Title: WEBO MCP Author: phuongwebo Published: 24 de abril de 2026 Last modified: 12 de mayo de 2026 --- Search plugins ![](https://ps.w.org/webo-mcp/assets/icon-128x128.png?rev=3514777) # WEBO MCP By [phuongwebo](https://profiles.wordpress.org/phuongwebo/) [Download](https://downloads.wordpress.org/plugin/webo-mcp.2.1.13.zip) * [Details](https://es-pr.wordpress.org/plugins/webo-mcp/#description) * [Reviews](https://es-pr.wordpress.org/plugins/webo-mcp/#reviews) * [Installation](https://es-pr.wordpress.org/plugins/webo-mcp/#installation) * [Development](https://es-pr.wordpress.org/plugins/webo-mcp/#developers) [Support](https://wordpress.org/support/plugin/webo-mcp/) ## Description WEBO MCP is a standalone MCP gateway for WordPress. It lets compatible clients call well-defined tools over REST using JSON-RPC, instead of scraping the admin or sharing broad credentials beyond what you intend. **What you get** * **Token-optimized unified tools:** every domain exposes two abilities — `*-query`( all reads) and `*-mutate` (all writes) — with a single `action` discriminator.` tools/list` payload is up to 70% smaller than per-operation APIs, which means less of the model’s context window is consumed by tool schemas, lower cost per session, and fewer hallucinated tool names. * Primary router endpoint: `POST /wp-json/mcp/v1/router` * Standard MCP-style flow: `initialize` `tools/list` `tools/call` * Session lifecycle for clients (pass `session_id` or `Mcp-Session-Id` after `initialize`) * Built-in tool registry for common WordPress operations (posts, media, terms, menus, options, and more) * Bundled Abilities API + MCP Adapter integration, with automatic bridging from registered abilities to MCP tools (configurable) * Public tool policy controls (category filters and optional allowlists) plus optional internal tool exposure for private environments * Bounded MCP audit log, optional per-user/role/client tool allowlists, and a read- only administrator health/status tool **Security model (high level)** * MCP access requires a real WordPress user context: Application Password over HTTP Basic, or an existing logged-in session. * Optional site-wide or per-user API key and HMAC can be enabled in Settings as an additional gate (they do not replace WordPress authentication). * Default access expectations for the router and `GET /wp-json/webo-mcp/v1/tools`: users who are super admins, can `manage_options`, or can `edit_posts`, consistent with typical site operator and editor workflows (filterable). **Client guidance** Always discover tools before calling them: run `tools/list`, pick an exact tool name from the response, validate required arguments, then call `tools/call`. This reduces mistakes and keeps automation predictable in production. **Further documentation and optional integrations** * Project documentation and ecosystem notes: https://webomcp.com * Optional n8n community node (separate package): https://www.npmjs.com/package/ n8n-nodes-webo-mcp * Release notes and migration map: see docs/RELEASE_NOTES_2.1.0.md and docs/MIGRATION_GUIDE_2.1.0. md in the GitHub repository * Cross-addon dispatcher map (granular legacy names removed from discovery): docs/ MCP_TOOL_MIGRATION.md Compatibility note: any MCP-capable client can be used; which large language model runs inside the client is outside this plugin. Standalone core tools included: – Site info – Content (posts/pages): `webo/content- query` (list, get, find-by-url, search-replace, list-revisions, get-revision) and` webo/content-mutate` (create, update, delete, bulk-update-status, restore-revision)– Users: list – Media: `webo/media-query` (list, get) and `webo/media-mutate` (upload, update, delete) – Comments: `webo/comment-query` (list, get) and `webo/comment-mutate`( update, delete) – Taxonomy/Terms: `webo/taxonomy-query` (discover, list, get) and` webo/taxonomy-mutate` (create, update, delete) – Nav menus: list menus, list menu items (menu_order, db_id), add menu link from post (explicit post_id + menu_order required) – Plugins: `webo/plugin-query` (installed, active, updates, …) and `webo/ plugin-mutate` (install, activate, deactivate; supports child-site `site_id` / ` blog_id` activation for network admins) – Health: `webo/health-status` (REST/router status, Application Password support, permalinks, cron, object cache, plugin update summary, WordPress/PHP versions, and redacted MCP config) – Themes: `webo/theme- query`, `webo/theme-mutate` – Menus: `webo/menu-query`, `webo/menu-mutate` – Options: get/update (safe allowlist only), set site icon/favicon from media – SEO (WordPress post): seo/article-analysis — requires post_id; merges Rank Math meta when available( same data path as webo-rank-math/get-post-seo-meta); optional related-keyword suggestions via outbound request unless no_autocomplete is true Excluded by default in standalone-safe mode: – Bulk/mass execution tools – Plugin/ theme write-management abilities – Multisite-specific abilities ### Privacy This plugin does not phone home or send telemetry. MCP traffic is initiated by clients you configure. Some tools may perform outbound HTTP requests only when a client invokes them (for example seo/article-analysis may request keyword suggestions from a third-party suggest API unless you pass no_autocomplete). The plugin stores the following options in the WordPress database when configured: –` webo_mcp_api_key`: API key used to authenticate MCP requests. – `webo_mcp_hmac_secret`: HMAC secret used to sign and validate MCP requests. – `webo_mcp_tool_allowlist_enabled` and `webo_mcp_tool_allowlist_rules`: optional administrator-configured MCP tool allowlist policy. – `webo_mcp_audit_log_enabled`, `webo_mcp_audit_log_max_entries`, and `webo_mcp_audit_log`: bounded MCP tool-call audit log settings and compact audit events. Audit entries include user/tool/action/status data, anonymized IPs, and hashed session IDs; they do not store request payloads, API keys, HMAC secrets, or Application Passwords. These options are removed when the plugin is uninstalled via the WordPress Plugins screen. ### External services This plugin can connect to Google Suggest (Autocomplete) when a client calls the` seo/article-analysis` tool and does not set `no_autocomplete` to true. This external request is used to return related keyword suggestions for SEO analysis. Service provider: Google LLC (Google Suggest / Autocomplete API endpoint). Data sent and when: – Sent only when `seo/article-analysis` is called with autocomplete enabled. – Sends the analysis query text to `https://suggestqueries.google.com/complete/ search` as the `q` parameter. – Sends standard HTTP request metadata such as IP address and User-Agent as part of the web request. Terms of Service: https://policies.google.com/terms Privacy Policy: https://policies. google.com/privacy ### Developer Hooks The plugin exposes the following actions and filters for developers: ### Actions * `webo_mcp_register_tools` Fired during plugin bootstrap after standalone tools are registered. Use this to register custom MCP tools from other plugins. ### Filters * `webo_mcp_current_user_can_use_mcp` (bool $allowed, int $user_id) Gate for all MCP REST access. Default: super admin OR `manage_options` OR `edit_posts`. Override to tighten (e.g. super-admin only) in hardened installs. * `webo_mcp_allow_internal_tools` (bool $allow_internal, WP_REST_Request $request) Controls whether internal tools are included in tools/list responses. Defaults to false for public environments. * `webo_mcp_public_categories` (array $categories, WP_REST_Request $request, array $tool) Filters which tool categories are exposed as public. Defaults to array(‘ wordpress’ ). * `webo_mcp_public_tool_allowlist` (array $names, WP_REST_Request $request, array $tool) Optional allowlist of specific tool names that are always considered public. * `webo_mcp_bridge_deny_patterns` (array $patterns) Controls which abilities are excluded when auto-bridging abilities into MCP tools (e.g. bulk, plugins/, themes/, multisite/). * `webo_mcp_auto_bridge_abilities` (bool $enabled) Enables