Is io.github.cvrt-jh/wordpress-mcp safe to use?

io.github.cvrt-jh/wordpress-mcp has no known CVEs as of the latest MCPpedia security scan. It requires authentication to connect, which limits unauthorized access.

How do I install io.github.cvrt-jh/wordpress-mcp?

io.github.cvrt-jh/wordpress-mcp supports copy-paste install configs on its MCPpedia page for Claude Desktop, Cursor, and Claude Code. Scroll to the Quick Install section and select your client.

What can io.github.cvrt-jh/wordpress-mcp do?

io.github.cvrt-jh/wordpress-mcp provides 168 tools: wp_site_info, wp_get_settings, wp_update_settings, wp_get_namespaces, wp_list_posts and 163 more. See the full tools list on the server page for descriptions and parameters.

What AI clients work with io.github.cvrt-jh/wordpress-mcp?

io.github.cvrt-jh/wordpress-mcp is compatible with claude-desktop, cursor, claude-code. It uses stdio and sse and http transport.

Is io.github.cvrt-jh/wordpress-mcp actively maintained?

io.github.cvrt-jh/wordpress-mcp is recently maintained — last commit was 63 days ago. It has 2 GitHub stars.

io.github.cvrt-jh/wordpress-mcp

@cavort-it-systems/wordpress-mcp

Lightweight WordPress MCP server - 42 tools, token-optimized (95% smaller responses)

2 42/wk 168 tools GitHub npm

No known CVEs

No license

Maintained

Last commit 63d ago

Works with most clients

Transport: stdio, sse, http

168 tools · ~3.9k tok

Grade C · 2.0% of 200K ctx

Edit this pageView history

Developer Tools Writing

Step 1

Install in your client

Config is the same across clients — only the file and path differ.

Supported in Claude Desktopstdio, sse, http · Node 18+

Paste into ~/Library/Application Support/Claude/claude_desktop_config.json

{
  "mcpServers": {
    "wordpress": {
      "env": {
        "WORDPRESS_PASSWORD": "xxxx xxxx xxxx xxxx",
        "WORDPRESS_SITE_URL": "https://example.com",
        "WORDPRESS_USERNAME": "admin"
      },
      "args": [
        "@cavort-it-systems/wordpress-mcp"
      ],
      "command": "npx"
    }
  }
}

Are you the author?

Add this badge to your README to show your security score and help users find safe servers.

Embed in your READMEAbout badges →

[![MCPpedia Score](https://mcppedia.org/api/badge/io-github-cvrt-jh-wordpress-mcp)](https://mcppedia.org/s/io-github-cvrt-jh-wordpress-mcp)

Read me

What io.github.cvrt-jh/wordpress-mcp does

Lightweight WordPress MCP server for site management. 158 tools with token-optimized responses — REST API responses automatically slimmed from kilobytes to essentials.

Test This Server

Run this in your terminal to verify the server starts. Then let us know if it worked — your result helps other developers.

npx -y '@cavort-it-systems/wordpress-mcp' 2>&1 | head -1 && echo "✓ Server started successfully"

After testing, let us know if it worked:

Loading README…

Scored, not listed

Why this score

Five weighted categories — click any category to see the underlying evidence.

Score breakdown

74/100across 5 weighted dimensions

How we score →

0255075100

−26

Security

Maintenance

Efficiency

Documentation

Compatibility

Categoriesclick a row to see evidence

Security

OSV.dev

No known CVEs.

Checked @cavort-it-systems/wordpress-mcp against OSV.dev.

Inventory

Tools (168)

Click any tool to inspect its schema.

~3.9k tokens total

Community

Reviews

Be the first to review

Have you used this server?

Share your experience — it helps other developers decide.

How easy was setup?Did it work reliably?How was the documentation?

Frequently Asked Questions

Is io.github.cvrt-jh/wordpress-mcp safe to use?: io.github.cvrt-jh/wordpress-mcp has no known CVEs as of the latest MCPpedia security scan. It requires authentication to connect, which limits unauthorized access.
How do I install io.github.cvrt-jh/wordpress-mcp?: io.github.cvrt-jh/wordpress-mcp supports copy-paste install configs on its MCPpedia page for Claude Desktop, Cursor, and Claude Code. Scroll to the Quick Install section and select your client.
What can io.github.cvrt-jh/wordpress-mcp do?: io.github.cvrt-jh/wordpress-mcp provides 168 tools: wp_site_info, wp_get_settings, wp_update_settings, wp_get_namespaces, wp_list_posts and 163 more. See the full tools list on the server page for descriptions and parameters.
What AI clients work with io.github.cvrt-jh/wordpress-mcp?: io.github.cvrt-jh/wordpress-mcp is compatible with claude-desktop, cursor, claude-code. It uses stdio and sse and http transport.
Is io.github.cvrt-jh/wordpress-mcp actively maintained?: io.github.cvrt-jh/wordpress-mcp is recently maintained — last commit was 63 days ago. It has 2 GitHub stars.

