| 开发者 | videowhisper |
|---|---|
| 更新时间 | 2026年7月1日 16:34 |
| PHP版本: | 7.4 及以上 |
| WordPress版本: | 7.0 |
| 版权: | GPLv2 or later |
| 版权网址: | 版权信息 |
/wp-json/videowhisper-site-manager/v1/mcp.
Claude.ai (web):
claude.ai/customize/connectors.claude mcp add --transport http "YourSiteName" "https://yoursite.com/wp-json/videowhisper-site-manager/v1/mcp"
Automatic OAuth authorization requires a compatible Relay & OAuth Server. Without that connection, use WordPress Application Passwords over HTTPS.
Connecting Codex (MCP)
The onboarding flow includes Codex setup values for both direct and Turnkey MCP architectures. Codex can connect to the same Streamable HTTP MCP endpoint at /wp-json/videowhisper-site-manager/v1/mcp.
config.toml block or OAuth login command from the Codex onboarding tab./mcp in Codex to confirm the WordPress MCP server is active.videowhisper-site-manager plugin folder to /wp-content/plugins/, or install it via the WordPress Plugins screen./mcp.No. This plugin does not store or use any AI provider API keys.
The plugin supports Turnkey OAuth and WordPress Application Passwords. Turnkey OAuth uses a compatible Relay & OAuth Server for shared GPT/MCP workflows. Application Passwords use WordPress core HTTP Basic Authentication over HTTPS. Developers can add more authentication flows with the documented hooks.
Not by default. Publishing is blocked unless an administrator enables Allow publish in the plugin settings. The onboarding instructions and GPT/Claude guidance also reflect whether publishing is enabled.
The /logs endpoint is restricted by the log access settings. This is intentional. A dedicated Editor account can still create/edit content, but cannot access operational audit data unless that access is enabled.
Yes, by default plugin REST endpoints (including the OpenAPI and MCP endpoints) require HTTPS. A development-only setting can allow HTTP if needed on a local/dev environment.
External bearer-token validation uses a short cache to reduce remote validation traffic. The cache TTL is configurable in settings (External token cache (seconds)), so revoked tokens are typically rejected after that cache window expires.
Yes. You can create the dedicated user and create the Application Password directly from the onboarding page. A profile link is still provided for later review/revocation.
No CRM ticket-management code is bundled in this free plugin. The free plugin provides generic hooks that let other plugins register their own AI tools. Live Support Tickets is a separate free WordPress.org plugin; if it or another installed plugin registers tools through the documented hooks, those tools are available according to that plugin's own settings and permissions.
Posts and pages by default (both enabled). Admins can enable or disable each in the Content settings tab. Developers can extend supported content types and tool behavior with hooks such as vwsm_allowed_content_types, vwsm_mcp_extra_tools, vwsm_mcp_dispatch_tool, vwsm_openapi_components, and vwsm_openapi_document.
No. You need to use ChatGPT, Claude, Codex, or another compatible external AI application. This plugin only provides REST endpoints, an MCP endpoint, and onboarding for those external AI applications.
Yes. Once you set up and authorize the connector in Claude.ai on desktop, it is automatically available in the Claude iOS and Android mobile apps — no additional setup is needed.
Please report security bugs found in the source code of the plugin through the Patchstack Vulnerability Disclosure Program. The Patchstack team will assist you with verification, CVE assignment, and notify the developers of this plugin.
action attempts to override the route tool.available_tools and available_action_modules for the current site settings and authenticated userget_current_screen() instead of filter_input() which could return null on some server configurations