{"id":327222,"date":"2026-06-19T17:32:48","date_gmt":"2026-06-19T17:32:48","guid":{"rendered":"https:\/\/wordpress.org\/plugins\/invizo-mcp\/"},"modified":"2026-06-19T17:32:28","modified_gmt":"2026-06-19T17:32:28","slug":"invizo-mcp","status":"publish","type":"plugin","link":"https:\/\/wordpress.org\/plugins\/invizo-mcp\/","author":20952925,"comment_status":"closed","ping_status":"closed","template":"","meta":{"version":"2.0.3","stable_tag":"2.0.3","tested":"7.0","requires":"6.9","requires_php":"7.4","requires_plugins":null,"header_name":"Invizo MCP","header_author":"Invizo","header_description":"A standalone MCP server for safely managing WordPress and supported plugins.","assets_banners_color":"","last_updated":"2026-06-19 17:32:28","external_support_url":"","external_repository_url":"","donate_link":"https:\/\/invizo.io\/","header_plugin_uri":"https:\/\/wordpress.org\/plugins\/invizo-mcp\/","header_author_uri":"https:\/\/invizo.io","rating":0,"author_block_rating":0,"active_installs":0,"downloads":37,"num_ratings":0,"support_threads":0,"support_threads_resolved":0,"author_block_count":0,"sections":["description","installation","faq","changelog"],"tags":{"2.0.3":{"tag":"2.0.3","author":"invizo","date":"2026-06-19 17:32:28"}},"upgrade_notice":{"2.0.3":"

Resolves WordPress.org review finding for dynamic option keys in site settings handlers.<\/p>","2.0.2":"

Hardens WooCommerce customer updates, scopes admin notices, and resolves WordPress.org review findings for asset loading and bundled dependencies.<\/p>","2.0.1":"

Adds WordPress.org release metadata, uninstall controls, dependency notices, and submission-related security hardening.<\/p>","2.0.0":"

Invizo MCP is now standalone. Reconnect AI clients using a WordPress Application Password and the new \/wp-json\/mcp\/invizo<\/code> endpoint.<\/p>"},"ratings":[],"assets_icons":[],"assets_banners":[],"assets_blueprints":{},"all_blocks":[],"tagged_versions":["2.0.3"],"block_files":[],"assets_screenshots":[],"screenshots":[]},"plugin_section":[],"plugin_tags":[261799,4932,242115,286,41933],"plugin_category":[45],"plugin_contributors":[246497],"plugin_business_model":[],"class_list":["post-327222","plugin","type-plugin","status-publish","hentry","plugin_tags-ai-automation","plugin_tags-developer-tools","plugin_tags-mcp","plugin_tags-woocommerce","plugin_tags-wordpress-management","plugin_category-ecommerce","plugin_contributors-invizo","plugin_committers-invizo"],"banners":[],"icons":{"svg":false,"icon":"https:\/\/s.w.org\/plugins\/geopattern-icon\/invizo-mcp.svg","icon_2x":false,"generated":true},"screenshots":[],"raw_content":"\n

Invizo MCP turns your WordPress site into a standalone Model Context Protocol server. It lets approved AI clients work with site content and supported plugins through a native endpoint hosted by WordPress:<\/p>\n\n

https:\/\/example.com\/wp-json\/mcp\/invizo\n<\/code><\/pre>\n\n
No Invizo-hosted MCP backend, account, subscription, or license key is required. The plugin bundles the official WordPress MCP Adapter and PHP MCP Schema packages and exposes Invizo's action library through the WordPress Abilities API.<\/p>\n\n
The MCP server exposes three compact protocol tools:<\/p>\n\n
    \n
  • discover-abilities<\/code><\/li>\n
  • get-ability-info<\/code><\/li>\n
  • execute-ability<\/code><\/li>\n<\/ul>\n\n
    These tools discover and execute 143 scoped Invizo abilities without flooding AI clients with 143 top-level MCP tools.<\/p>\n\n
    Highlights<\/h4>\n\n
      \n
    • Direct MCP endpoint hosted by WordPress.<\/li>\n
    • WordPress Application Password authentication.<\/li>\n
    • Administrator-only transport and action execution.<\/li>\n
    • Granular read, write, and delete scopes.<\/li>\n
    • Dry-run and confirmation safeguards for supported risky operations.<\/li>\n
    • Copy-ready connection settings for Claude Code, Claude Desktop, Codex, Cursor, and Antigravity.<\/li>\n
    • Dependency-aware controls for WooCommerce, Elementor, Rank Math SEO, LearnPress, and The Events Calendar.<\/li>\n
    • No telemetry, tracking, Invizo cloud account, or automatic connection to Invizo servers.<\/li>\n<\/ul>\n\n
      What can agents manage?<\/h4>\n\n
        \n
      • WordPress content:<\/strong> posts, pages, media, categories, tags, comments, revisions, reusable blocks, templates, global styles, menus, and content search.<\/li>\n
      • Site administration:<\/strong> users, selected safe site settings, post types, taxonomies, statuses, plugins, and themes.<\/li>\n
      • Custom content:<\/strong> custom post type definitions, custom post type items, post metadata, and MCP-managed post meta definitions.<\/li>\n
