MCP Directory

How to add WordPress MCP to Claude Desktop

Automattic's archived plugin exposing WordPress posts, users and WooCommerce to MCP clients; superseded by mcp-adapter. Paste the config into ~/Library/Application Support/Claude/claude_desktop_config.json and restart Claude Desktop.

Last updated June 14, 2026 ยท 927โ˜… ยท stdio ยท apikey ยท official

Claude Desktop config for WordPress MCP

npx -y @automattic/mcp-wordpress-remote@latest
{
  "mcpServers": {
    "wordpress-mcp": {
      "command": "npx",
      "args": [
        "-y",
        "@automattic/mcp-wordpress-remote@latest"
      ],
      "env": {
        "WP_API_URL": "https://your-site.com/",
        "JWT_TOKEN": "<your-jwt-token>"
      }
    }
  }
}

Setup steps

  1. 1Open Claude Desktop โ†’ Settings โ†’ Developer โ†’ Edit Config (this opens ~/Library/Application Support/Claude/claude_desktop_config.json).
  2. 2Paste the WordPress MCP config below under the top-level "mcpServers" key.
  3. 3Fill in any placeholder secrets (API keys, paths) in the snippet.
  4. 4Save the file, then fully quit and reopen Claude Desktop.
  5. 5Open a chat and confirm WordPress MCP's tools appear under the ๐Ÿ”Œ tools menu.

Before you start

  • A WordPress site with the wordpress-mcp plugin installed and activated (zip from GitHub releases)
  • A JWT token from Settings โ†’ WordPress MCP โ†’ Authentication Tokens (or a WordPress application password)
  • Node.js for the npx proxy path

What WordPress MCP can do in Claude Desktop

wp_posts_search

Search and filter WordPress posts with pagination

wp_get_post

Get a post by ID

wp_add_post

Create a new post

wp_update_post

Update a post by ID

wp_delete_post

Delete a post by ID

wp_users_search

Search and filter users with pagination

wp_get_user

Get a user by ID

wp_add_user

Create a new user

Security

Archived project: no further features or security fixes โ€” Automattic directs new work to WordPress/mcp-adapter, so treat this as legacy. Auth is scoped sensibly: JWT tokens expire in 1โ€“24 hours and inherit the WordPress user's capabilities, and create/update/delete tools are individually toggleable in settings (the README warns to keep delete off unless you trust every MCP user).

WordPress MCP + Claude Desktop FAQ

Where is the Claude Desktop config file?

Claude Desktop reads MCP servers from ~/Library/Application Support/Claude/claude_desktop_config.json. Paste the WordPress MCP config there under the "mcpServers" key and restart the client.

Is WordPress MCP safe to use with Claude Desktop?

Archived project: no further features or security fixes โ€” Automattic directs new work to WordPress/mcp-adapter, so treat this as legacy. Auth is scoped sensibly: JWT tokens expire in 1โ€“24 hours and inherit the WordPress user's capabilities, and create/update/delete tools are individually toggleable in settings (the README warns to keep delete off unless you trust every MCP user).

Should I still use wordpress-mcp in 2026?

Only if you already run it. The repo is archived and Automattic explicitly recommends WordPress/mcp-adapter, which builds on the Abilities API shipping in WordPress Core 6.9. Existing installs keep working, but no fixes are coming.

Is it safe to expose my WordPress site through MCP this way?

The design is reasonably careful: JWTs expire in 1โ€“24 hours, every action inherits the token user's capabilities, and destructive tools can be disabled per-operation (delete is the one to leave off). The real risk is the archived status โ€” no future security patches โ€” so weigh that for production sites.

Do I need the proxy, or can my client connect directly?

Both work. Clients with streamable HTTP support (like VS Code) can hit /wp-json/wp/v2/wpmcp/streamable directly with a Bearer JWT; stdio-only clients use the npx @automattic/mcp-wordpress-remote proxy, which also adds WooCommerce support and application-password auth.

View repo Full WordPress MCP page