wp-menus-mcp
Verified Safeby Akungapaul
Overview
This server enables external applications to manage WordPress navigation menus via the Model Context Protocol (MCP).
Installation
npx wp-menus-mcpEnvironment Variables
- WORDPRESS_URL
- WORDPRESS_USERNAME
- WORDPRESS_APP_PASSWORD
Security Notes
The server utilizes environment variables for sensitive WordPress credentials (URL, username, app password), which is good practice for managing secrets. Input validation is performed using `zod` schemas for each tool, which helps mitigate common injection vulnerabilities. The `set_menu_location` tool directly interacts with a sensitive WordPress settings endpoint (`/wp/v2/settings`). While the input is validated, misconfiguration of WordPress permissions for the provided application password or insufficient security measures for the MCP server itself could lead to unauthorized menu changes or broader site settings modifications. No 'eval' or obvious obfuscation is present in the provided code.
Similar Servers
awesome-mcp-servers
This repository serves as a curated list of Model Context Protocol (MCP) servers, frameworks, and utilities, providing a comprehensive directory for developers and AI practitioners.
mcp-server
This plugin implements a Model Context Protocol (MCP) server for WordPress, exposing WordPress's data and functionality through its REST API to AI clients.
mcp-ai-wpoos
Provides a stable API and server framework for integrating AI models and tools into WordPress, enabling advanced AI assistant capabilities and workflow automation.
wp-mcp-server-demo
A WordPress plugin acting as a configuration layer to create a custom Model Context Protocol (MCP) server, exposing pre-defined abilities from the WP Abilities API Demo plugin for AI integration.