      • Page builders and SEO:<\/strong> Gutenberg content, Elementor page data, and Rank Math SEO metadata.<\/li>\n
      • WooCommerce:<\/strong> products, variations, orders, notes, coupons, customers, and product terms.<\/li>\n
      • LearnPress:<\/strong> courses, lessons, quizzes, questions, orders, terms, enrollments, and builder workflows.<\/li>\n
      • The Events Calendar:<\/strong> events, venues, and organizers.<\/li>\n<\/ul>\n\n
        Who is this for?<\/h4>\n\n
        Invizo MCP is intended for administrators, developers, agencies, and site maintainers who want an AI coding or automation client to work with a WordPress site through a documented, scoped protocol.<\/p>\n\n
        Because enabled write and delete scopes can modify important site data, use the plugin only with trusted clients and dedicated Application Passwords. Test destructive workflows on a staging site first.<\/p>\n\n
        Authentication<\/h4>\n\n
        Invizo MCP uses WordPress Application Passwords and WordPress REST authentication.<\/p>\n\n
        Only authenticated users with the manage_options<\/code> capability can access the MCP transport or execute Invizo abilities. In a standard WordPress installation this means administrators only.<\/p>\n\n
        Create a dedicated Application Password from Settings > Invizo MCP<\/strong> for every AI client or computer. Passwords can be revoked individually from the same screen.<\/p>\n\n
        Application Passwords normally require HTTPS. Local HTTP sites can enable them by setting:<\/p>\n\n
        define( 'WP_ENVIRONMENT_TYPE', 'local' );\n<\/code><\/pre>\n\n
        Security plugins can disable Application Passwords. Invizo reports this condition on its settings screen.<\/p>\n\n
        Scopes and safeguards<\/h4>\n\n
        Administrators choose exactly which read, write, and delete scopes are enabled. Abilities outside enabled scopes are hidden from MCP discovery and rejected during execution.<\/p>\n\n
        Optional integration scopes are unavailable unless their required plugin is active.<\/p>\n\n
        Existing handler safeguards remain in place, including:<\/p>\n\n
          \n
        • WordPress sanitization and validation.<\/li>\n
        • Plugin availability checks.<\/li>\n
        • Scope checks inside action handlers.<\/li>\n
        • Dry-run previews for supported risky operations.<\/li>\n
        • Explicit confirm: true<\/code> requirements for supported destructive operations.<\/li>\n
        • Reserved metadata protection and safe site-setting allow lists.<\/li>\n<\/ul>\n\n
          Data stored by the plugin<\/h4>\n\n
          Invizo MCP stores:<\/p>\n\n
            \n
          • Endpoint enabled\/disabled status and selected scopes in the invizo_mcp_settings<\/code> option.<\/li>\n
          • MCP-managed custom post type definitions in the invizo_mcp_registered_cpts<\/code> option.<\/li>\n
          • MCP-managed post meta definitions in the invizo_mcp_registered_meta_fields<\/code> option.<\/li>\n
          • A plugin version option used for upgrades.<\/li>\n<\/ul>\n\n
            Application Passwords are created and stored by WordPress in user metadata. Invizo tags only the credentials it creates so they can be listed and revoked from the settings page.<\/p>\n\n
            Invizo MCP does not collect analytics or send usage information to Invizo.<\/p>\n\n
            Client Configuration<\/h3>\n\n
            The settings page generates current, copy-ready values using your site endpoint and WordPress username.<\/p>\n\n
            Claude Code<\/h4>\n\n
            The primary setup uses @automattic\/mcp-wordpress-remote<\/code> through npx<\/code>, with the endpoint, username, and Application Password stored as environment variables.<\/p>\n\n
            A direct HTTP .mcp.json<\/code> alternative is also shown for clients that support authenticated HTTP MCP servers.<\/p>\n\n
            Claude Desktop<\/h4>\n\n
            Add the generated JSON to:<\/p>\n\n
              \n
            • macOS: ~\/Library\/Application Support\/Claude\/claude_desktop_config.json<\/code><\/li>\n
            • Windows: %APPDATA%\\Claude\\claude_desktop_config.json<\/code><\/li>\n<\/ul>\n\n
              Codex<\/h4>\n\n
              Add the generated TOML to:<\/p>\n\n
                \n
              • Project: .codex\/config.toml<\/code><\/li>\n
              • Global: ~\/.codex\/config.toml<\/code><\/li>\n<\/ul>\n\n
                Both npx<\/code> bridge and direct authenticated HTTP examples are provided.<\/p>\n\n
