Just noticed this and gave it a once over, I appreciate you taking the time to put it together, but a few things jump out:
You've merged ADSL (8mbit) and ADSL2+ (24Mbit), also no mention of SAT or wireless WAN connection types?
Powerline is technically three different products and the most common two are abhorrent, they're also marketed using full duplex speeds, so a 600Mbit kit will only ever manage a maximum of 300Mbit in either direction, anything below 600mbit will historically have 10/100 ports and be limited to such (if you're lucky).
5e does 10Gb, so does 6, you really don't need 6a or 6 unless you are doing long runs, but 6 and especially 6a will give you the potential of running much longer than 5e, but most residential runs are unlikely to be a problem... unless you have a servants wing. Also solid core for structured, stranded for patch.
Rather than disagree with your hardware recommendations, why not simply remove them as any reference will be outdated quite quickly and really should be made based on the individual requirement rather than a generic recommendation.
PFSense is a hard no for me, Netgate is literally everything that is wrong with open source software. They literally ran a hate campaign against OPNSense because they forked an open source project, registered the opnsense domain and spread hate/abuse about them along with quite vile and disgusting personal attacks, did similar with r/opnsense, mishandled the U-turn on the AES-NI requirement with no notice months after warning everyone to upgrade hardware, outsourced the wireguard kernel/main line project to a convicted felon who had jumped bail, fled to the EU and had to be arrested on an INTERPOL warrant and extradited, then was convicted and served time for some pretty serious crimes (they dropped the gun charges iirc) who then went on to do an absolute hatchet job on the code which was about to be mainlined before Jason (WireGuard dev) pointed out it was deeply flawed and re-wrote the whole thing. Netgate being the shining light (or at least something that rhymes with it) of the open source world blamed Jason for calling them out on it. OPNSense just used the user space module and ran happily the whole time with no drama and a slight speed penalty. At the very least you should include OPNSense, Sophos XG, IPFire, DDWRT and in fact pretty much anything else before PFSense a a recommendation.
You don't need a VLAN capable switch for isolated SSID's - Unifi controller offers this as standard, I use it daily for exactly this purpose.
I appreciate it's a lot easier to pick fault with others efforts than actually do what you did and take the time to put something like this together, please take this in the spirit it's intended as feedback to make it better, not criticism.