Easy MCP AI – Claude, ChatGPT & SEO Data Connector

Easy MCP AI is a free WordPress AI connector that turns your site into a remote MCP (Model Context Protocol) server. Once activated, any MCP-compatible AI assistant or AI agent — Claude (Anthropic), ChatGPT (OpenAI), Cursor, Gemini AI, n8n, and more — can read and write content, manage media, users, and settings, and pull SEO and analytics data through 204 ready-to-use tools. No Node.js, no proxy, no extra hosting.

Yes. Easy MCP AI acts as a WordPress MCP adapter — a full MCP server implementing the Model Context Protocol spec (v2025-11-25, with backwards compatibility for v2025-06-18 and v2025-03-26) directly inside WordPress. Your site exposes a single MCP endpoint at /wp-json/easy-mcp-ai/v1/mcp that any MCP client can connect to over HTTPS.

MCP is an open standard created by Anthropic that lets AI assistants and AI agents securely connect to external tools and data sources. It's quickly becoming the universal protocol for AI-to-app communication, supported by Anthropic, OpenAI, Google, and dozens of other platforms. Learn more at modelcontextprotocol.io.

Most WordPress AI plugins embed a single AI provider (OpenAI, Claude, etc.) inside the wp-admin and bill you for usage. Easy MCP AI does the opposite — it makes your WordPress site an agent-ready backend that any AI assistant can connect to over MCP. You bring your own AI client, you bring your own model, and the plugin focuses on giving that AI safe, scoped access to your site: 214 tools, OAuth 2.0/2.1 one-click connect, per-token permissions, and a full audit trail.

Yes. This WordPress MCP plugin is free and open source on the WordPress.org plugin directory. There are no paid tiers, no usage limits, and no telemetry. Optional external integrations (Semrush, DataForSEO, Google Analytics, Search Console) use your own third-party accounts — Easy MCP AI never bills you for API usage.

After activation, go to Easy MCP AI → Dashboard and copy your MCP server URL. Then:

• Claude Desktop / Claude.ai / Claude Code (by Anthropic) — Settings → Connectors → Add custom connector, paste the URL, approve the OAuth consent screen. One click, no token.
• ChatGPT (OpenAI) — add as an MCP server using the same URL.
• Cursor / Windsurf / Cline / Roo Code — add MCP server in the client's settings using the URL.
• Gemini AI (Gemini CLI / Google Antigravity) — register the MCP endpoint in the client config.
• n8n — use the MCP node and point it at the URL plus a Bearer token created under Easy MCP AI → API Tokens.

Yes. Easy MCP AI ships with first-party WooCommerce AI tool sets: WooCommerce (46 tools — products, orders, customers, coupons, reports, shipping, webhooks), Advanced Custom Fields (ACF) (6 tools to get and update ACF fields and ACF field groups on posts, users, and terms), The Events Calendar (10 tools), BuddyPress (10 tools), Yoast SEO, Rank Math, and All in One SEO (AIOSEO). Each integration only loads if the underlying plugin is active, and each tool group can be toggled individually under Easy MCP AI → Plugin Integrations.

Yes. Once connected, your AI acts as a writing assistant for WordPress — drafting posts, editing existing content, updating meta descriptions for SEO, and publishing — all from a single conversation. It works with Claude, ChatGPT, Gemini AI, or any other AI tool that supports MCP.

Go to Easy MCP AI → External Data. Each service has its own section:

• Semrush — paste your API key, click Test, then toggle the 13 keyword research and SEO tools you want enabled.
• DataForSEO — enter your account login + API password, click Test, then enable the 8 DFS tools including on-page SEO audits and SERP tools.
• Google Analytics 4 — upload a Google Cloud service-account JSON, set the default GA4 property id.
• Google Search Console — upload a service-account JSON, set the default site URL.

No. Easy MCP AI does not call any AI provider. The flow is the opposite: your AI assistant (Claude by Anthropic, ChatGPT by OpenAI, etc.) calls your WordPress site, and the plugin executes whatever tool the AI requested. Your content only leaves your server in the response that goes back to the AI client you connected — never to a third party you didn't choose. Outbound connections to Semrush / DataForSEO / Google APIs only happen if you explicitly configure those credentials, and they only receive the per-call parameters (keywords, target URLs, date ranges) — not your post content.

Two options, both production-grade:

1. OAuth 2.0/2.1 one-click connect (recommended) — open your AI client, paste your MCP URL, sign in to WordPress, approve the consent screen. Done.
2. Manual Bearer token — create a token under Easy MCP AI → API Tokens, paste it into your AI client.

Skip the copy-paste. In a supported client like Claude Desktop or Cursor, paste your MCP URL, sign in to WordPress, tick the permission categories (Read / Write per content type, GA4, Google Search Console, Semrush, etc.) on the consent screen, and click Approve. The client receives a short-lived access token plus a rotating refresh token, and you can revoke it anytime from the admin. Under the hood the plugin implements the full OAuth 2.1 spec: PKCE (S256), RFC 7591 Dynamic Client Registration, refresh-token reuse detection (RFC 9700), RFC 8707 audience binding, RFC 8414 and RFC 9728 discovery endpoints, and RFC 7009 revocation. No AI client ever sees your WordPress password.