                Cursor<\/h4>\n\n
                Add the generated JSON to:<\/p>\n\n
                  \n
                • Project: .cursor\/mcp.json<\/code><\/li>\n
                • Global: ~\/.cursor\/mcp.json<\/code><\/li>\n<\/ul>\n\n
                  Antigravity<\/h4>\n\n
                  Add the generated JSON to:<\/p>\n\n
                    \n
                  • macOS\/Linux: ~\/.gemini\/antigravity\/mcp_config.json<\/code><\/li>\n
                  • Windows: %USERPROFILE%\\.gemini\\antigravity\\mcp_config.json<\/code><\/li>\n<\/ul>\n\n
                    Local HTTPS<\/h4>\n\n
                    Trust your local certificate whenever possible. For local development only, bridge configurations may use NODE_TLS_REJECT_UNAUTHORIZED=0<\/code> when the certificate cannot be trusted normally.<\/p>\n\n
                    Never commit Application Passwords to source control or paste them into prompts, tickets, screenshots, or chat messages.<\/p>\n\n
                    Privacy and Security<\/h3>\n\n
                    The MCP endpoint is disabled by default on new installations. Enabling it does not expose abilities until scopes are selected.<\/p>\n\n
                    The endpoint requires:<\/p>\n\n
                      \n
                    • Valid WordPress Application Password authentication.<\/li>\n
                    • A WordPress user with the manage_options<\/code> capability.<\/li>\n
                    • An enabled Invizo scope for the requested ability.<\/li>\n<\/ul>\n\n
                      Use one dedicated Application Password per client or device so individual connections can be revoked without changing the WordPress account password.<\/p>\n\n
                      When the plugin is uninstalled, Invizo-created Application Passwords are always revoked. Plugin settings and MCP-managed definitions are removed only when Delete Invizo settings and MCP-managed CPT\/meta definitions when the plugin is uninstalled<\/strong> is enabled. Existing posts and post meta values are never deleted by the uninstaller.<\/p>\n\n
                      Reporting security issues<\/h4>\n\n
                      Please report security issues privately through the contact information on https:\/\/invizo.io\/. Do not publish sensitive vulnerability details in a public support topic before a fix is available.<\/p>\n\n
                      Upgrade from 1.x<\/h3>\n\n
                      Version 2.0 automatically removes the stored external MCP Server URL and shared secret.<\/p>\n\n
                      It preserves:<\/p>\n\n
                        \n
                      • Enabled scopes.<\/li>\n
                      • MCP-managed custom post type definitions.<\/li>\n
                      • MCP-managed post meta definitions.<\/li>\n
                      • WordPress content and integration data.<\/li>\n<\/ul>\n\n
                        Sites that previously had a shared secret configured are migrated with the standalone endpoint enabled. Other installations remain disabled until an administrator explicitly enables the endpoint.<\/p>\n\n
                        The legacy signed endpoint \/wp-json\/invizo\/v1\/execute<\/code> and its HMAC headers have been removed.<\/p>\n\n
                        External Services<\/h3>\n\n
                        Invizo MCP does not contact an Invizo-hosted service.<\/p>\n\n
                        MCP clients may use the third-party npm package @automattic\/mcp-wordpress-remote<\/code> as a local bridge when configured by the administrator. The package is downloaded from the npm registry and runs on the computer hosting the AI client, not inside WordPress.<\/p>\n\n
                        When the bridge is used, it sends the configured WordPress endpoint, username, Application Password, and MCP request data directly to the administrator's WordPress site. It does not send those credentials to Invizo.<\/p>\n\n
                          \n
                        • Package: https:\/\/www.npmjs.com\/package\/@automattic\/mcp-wordpress-remote<\/li>\n
                        • Source: https:\/\/github.com\/Automattic\/mcp-wordpress-remote<\/li>\n
                        • npm Terms of Use: https:\/\/docs.npmjs.com\/policies\/terms<\/li>\n
                        • npm Privacy Notice: https:\/\/docs.npmjs.com\/policies\/privacy<\/li>\n<\/ul>\n\n
                          Media upload actions can fetch a public file URL explicitly supplied by an authenticated MCP caller through WordPress media sideloading. In that case, the remote file host receives a normal HTTP request from the WordPress site. The service and data destination depend entirely on the URL supplied by the administrator's MCP client.<\/p>\n\n