or disables automatic bridging of registered abilities into MCP tools. Defaults to true. * `webo_mcp_enable_adapter` (bool $enabled) Enables or disables the bundled WordPress MCP Adapter runtime. Defaults to true. * `webo_mcp_validate_media_fetch_url` (true|\WP_Error $ok, string $url, array $ parsed) Reject unsafe URLs for webo/media-mutate upload action (return WP_Error to block). * `webo_mcp_tool_allowlist_allowed` (bool $allowed, string $tool_name, WP_REST_Request $request, array $params, array $allowed_tools) Filters the optional per-user/ role/client allowlist decision. ### Credits Special thanks to the authors and open source projects that contributed to this plugin: – WordPress (https://wordpress.org) – Abilities API (https://github.com/ WordPress/abilities-api) Reference: https://make.wordpress.org/ai/2025/07/17/abilities- api/ – MCP Adapter (https://github.com/WordPress/mcp-adapter) Reference: https:// make.wordpress.org/ai/2025/07/17/mcp-adapter/ – Composer (https://getcomposer.org)– Other PHP and JS libraries from the community If you use this plugin, please give credit to the authors of these libraries. ### License This plugin is licensed under the GPLv2 or later. See https://www.gnu.org/licenses/ gpl-2.0.html for details. ## Installation 1. Upload the plugin folder to /wp-content/plugins/webo-mcp 2. Run composer install inside the plugin folder 3. Activate the plugin in WordPress Admin 4. Send JSON-RPC requests to POST /wp-json/mcp/v1/router For release packaging, use scripts/build-release.ps1 to create a clean zip with . distignore exclusions. ## FAQ ### Which endpoint should MCP clients use? POST /wp-json/mcp/v1/router ### Where is the official website and the n8n package? The project hub is https://webomcp.com. For n8n, install the community node from npm: https://www.npmjs.com/package/n8n-nodes-webo-mcp ### Can this run WordPress abilities by itself? Yes. This plugin bundles Abilities API via Composer and auto-bridges registered abilities to MCP tools. You can disable auto-bridge with filter webo_mcp_auto_bridge_abilities set to false. ### How do I migrate from legacy one-operation tool names? Use `tools/list` to discover the dispatcher tool names on your site, then pass the correct `action` (or query/mutate discriminant) for each operation. Use docs/MIGRATION_GUIDE_2.1.0. md for the 2.1.0 rollout narrative and docs/MCP_TOOL_MIGRATION.md for a consolidated addon-by-addon map (Rank Math, Rocket, WooCommerce groups, etc.). ### Can I expose internal tools? Yes, via filter webo_mcp_allow_internal_tools in private environments. ### Can I limit public tools by category? Yes, via filter webo_mcp_public_categories. ### Can I keep only WordPress.org-safe features? Yes. Default bridge rules exclude patterns for bulk, plugins/themes, and multisite abilities. ### Is this plugin suitable for production? Yes, when used with proper authentication, TLS, and a limited tool exposure policy. ### How do I authenticate MCP clients? Use a WordPress **Application Password** (Users Profile Application Passwords) and send it with HTTP Basic Auth (username = WordPress username, password = the application password). You can combine that with the optional **API Key** and ** HMAC** values from Settings WEBO MCP when those fields are set. ## Reviews There are no reviews for this plugin. ## Contributors & Developers “WEBO MCP” is open source software. The following people have contributed to this plugin. Contributors * [ phuongwebo ](https://profiles.wordpress.org/phuongwebo/) [Translate “WEBO MCP” into your language.](https://translate.wordpress.org/projects/wp-plugins/webo-mcp) ### Interested in development? [Browse the code](https://plugins.trac.wordpress.org/browser/webo-mcp/), check out the [SVN repository](https://plugins.svn.wordpress.org/webo-mcp/), or subscribe to the [development log](https://plugins.trac.wordpress.org/log/webo-mcp/) by [RSS](https://plugins.trac.wordpress.org/log/webo-mcp/?limit=100&mode=stop_on_copy&format=rss). ## Changelog #### 2.1.13 * Added `webo/plugin-mutate` for