific plugin endpoints including 'toc-plus.php', 'toc.php', and 'class-toc.php' for improper error handling that inadvertently discloses server directory structures. When these files execute with certain errors, they may reveal the server path in HTTP response bodies, creating security risks. The vulnerability stems from improper error handling within the plugin that exposes critical server paths to potential attackers. This information provides unauthorized insights into server directory structures that can be leveraged for more severe exploits. The scanner performs automated checks on digital assets to identify these exposures. It looks for specific error indicators within HTTP responses, confirming the vulnerability when fatal errors are coupled with specific plugin identifiers. The scan completes in approximately 10 seconds per URL. Website administrators, security professionals, and webmasters use this scanner to ensure their WordPress installations using the Table of Contents Plus plugin are protected from path disclosure vulnerabilities. Detection enables prompt mitigation to prevent unauthorized access and maintain server security integrity.