                          No external request is made merely by installing or activating Invizo MCP.<\/p>\n\n
                          Build and Source Files<\/h3>\n\n
                          The distributed plugin contains the human-readable PHP source used at runtime.<\/p>\n\n
                          PHP dependencies<\/h4>\n\n
                          Composer dependencies are included under vendor\/<\/code> because they are required for the standalone MCP endpoint:<\/p>\n\n
                            \n
                          • automattic\/jetpack-autoloader<\/code><\/li>\n
                          • wordpress\/mcp-adapter<\/code><\/li>\n
                          • wordpress\/php-mcp-schema<\/code><\/li>\n<\/ul>\n\n
                            All bundled packages use the GPL-2.0-or-later license. Package source, Composer metadata, and individual license files are included. See third-party-notices.txt<\/code>.<\/p>\n\n
                            Rebuilding dependencies<\/h4>\n\n
                            From the plugin directory:<\/p>\n\n
                            composer install --no-dev --optimize-autoloader\n<\/code><\/pre>\n\n
                            Create the WordPress.org submission ZIP from the parent plugins directory while excluding Git metadata, operating-system files, logs, and Node dependencies.<\/p>\n\n\n
                              \n
                            1. Install the Invizo MCP release ZIP, including its bundled vendor<\/code> directory.<\/li>\n
                            2. Activate the plugin on WordPress 6.9 or newer.<\/li>\n
                            3. Open Settings > Invizo MCP<\/strong>.<\/li>\n
                            4. Enable the MCP endpoint.<\/li>\n
                            5. Select only the scopes your agent needs.<\/li>\n
                            6. Create an Application Password.<\/li>\n
                            7. Choose Claude, Codex, Cursor, or Antigravity and copy the generated configuration.<\/li>\n
                            8. Restart or reload the AI client.<\/li>\n
                            9. Verify the connection by listing the server tools and running discover-abilities<\/code>.<\/li>\n<\/ol>\n\n
                              Do not install a source-only archive that omits Composer dependencies.<\/p>\n\n
                              Minimum requirements<\/h4>\n\n
                                \n
                              • WordPress 6.9 or newer.<\/li>\n
                              • PHP 7.4 or newer.<\/li>\n
                              • HTTPS for normal Application Password support. WordPress local environments may use HTTP when WP_ENVIRONMENT_TYPE<\/code> is set to local<\/code>.<\/li>\n
                              • An MCP client that supports remote HTTP MCP or a compatible local STDIO bridge.<\/li>\n<\/ul>\n\n\n
                                \n
                                Does Invizo contact api.mcp.invizo.io?<\/h3><\/dt>\n
                                No. Version 2.0 does not require or contact an Invizo backend.<\/p><\/dd>\n
                                Is WordPress itself the MCP server?<\/h3><\/dt>\n
                                Yes. WordPress serves MCP JSON-RPC requests at \/wp-json\/mcp\/invizo<\/code>.<\/p><\/dd>\n
                                Why do some clients still use npx?<\/h3><\/dt>\n
                                Some desktop clients communicate with local STDIO MCP processes more reliably than remote authenticated HTTP endpoints. @automattic\/mcp-wordpress-remote<\/code> is a local transport bridge; it is not an Invizo-hosted server.<\/p><\/dd>\n
                                Can editors connect?<\/h3><\/dt>\n
                                No. Invizo requires manage_options<\/code> at the MCP transport and ability layers.<\/p><\/dd>\n
                                What happens when the endpoint is disabled?<\/h3><\/dt>\n
                                The Invizo MCP route is not initialized. Existing Application Passwords remain valid WordPress credentials until revoked, but they cannot access an inactive Invizo endpoint.<\/p><\/dd>\n
                                Why is an integration scope disabled?<\/h3><\/dt>\n
                                WooCommerce, Elementor, Rank Math SEO, LearnPress, and The Events Calendar scopes require the corresponding plugin to be active.<\/p><\/dd>\n\n<\/dl>\n\n\n
                                2.0.3<\/h4>\n\n