WordPress.org plugin install, activation, and deactivation through the core plugin endpoint. * Added `site_id` / `blog_id` support so network admins can activate or deactivate plugins for one multisite child site from the network MCP endpoint. * Safety: rejects conflicting `site_id` / `blog_id` plus `network_activate` / ` network_wide` requests so child-site activation and network-wide activation stay explicit. #### 2.1.12 * Added a bounded, admin-readable MCP audit log for `tools/call` events with user, tool/action, object ID when available, anonymized IP, hashed session ID, status, and compact result/error summaries. * Added optional per-user, per-role, and per-client/Application Password tool allowlists. Enforcement is disabled by default to preserve existing access until an administrator opts in. * Added read-only administrator tool `webo/health-status` covering REST/router status, Application Password support, permalinks, cron, object cache, plugin update summary, WordPress/PHP versions, and redacted MCP config status. #### 2.1.11 * Security: enforce object-level capabilities for MCP content/media mutations, including `edit_post`, `delete_post`, publish/private status changes, and taxonomy- specific term capabilities. * Security: filter read tools by `read_post` and hide tools from `tools/list` when the authenticated user lacks the tool capability. * Hardening: use WordPress safe HTTP validation for optional Google Suggest requests in `seo/article-analysis`. #### 2.1.10 * Fix: register **`webo/plugin-query`** in `Standalone_Tools` so MCP clients can list plugin updates (`query=updates`, optional `refresh=true`) and other inspection modes. * Bootstrap: prime `WP_Abilities_Registry` at `init:2` so `wp_abilities_api_init` runs before MCP bootstrap (`init:20`), preventing `_doing_it_wrong` when abilities register on `webo_mcp_register_tools`. #### 2.1.9 * Refactor: move built-in MCP tool registration into `inc/bootstrap/class-standalone- tools.php` (smaller bootstrap; same tool names). * Maintainer: broaden `.gitignore` (composer `vendor/bin/`, Cursor local config, scratch files); ship `scripts/` helpers and `docs/WPORG_REVIEW_REPLY_2.0.28.md`; keep `composer.json` production-only. #### 2.1.8 * BOM guard: fix PCRE — use `^(?:\xEF\xBB\xBF)+` so **multiple** UTF-8 BOMs are stripped (the old `^\xEF\xBB\xBF+` only repeated the final `0xBF` byte, breaking responses such as `wp/v2/types` on `webo.vn` for MCP clients). #### 2.1.7 * BOM guard: sanitize **all** REST API requests (`/wp-json/…`, `wp-json.php`, `? rest_route=`) by default (`webo_mcp_rest_bom_guard_json_api_requests` filter to disable). #### 2.1.6 * BOM guard: treat **Abilities API** REST URLs (`wp-abilities/v1`) the same as MCP router URLs — `@automattic/mcp-wordpress-remote` calls discover/execute over` wp-abilities`, which previously skipped the sanitizer. #### 2.1.5 * BOM guard: also start the sanitizer on `plugins_loaded` and `init` at priority`- 999999` when the request URI looks MCP (covers BOM echoed before `rest_api_init`). #### 2.1.4 * BOM guard: start output buffer at `rest_api_init` priority 0 when Request-URI/` rest_route` looks like MCP (catches BOM printed before routing); loop-strip repeated BOM/FEFF; filter `webo_mcp_rest_bom_guard_enabled` to disable. #### 2.1.3 * REST: strip accidental UTF-8 BOM / stray U+FEFF before JSON on MCP routes so clients no longer fail JSON parse with `Unexpected token` (defensive `ob_start` handler on `rest_pre_dispatch`). #### 2.1.2 * Restore the versioned **`skills/`** subtree in the Git repository (guides and ability-specific SKILL.md files referenced from README.md), matching the documented` npx skills add` workflows. * Add **`webo-mcp-ultimo-domain-dns-cf`** skill index entry (Ultimo checking-dns + Cloudflare checklist). * skills/README.md: document **WP Rocket** skill (`cache-query` / `cache-mutate` unified tools). #### 2.1.1 * Documentation: add docs/MCP_TOOL_MIGRATION.md (cross-addon dispatcher map; Rank Math + Rocket public-vs-internal discovery, WooCommerce query/mutate tool names). * Readme (GitHub + WordPress.org): align examples with `webo/content-query`, document` meta.mcp.public` visibility for bridged abilities, link migration doc; sync standalone tool bullets (menus, themes, plugins). #### 2.1.0 * **Token optimization — ecosystem-wide enum-dispatch unification.