Similar servers

Others in developer-tools / writing

View all →

XcodeBuildMCP97

A Model Context Protocol (MCP) server and CLI that provides tools for agent use when working on iOS and macOS projects.

5.8k 2

XcodeBuildMCP97

XcodeBuildMCP provides tools for Xcode project management, simulator management, and app utilities.

5.8k 1

Mcp_agent_mail96

Asynchronous coordination layer for AI coding agents: identities, inboxes, searchable threads, and advisory file leases over FastMCP + Git + SQLite

2.0k 6

Figma Console Mcp96

MCP server for accessing Figma plugin console logs and screenshots via Cloudflare Workers or local mode

1.7k 2

MCP Security Weekly

Get CVE alerts and security updates for io.github.cvrt-jh/wordpress-mcp and similar servers.

Community

Discussion

Start a conversation

Ask a question, share a tip, or report an issue.

Has anyone used this with Cursor?How do you handle auth?Any alternatives?

Edit this pageView history

Developer Tools Writing

Step 1

Install in your client

Config is the same across clients — only the file and path differ.

Supported in Claude Desktopstdio, sse, http · Node 18+

Paste into ~/Library/Application Support/Claude/claude_desktop_config.json

{
  "mcpServers": {
    "wordpress": {
      "env": {
        "WORDPRESS_PASSWORD": "xxxx xxxx xxxx xxxx",
        "WORDPRESS_SITE_URL": "https://example.com",
        "WORDPRESS_USERNAME": "admin"
      },
      "args": [
        "@cavort-it-systems/wordpress-mcp"
      ],
      "command": "npx"
    }
  }
}

Are you the author?

Add this badge to your README to show your security score and help users find safe servers.

Embed in your READMEAbout badges →

[![MCPpedia Score](https://mcppedia.org/api/badge/io-github-cvrt-jh-wordpress-mcp)](https://mcppedia.org/s/io-github-cvrt-jh-wordpress-mcp)

Read me

What io.github.cvrt-jh/wordpress-mcp does

Lightweight WordPress MCP server for site management. 158 tools with token-optimized responses — REST API responses automatically slimmed from kilobytes to essentials.

Test This Server

Run this in your terminal to verify the server starts. Then let us know if it worked — your result helps other developers.

npx -y '@cavort-it-systems/wordpress-mcp' 2>&1 | head -1 && echo "✓ Server started successfully"

After testing, let us know if it worked:

README

wordpress-mcp

Lightweight WordPress MCP server for site management. 158 tools with token-optimized responses — REST API responses automatically slimmed from kilobytes to essentials.

v2.1: Now includes Pro modules for ACF and WooCommerce via wp-pilot-pro.

v2.0: Extended tools for the cvrt-mcp-endpoints plugin — install plugins/themes from WordPress.org, database management, full widget/menu control, and more.

Why This Server?

WordPress REST API returns extremely verbose JSON (~5-10KB per post). This server strips it down:

Response	Before	After	Reduction
`wp_list_posts` (10 posts)	~50KB	~2KB	96%
`wp_get_post`	~5KB	~200 bytes	96%
`wp_list_plugins`	~15KB	~800 bytes	95%

Less tokens = faster responses, lower costs, more context for your AI.

Installation

npm install -g @cavort-it-systems/wordpress-mcp

Or run directly:

npx @cavort-it-systems/wordpress-mcp

Configuration

Claude Code CLI

claude mcp add wordpress \
  -e WORDPRESS_SITE_URL=https://example.com \
  -e WORDPRESS_USERNAME=admin \
  -e WORDPRESS_PASSWORD="xxxx xxxx xxxx xxxx" \
  -- npx @cavort-it-systems/wordpress-mcp

Claude Desktop / Manual

Add to your MCP config (~/.claude.json or Claude Desktop settings):

{
  "mcpServers": {
    "wordpress": {
      "command": "npx",
      "args": ["@cavort-it-systems/wordpress-mcp"],
      "env": {
        "WORDPRESS_SITE_URL": "https://example.com",
        "WORDPRESS_USERNAME": "admin",
        "WORDPRESS_PASSWORD": "xxxx xxxx xxxx xxxx"
      }
    }
  }
}

From Source

git clone https://github.com/cvrt-jh/wordpress-mcp.git
cd wordpress-mcp
npm install && npm run build

Authentication

Uses Application Passwords (WordPress 5.6+):