                                  \n
                                • Replaced dynamic option keys in site settings handlers with explicit WordPress core option references to satisfy plugin review requirements.<\/li>\n<\/ul>\n\n
                                  2.0.2<\/h4>\n\n
                                    \n
                                  • Enqueued settings-page CSS and JavaScript through the WordPress asset APIs.<\/li>\n
                                  • Limited dependency notices to the Plugins and Invizo MCP settings screens.<\/li>\n
                                  • Restricted WooCommerce customer address updates to an explicit field and setter allowlist.<\/li>\n
                                  • Updated the bundled Jetpack Autoloader dependency.<\/li>\n<\/ul>\n\n
                                    2.0.1<\/h4>\n\n
                                      \n
                                    • Prepared the standalone release for WordPress.org review and distribution.<\/li>\n
                                    • Added GPL license and third-party dependency notices.<\/li>\n
                                    • Added optional uninstall cleanup and automatic revocation of Invizo-created Application Passwords.<\/li>\n
                                    • Added privacy, data storage, security reporting, source, build, and external-service documentation.<\/li>\n
                                    • Fixed prepared SQL handling for LearnPress enrollment queries.<\/li>\n
                                    • Improved local HTTPS connection snippets for .test<\/code>, .local<\/code>, and WordPress local environments.<\/li>\n
                                    • Removed manual translation loading because WordPress.org loads translations automatically.<\/li>\n<\/ul>\n\n
                                      2.0.0<\/h4>\n\n
                                        \n
                                      • Converted Invizo into a standalone MCP server hosted by WordPress.<\/li>\n
                                      • Bundled the official WordPress MCP Adapter, PHP MCP Schema, and Jetpack package autoloader.<\/li>\n
                                      • Added \/wp-json\/mcp\/invizo<\/code>.<\/li>\n
                                      • Exposed all 143 existing actions as scoped WordPress abilities through compact discovery, information, and execution tools.<\/li>\n
                                      • Replaced shared-secret HMAC authentication with administrator-only WordPress Application Passwords.<\/li>\n
                                      • Added endpoint enable\/disable control and Application Password creation and revocation.<\/li>\n
                                      • Added generated setup instructions for Claude Code, Claude Desktop, Codex, Cursor, and Antigravity.<\/li>\n
                                      • Removed the external Invizo dashboard, handshake, server URL, shared secret, and legacy signed execution endpoint.<\/li>\n
                                      • Added automatic 1.x settings migration while preserving scopes and managed definitions.<\/li>\n<\/ul>","raw_excerpt":"Connect Claude, Codex, Cursor, and other MCP clients directly to WordPress with administrator authentication and granular scopes.","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin\/327222","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin"}],"about":[{"href":"https:\/\/wordpress.org\/plugins\/wp-json\/wp\/v2\/types\/plugin"}],"replies":[{"embeddable":true,"href":"https:\/\/wordpress.org\/plugins\/wp-json\/wp\/v2\/comments?post=327222"}],"author":[{"embeddable":true,"href":"https:\/\/wordpress.org\/plugins\/wp-json\/wporg\/v1\/users\/invizo"}],"wp:attachment":[{"href":"https:\/\/wordpress.org\/plugins\/wp-json\/wp\/v2\/media?parent=327222"}],"wp:term":[{"taxonomy":"plugin_section","embeddable":true,"href":"https:\/\/wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_section?post=327222"},{"taxonomy":"plugin_tags","embeddable":true,"href":"https:\/\/wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_tags?post=327222"},{"taxonomy":"plugin_category","embeddable":true,"href":"https:\/\/wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_category?post=327222"},{"taxonomy":"plugin_contributors","embeddable":true,"href":"https:\/\/wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_contributors?post=327222"},{"taxonomy":"plugin_business_model","embeddable":true,"href":"https:\/\/wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_business_model?post=327222"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}