wp-taxonomy-mcp
Verified Safeby Akungapaul
Overview
Manages WordPress categories and tags through a Model Context Protocol (MCP) server.
Installation
node server.jsEnvironment Variables
- WORDPRESS_URL
- WORDPRESS_USERNAME
- WORDPRESS_APP_PASSWORD
Security Notes
The server uses Zod for robust input validation and retrieves sensitive WordPress credentials (URL, username, app password) from environment variables, which are good security practices. No 'eval' or obvious command injection vulnerabilities were found. However, it exposes direct and bulk taxonomy management operations (create, delete, assign) to any client accessing the MCP server. Its overall security posture is highly dependent on the privileges of the configured WordPress user and the network access control and authentication mechanisms guarding the MCP server itself. The underlying SDK includes rate limiting, which helps mitigate some abuse vectors.
Similar Servers
mcp-server
This plugin implements a Model Context Protocol (MCP) server for WordPress, exposing WordPress's data and functionality through its REST API to AI clients.
mcp-for-woocommerce
Connects WordPress and WooCommerce to AI systems via Model Context Protocol, enabling AI agents to query and manage e-commerce data (products, orders, categories, shipping, payments, taxes) and content (posts, pages).
mcp-ai-wpoos
Provides a stable API and server framework for integrating AI models and tools into WordPress, enabling advanced AI assistant capabilities and workflow automation.
wp-mcp-server-demo
A WordPress plugin acting as a configuration layer to create a custom Model Context Protocol (MCP) server, exposing pre-defined abilities from the WP Abilities API Demo plugin for AI integration.