** All WEBO MCP addons now follow the same query/mutate pattern as the core plugin, replacing one-tool-per-operation APIs with unified abilities that accept an `action` argument: - **webo-mcp-woocommerce:** 27 individual tools 10 unified tools (`webo/woo- query-products`, `webo/woo-mutate-products`, `webo/woo-query-orders`, `webo/ woo-mutate-orders`, `webo/woo-query-customers`, `webo/woo-mutate-customers`,` webo/woo-query-coupons`, `webo/woo-mutate-coupons`, `webo/woo-query-store`,` webo/woo-mutate-store`). - **webo-mcp-rank-math:** 18 individual tools 10 unified `webo-rank-math/*- query`/`*-mutate` abilities; granular abilities may stay MCP-internal (see addon `wp_register_ability_args`). - **webo-mcp-rocket:** 9 individual tools 2 unified tools (`webo-rocket/cache- query`, `webo-rocket/cache-mutate`). * **Impact:** with core and addons active the total tool count visible in `tools/ list` drops from ~79+ to ~34. A smaller tool list means the model picks tools faster, uses less context budget per request, and makes fewer tool-name errors. * **Pattern:** each unified ability requires one `action` string that is dispatched server-side via PHP `match()`. All existing handler logic is preserved — only the registration surface changes. * Updated skills documentation for webo-mcp-ability-woocommerce, webo-mcp-ability- rank-math, webo-mcp-ability-rocket, and webo-mcp-guide. #### 2.0.45 * Refactor: unify media tools into `webo/media-query` (list, get) and `webo/media- mutate` (upload, update, delete); removes 5 legacy media tools. * Refactor: unify taxonomy/term tools into `webo/taxonomy-query` (discover, list, get) and `webo/taxonomy-mutate` (create, update, delete); removes 6 legacy term tools. * Refactor: unify comment tools into `webo/comment-query` (list, get) and `webo/ comment-mutate` (update, delete); removes 4 legacy comment tools. * Refactor: unify post/content tools into `webo/content-query` and `webo/content- mutate`; removes 17 legacy post tools. * Refactor: replace `webo/list-active-plugins` with unified `webo/plugin-query`( list, get, activate, deactivate). * All unified tools normalize the `id` field as the primary response identifier; domain aliases (attachment_id, term_id, comment_id) are kept for backward compatibility. * SEO: improved Unicode word count using Unicode ranges for multilingual content; non-spaced scripts (CJK, Thai) now estimate word count via character-based heuristics. #### 2.0.44 * SEO readability: estimate word count for non-spaced scripts (CJK, Thai, Khmer) via character-based heuristics. #### 2.0.43 * SEO readability: count Unicode title and meta description lengths correctly for non-ASCII characters. #### 2.0.42 * SEO readability: count Unicode words correctly for multilingual content. #### 2.0.41 * Media/site settings: add `webo/set-site-icon` to set the WordPress site icon/ favicon from an existing image attachment. #### 2.0.40 * MCP post tools: add page, offset, orderby, and order support to webo/list-posts responses for reliable batch processing. * SEO analyzer: infer the WordPress post title as the primary H1 when content omits an H1, and include Article JSON-LD from post/Rank Math metadata for more accurate schema checks. #### 2.0.39 * Options: allow safe permalink/category/tag base updates through MCP and flush rewrite rules after URL setting changes. #### 2.0.38 * MCP post tools: preserve safe HTML for post content/excerpt arguments so SEO headings, lists, tables, and images can be authored through create/update calls. #### 2.0.35 * New site-management tools: `webo/list-themes` and `webo/switch-theme` for discovering installed themes and switching the active theme by stylesheet slug. * Readme: release includes the shortened