👁 7 views
WordPress AI just became real. Not as a plugin you install or a chatbot you add to your sidebar—as actual infrastructure built into the platform itself. Over the past two weeks, three major integrations landed that position WordPress as the first CMS with standardized AI agent connectivity.
If you work with WordPress sites, build on WordPress, or run an AI assistant like OpenClaw that connects to external services, this matters. Here’s what happened and why it changes things.
Three Integrations in Four Days
The timeline is aggressive:
- February 4, 2026 — WordPress Developer Blog published “From Abilities to AI Agents,” introducing the official MCP Adapter. This bridges WordPress’s Abilities API to the Model Context Protocol, the open standard Anthropic created for connecting AI systems to external tools.
- February 5, 2026 — Automattic launched a Claude Connector for WordPress.com. Connect Claude to your site through OAuth. Query traffic, comments, content, plugin status—conversationally.
- February 19, 2026 — WordPress 7.0 Beta 1 releases with real-time collaboration, Abilities API in core, MCP support, and a new WP AI Client for provider-agnostic AI calls.
Add WooCommerce‘s MCP integration (exposing store operations as MCP tools), and you’ve got an ecosystem forming in weeks.
What Is the MCP Server Architecture?
The MCP Adapter works by translating WordPress “abilities” into Model Context Protocol format. Think of abilities as a menu of things WordPress can do—create posts, update settings, query content—expressed in a machine-readable format that any AI assistant can discover and invoke.
When you install the MCP Adapter plugin, your WordPress site becomes an MCP server. AI tools like Claude Desktop, Cursor, VS Code Copilot, and OpenClaw can then:
- Discover what your site can do (available abilities)
- Read content, configuration, and diagnostics
- Execute actions like creating posts or updating options
This isn’t another AI writing plugin. It’s infrastructure that lets any AI agent talk to WordPress through a standardized protocol.
WordPress AI for Site Owners: What You Can Do
Once connected, you can manage your WordPress site conversationally. Real examples:
“Which posts from last month are missing meta descriptions?”
“Create a draft post titled ‘February Updates’ with our standard template.”
“What plugins are outdated? Which ones have security advisories?”
The Automattic Claude Connector is read-only for now (write access coming later), but the MCP Adapter with proper authentication enables full read-write operations.
The Page Builder Problem
Here’s where it gets interesting—and where opportunity exists.
All current MCP solutions work through the WordPress REST API, which handles core data structures well: Gutenberg blocks, posts, pages, taxonomies. But approximately 40% of WordPress sites use page builders as their primary editor.
Divi, Elementor, WPBakery, Bricks—these store content in proprietary formats. The REST API can’t meaningfully read or write individual page builder modules. You get raw shortcode soup from a Divi page, and writing to it breaks the layout.
Translation: If you’re using Cursor or Claude Code on a client site running Divi, the official MCP tools can manage posts and settings but can’t safely edit a specific button, hero section, or pricing table at the component level.
The good news: DIVI5 launches February 26 with an HTML/blocks architecture that should be AI-compatible. Elementor, Beaver Builder, and others are reportedly building their own AI integrations. The gap is closing—but it’s a gap today.
Security Considerations
Giving AI agents access to your WordPress site raises valid security questions. The WordPress implementation addresses this thoughtfully:
- Permission callbacks — Every ability includes a permission check that enforces WordPress capabilities
- Application passwords — HTTP transport uses WordPress’s application password system, not your actual credentials
- Explicit opt-in — Abilities must be marked as MCP-public to be exposed; nothing happens by default
- Transport-level controls — Granular configuration over what each transport method can access
The attack surface is real but manageable with proper configuration. Don’t expose admin-level abilities to untrusted agents.
What This Means for WordPress Development
For developers, the Abilities API creates a new way to expose plugin functionality. Instead of building separate integrations for each AI platform, you register abilities once and any MCP-compatible client can use them.
// Register a custom ability
register_ability(
'my-plugin/generate-report',
array(
'description' => 'Generate a monthly analytics report',
'callback' => 'my_plugin_generate_report',
'meta' => array( 'mcp' => array( 'public' => true ) ),
)
);That ability is now discoverable by any AI agent connected to the site. No custom API work. No platform-specific integrations.
Timeline and Next Steps
- February 19 — WordPress 7.0 Beta 1 (test the new features)
- February 26 — DIVI5 release (blocks architecture)
- April 9 — WordPress 7.0 final release at WordCamp Asia
If you’re running WordPress sites, the practical advice is simple: install the MCP Adapter on a staging site, configure it with application passwords, and connect your preferred AI assistant. See what’s possible before your competitors do.
WordPress just became AI-native infrastructure. The plugins will follow.