No configuration required — OAuth 2.0/2.1 endpoints are live as soon as the plugin is activated. You can manage registered clients and revoke per-user grants under Easy MCP AI → API Token & OAuth → OAuth tab. Bearer tokens continue to work alongside OAuth for power users and automation.

Yes, fully. Each token has its own permission set — you choose exactly which of the 214 tools it can call. Create a read-only token for a summarization AI, a content-only token for your AI writing assistant, and a full-access token for your trusted automation workflows.

Permissions are enforced at the WordPress capability level, not per-post. Easy MCP AI runs every tool call as the WordPress user the token is bound to, so the AI inherits exactly that user's edit_posts / edit_others_posts / publish_posts caps. If you want an AI restricted to, say, drafts only, create a dedicated low-privilege WordPress user (Contributor or Author) and bind the token to that user. Additionally, the Force Draft setting under Settings forces every create operation to draft status regardless of the AI's request.

For OAuth-connected clients, go to Easy MCP AI → API Token & OAuth → OAuth and click Revoke next to the grant — the client immediately loses access and any active refresh tokens are invalidated. For Bearer tokens, go to Easy MCP AI → API Tokens and delete the token. Either action is instant and irreversible.

Go to Easy MCP AI → Audit Log. Every tool call is recorded in the user activity log with the token used, the tool name, the arguments, the result, the client IP, and a timestamp. The audit trail is paginated and searchable, and retention is configurable under Settings (default 30 days, after which old rows are auto-purged).

Only if you let it. By default, the AI can create posts in whatever status it asks for (draft, publish, etc.) — but you can flip the Force Draft on Create setting under Easy MCP AI → Settings and every newly created post or page will be forced to draft regardless of what the AI requested. Combine that with a Contributor-level WordPress user for the AI to require human review before anything goes live.

Yes — Easy MCP AI is built for production. Every request is authenticated (OAuth 2.0/2.1 or Bearer), capability-checked against WordPress core permissions, rate-limited (default 60 req/min per token, configurable), and recorded in the audit trail. You can additionally restrict the endpoint to specific IP addresses, force all created content to draft, disable specific tools globally, and bind tokens to low-privilege WordPress users. The plugin only requires HTTPS for OAuth flows — bearer-token access is allowed over HTTP for local development but should never be exposed that way on a live site.

Yes. Easy MCP AI runs per-site on a multisite network — each subsite has its own MCP endpoint, its own tokens, and its own audit log. Network-scoped operations (network options, sitewide plugin/theme activation) are additionally gated on Super Admin + manage_network_options / manage_network_plugins capabilities, so a per-site admin token cannot reach network-level state.

Yes. On loopback addresses (127.0.0.1, ::1) the OAuth HTTPS requirement is automatically relaxed so you can test against http://localhost. For non-loopback dev setups behind a reverse proxy that terminates TLS elsewhere, add define('EASY_MCP_AI_OAUTH_ALLOW_HTTP', true); to wp-config.php. Never set that flag on a production site. Bearer-token access works over HTTP without any flag, but again, only for dev.

Yes to both. The post and page tools accept a post_type parameter so your AI can work with any registered CPT on your site (wp_list_cpt_items, wp_create_cpt_item, etc.). For Gutenberg, there are dedicated tools for AI blocks and reusable blocks (wp_list_blocks, wp_create_block, wp_update_block) and block templates (wp_list_templates, wp_get_template, wp_update_template), plus full global styles support (wp_get_global_styles, wp_update_global_styles).

Yes. Create one token (or one OAuth grant) per assistant. Each tracks its own usage, has its own scoped permissions, and is logged independently in the user activity log — so you can see exactly which AI did what.

WordPress 6.0+ and PHP 7.4+. PHP 8.0 or higher is recommended. WordPress 6.9+ unlocks the Abilities API auto-discovery feature, which exposes any Abilities-compatible plugin as MCP tools with no extra code.

No long-running processes, no Node.js, no Docker. The plugin runs entirely inside WordPress as a normal PHP plugin. The plugin contacts external services (Semrush, DataForSEO, Google Analytics 4, Google Search Console) only if you explicitly add those third-party account credentials under Easy MCP AI → External Data — see the External services section above. Out of the box, nothing leaves your server.

• 404 Not Found — go to Settings → Permalinks in WordPress admin and click Save Changes to flush rewrite rules. Pretty permalinks must be enabled.
• 401 Unauthorized — double-check the Bearer token in your AI client matches one shown under Easy MCP AI → API Tokens (tokens are only shown once at creation — if you lost it, delete and recreate). For OAuth clients, try disconnecting and re-approving the connector. Also confirm your Authorization: Bearer <token> header is being sent (some reverse proxies strip it).

Please report security bugs found in the source code of the Easy MCP AI for WordPress plugin through the Patchstack Vulnerability Disclosure Program. The Patchstack team will assist you with verification, CVE assignment, and notify the developers of this plugin.