WordPress.org short description, keeping the short description under the 150 character import limit. #### 2.0.34 * Options: allow `webo/update-options` and `webo/get-options` to handle `show_on_front` and `page_on_front`. * Safety: validate `show_on_front` as `posts|page` and ensure `page_on_front` references a valid Page ID (or 0). #### 2.0.33 * Readme: refresh WordPress.org-facing description for clarity; lead with product value and protocol workflow, move ecosystem links to a secondary section. #### 2.0.32 * Fix: avoid WP 6.9 Abilities API incorrect-usage notices by hardening adapter category/ability registration order and late-boot recovery. * Docs: add AGENTS.md workflow guidance and prioritize guide-first structure in README/readme.txt. #### 2.0.31 * Maintenance: version bump. #### 2.0.30 * Maintenance: version bump. #### 2.0.29 * Reliability: harden MCP adapter bootstrap and schema type handling (supports array/nullable type definitions safely). * WP-CLI noise reduction: register core mcp-adapter abilities before bridge wiring and suppress default adapter server bootstrap in CLI mode to avoid false missing- ability errors. * Release notice: users running WEBO MCP Pro should update Pro package compatibility notes from the official docs/release channel before production rollout. #### 2.0.28 * WordPress.org review fixes: added explicit `External services` disclosure for Google Suggest/Autocomplete used by `seo/article-analysis` (service purpose, transmitted query data and request metadata, conditions, Terms and Privacy links). * Compatibility: removed use of `WPINC` for nav-menu API loading; now load nav- menu API via explicit core include paths with availability checks to reduce environment- specific path issues. #### 2.0.27 * Security (WordPress.org guidelines): MCP router no longer maps API keys or HMAC to arbitrary user accounts. All requests require WordPress Application Password( Basic Auth) or an existing logged-in session; optional site API key and HMAC apply only after authentication. * Readme: Contributors includes phuongwebo; clarify authentication in description and FAQ. #### 2.0.26 * New MCP tool seo/article-analysis (category seo, edit_posts): WordPress-only on-page SEO signals for a post via post_id — rendered content, Rank Math merge, readability, issues, content_gaps. Agent documentation: skills/webo-mcp-seo-article/ SKILL.md in the GitHub repo (not bundled in the WordPress.org zip). * Readme: Stable tag sync, privacy note for optional outbound tool requests. #### 2.0.25 * list-posts: document defaults (publish + post type post); response includes applied filters so empty results are easier to explain. Models should pass status draft( etc.) and post_type page when listing those. #### 2.0.24 * Nav menus: list-nav-menu-locations response includes note explaining slug vs label; MCP descriptions tell models to call this tool first to discover theme_location keys. #### 2.0.23 * Nav menus: list-nav-menus response includes menu_id (same as term_id) and clearer MCP tool descriptions so clients list menus without asking users for menu_id first. #### 2.0.22 * Nav menus: if create-nav-menu / create-nav-menu-for-location targets a name that already exists, reuse the existing menu term and continue (reused_existing_menu in JSON). Return a clear error if core nav-menu.php cannot be loaded. Expanded primary fallback slugs (primary-menu, header-menu, mobile). assign-nav-menu-to- location accepts menu_name when menu_id is omitted (assigned_via_menu_name in response). #### 2.0.21 * Nav menus: resolve theme location when slug primary is missing (single registered slot, or common slugs main/header/menu-1/navigation). Load wp-includes/nav-menu. php before wp_create_nav_menu in REST context. Response field theme_location_resolution indicates how the slug was chosen. #### 2.0.20 * Access: MCP router gate allows `manage_options` and `edit_posts` (Editors, site admins on multisite), not only `is_super_admin`; fixes list-nav-menus / tools/ call failing for non-administrator users. Multisite