Go to Users → Profile in WordPress admin
Scroll to Application Passwords
Create new password for "Claude MCP"
Use the generated password (keep the spaces)

Response Slimming

All responses are automatically trimmed. Example:

wp_get_post — from ~5KB to ~200 bytes:

// Before (WordPress REST API raw)
{"id":123,"date":"2026-01-15T10:30:00","date_gmt":"2026-01-15T09:30:00",
"guid":{"rendered":"https://example.com/?p=123"},"modified":"2026-01-20T14:00:00",
"modified_gmt":"2026-01-20T13:00:00","slug":"my-post","status":"publish",
"type":"post","link":"https://example.com/my-post/","title":{"rendered":"My Post"},
"content":{"rendered":"<p>Full content...</p>","protected":false},
"excerpt":{"rendered":"<p>Excerpt...</p>","protected":false},
"author":1,"featured_media":456,"comment_status":"open","ping_status":"open",
"sticky":false,"template":"","format":"standard","meta":{"footnotes":""},
"categories":[1,5],"tags":[10,20],"class_list":["post-123","type-post",...],
"_links":{"self":[...],"collection":[...],"about":[...],...}}

// After (slimmed)
{"id":123,"title":"My Post","slug":"my-post","status":"publish",
"date":"2026-01-15T10:30:00","modified":"2026-01-20T14:00:00",
"link":"https://example.com/my-post/","excerpt":"Excerpt...",
"author":1,"categories":[1,5],"tags":[10,20],"featured_media":456}

What gets stripped:

Field	Where	Why
`guid`, `_links`	everywhere	Internal WordPress data
`content.rendered`	lists	Only included when explicitly requested
`meta`, `class_list`	posts/pages	Theme/plugin metadata
`ping_status`, `comment_status`	posts	Rarely need

... View full README on GitHub

Loading README…

Scored, not listed

Why this score

Five weighted categories — click any category to see the underlying evidence.

Score breakdown

74/100across 5 weighted dimensions

How we score →

0255075100

−26

Security

Maintenance

Efficiency

Documentation

Compatibility

Categoriesclick a row to see evidence

Security

OSV.dev

No known CVEs.

Checked @cavort-it-systems/wordpress-mcp against OSV.dev.

Inventory

Tools (168)

Click any tool to inspect its schema.

~3.9k tokens total

Community

Reviews

Be the first to review

Have you used this server?

Share your experience — it helps other developers decide.

How easy was setup?Did it work reliably?How was the documentation?

Frequently Asked Questions

Is io.github.cvrt-jh/wordpress-mcp safe to use?: io.github.cvrt-jh/wordpress-mcp has no known CVEs as of the latest MCPpedia security scan. It requires authentication to connect, which limits unauthorized access.
How do I install io.github.cvrt-jh/wordpress-mcp?: io.github.cvrt-jh/wordpress-mcp supports copy-paste install configs on its MCPpedia page for Claude Desktop, Cursor, and Claude Code. Scroll to the Quick Install section and select your client.
What can io.github.cvrt-jh/wordpress-mcp do?: io.github.cvrt-jh/wordpress-mcp provides 168 tools: wp_site_info, wp_get_settings, wp_update_settings, wp_get_namespaces, wp_list_posts and 163 more. See the full tools list on the server page for descriptions and parameters.
What AI clients work with io.github.cvrt-jh/wordpress-mcp?: io.github.cvrt-jh/wordpress-mcp is compatible with claude-desktop, cursor, claude-code. It uses stdio and sse and http transport.
Is io.github.cvrt-jh/wordpress-mcp actively maintained?: io.github.cvrt-jh/wordpress-mcp is recently maintained — last commit was 63 days ago. It has 2 GitHub stars.

Similar servers

Others in developer-tools / writing

View all →

XcodeBuildMCP97

A Model Context Protocol (MCP) server and CLI that provides tools for agent use when working on iOS and macOS projects.

5.8k 2

XcodeBuildMCP97

XcodeBuildMCP provides tools for Xcode project management, simulator management, and app utilities.

5.8k 1

Mcp_agent_mail96

Asynchronous coordination layer for AI coding agents: identities, inboxes, searchable threads, and advisory file leases over FastMCP + Git + SQLite

2.0k 6

Figma Console Mcp96

MCP server for accessing Figma plugin console logs and screenshots via Cloudflare Workers or local mode

1.7k 2

MCP Security Weekly

Get CVE alerts and security updates for io.github.cvrt-jh/wordpress-mcp and similar servers.

Community

Discussion

Start a conversation

Ask a question, share a tip, or report an issue.

Has anyone used this with Cursor?How do you handle auth?Any alternatives?