API key/HMAC falls back to first site Administrator if no Super Admin login exists. Error code `webo_mcp_access_denied` replaces misleading super-admin-only message. #### 2.0.15 * Nav menus: list-nav-menus, list-nav-menu-items (db_id, menu_order, object_id, parent_db_id), add-nav-menu-item-from-post with required post_id, post_type, and menu_order (explicit developer values; no auto placement). #### 2.0.14 * Security: MCP JSON-RPC router, SecurityHelper, tools discovery, and internal- tool policy default to network Super Admin on multisite (`is_super_admin`). Single- site installs use WordPress core’s `is_super_admin()` behavior (typically full administrators). Global API key/HMAC elevates to the first Super Admin user on multisite. #### 2.0.7 * Readme: highlight https://webomcp.com and n8n community node https://www.npmjs. com/package/n8n-nodes-webo-mcp; short description and FAQ; README.md aligned. #### 2.0.6 * License: plugin header uses the same wording as readme.txt («GPL v2 or later») to satisfy WordPress.org declared-license checks. #### 2.0.5 * Plugin header: @wordpress-plugin marker for strict scanners; License line uses GPLv2 or later slug (Plugin Handbook). #### 2.0.4 * Plugin header: handbook field order, shorter Description line, License text « GPL v2 or later», Domain Path for translations. #### 2.0.3 * WordPress.org / Plugin Check: include composer.json when vendor is bundled; replace unlink with wp_delete_file for temp uploads; remove load_plugin_textdomain (core loads translations); resolve API key usermeta via get_users instead of direct $wpdb; readme short description, allowed Tags, Stable tag sync. #### 2.0.2 * WordPress.org packaging: release zip excludes dotfiles and all .github trees; readme Tested up to 6.9. #### 2.0.1 * Hardening: HMAC auth passes REST permission layer; SSRF guard for upload-media- from-url; paginated search-replace (max 500 posts per call); sanitized safe option updates; removed duplicate unused settings class. #### 2.0.0 * Plugin renamed to WEBO MCP; folder and main file: webo-mcp/webo-mcp.php. * Text domain, REST namespace webo-mcp/v1, hooks webo_mcp_* (breaking for custom code using old hook names). * Options and API-key usermeta migrate automatically from webo-wordpress-mcp keys on first load. #### 1.1.1 * Added empty input_schema definitions for core/get-user-info and core/get-environment- info. * Fixes MCP tools/call validation errors when invoking these no-input core tools. #### 1.0.2 * Added new read-only tool: webo/list-active-plugins. * Enables MCP clients to verify active plugins with capability check. #### 1.0.1 * Metadata refresh release to ensure dependency headers are reloaded correctly. * tools/list compatibility improvements for include_internal aliases and legacy endpoint support. #### 1.0.0 * Initial stable public release. * MCP JSON-RPC router with initialize, tools/list, tools/call. * Tool registry integration and public visibility policy controls. * Session management and optional API key/HMAC security. ## Meta * Version **2.1.13** * Last updated **19 horas ago** * Active installations **Fewer than 10** * WordPress version ** 6.0 or higher ** * Tested up to **6.9.4** * PHP version ** 7.4 or higher ** * Language * [English (US)](https://wordpress.org/plugins/webo-mcp/) * Tags * [AI](https://es-pr.wordpress.org/plugins/tags/ai/)[api](https://es-pr.wordpress.org/plugins/tags/api/) [automation](https://es-pr.wordpress.org/plugins/tags/automation/)[json rpc](https://es-pr.wordpress.org/plugins/tags/json-rpc/) [mcp](https://es-pr.wordpress.org/plugins/tags/mcp/) * [Advanced View](https://es-pr.wordpress.org/plugins/webo-mcp/advanced/) ## Ratings No reviews have been submitted yet. [Your review](https://wordpress.org/support/plugin/webo-mcp/reviews/#new-post) [See all reviews](https://wordpress.org/support/plugin/webo-mcp/reviews/) ## Contributors * [ phuongwebo ](https://profiles.wordpress.org/phuongwebo/) ## Support Got something to say? Need help? [View support forum](https://wordpress.org/support/plugin/webo-mcp/)