Royal MCP – Secure AI Connector for Claude, ChatGPT & Gemini

Changelog

1.4.9

  • New: Theme appearance tools — wp_get_active_theme, wp_get_theme_mods, wp_update_theme_mod, wp_get_custom_css, wp_update_custom_css. Theme mod writes are gated by a new “Allow AI to modify theme appearance” admin toggle (off by default) plus a new royal_mcp_writable_theme_mods allowlist filter (default empty, opt-in only). Custom CSS writes pass through wp_kses_post so script tags are stripped, and require the unfiltered_html capability.
  • New: Menu item CRUD — wp_create_menu_item, wp_update_menu_item, wp_delete_menu_item, wp_reorder_menu_items. AI agents can build and reorganize navigation menus directly. All four require the edit_theme_options capability.
  • New: Comment moderation — wp_get_pending_comments, wp_approve_comment, wp_spam_comment, wp_trash_comment. Closes the gap between the existing comment create/delete tools. All four require the moderate_comments capability. Author email addresses are redacted in wp_get_pending_comments output.
  • Filter: New royal_mcp_writable_theme_mods filter for theme/plugin authors to opt their customizer settings into the AI-writable allowlist.

1.4.8

  • Fix: Custom connector setup in Claude no longer fails with “Unknown client_id” on sites that were updated from a pre-1.4.0 build without ever being deactivated/reactivated. The OAuth tables are now created on plugin upgrade, not just on first activation.
  • Fix: Dynamic Client Registration (POST /register) now returns a real 500 with the underlying database error if the write fails, instead of returning a fake 201 with a client_id that was never persisted.

1.4.7

  • Tags: refreshed readme tags for better WordPress.org discoverability — replaced low-usage multi-word phrases with mcp, ai, claude, chatgpt, mcp-server.
  • New: Royal Plugins Founders Bundle banner on the Royal MCP Settings and Activity Log screens. Banner is per-user dismissable and only renders on Royal MCP admin pages.
  • New: wp_get_plugin_settings tool — returns all wp_options that match a plugin slug, with sensitive keys (api_key, secret, token, password, salt, license_key, etc.) replaced with [REDACTED] before return. Lets AI agents read plugin configuration without ever seeing stored credentials.
  • New: wp_update_option tool — writes a WordPress option, gated by three security checks: (1) a new admin toggle “Allow AI to write WordPress options” (off by default), (2) a runtime allowlist extensible via the royal_mcp_writable_options filter, and (3) a hard denylist for sensitive option names that overrides the allowlist. Default writable list is intentionally tiny (blogname, blogdescription, posts_per_page, date_format, time_format) — plugin authors opt their settings in via filter.
  • New: Filter royal_mcp_writable_options for plugin authors to declare which of their settings AI agents may write. Receives an array of option names; return the merged array.
  • Security: wp_get_option now redacts sensitive keys from returned values for parity with wp_get_plugin_settings.
  • Security: Reduced outbound HTTP timeouts in the MCP client (30s → 10s) and platform connection tester (15s → 10s) to align with Royal Plugins HTTP guidelines and avoid blocking the request thread on slow upstream services.
  • Listing: Refreshed the WordPress.org plugin directory banners. Subtitle and feature line are larger and more legible, the brand icon (crown + connected nodes) replaces the placeholder atom, and the wordmark spacing is tightened. SVG sources are now versioned for future updates.

1.4.6

  • New: wp_upload_media_from_url — download an image from a public HTTPS URL and add it to the media library (SSRF-hardened: private IP ranges blocked, HTTPS required, 20 MB cap, scriptable formats rejected).
  • New: wp_upload_media — upload an image from base64-encoded bytes for AI-generated or pasted images.
  • New: wp_set_featured_image — set or replace a post’s featured image by attachment ID or by image URL in a single call (pass media_id=0 to remove).
  • New: wp_update_media — update alt text, caption, title, and description on existing attachments for better SEO and accessibility.
  • Enhancement: wp_create_post and wp_update_post now accept a featured_media attachment ID in their schemas.
  • Enhancement: API-key authenticated requests now run as a site administrator so capability checks (upload_files, edit_post, etc.) succeed. The API key is stored in admin-only settings, so this matches the trust level of the key itself.

1.4.5

  • New: WordPress Playground live preview — click “Live Preview” on the plugin listing to try the Royal MCP settings page and activity log in a browser sandbox with demo API key and sample log entries pre-seeded.
  • New: Video walkthrough embedded on the plugin listing page.

1.4.4

  • Feature: Custom post type support — wp_get_posts and wp_create_post now accept a post_type parameter
  • Feature: New wp_get_post_types tool discovers all registered public post types on the site
  • Enhancement: wp_get_post and wp_get_posts responses now include the post type field
  • Enhancement: Post type validation ensures only public post types can be queried or created

1.4.3

  • Security: Fixed broken access control on MCP REST API endpoints (reported by Alexis Lafontaine via Patchstack)
  • Security: All MCP tool calls now require authenticated API key or OAuth Bearer token
  • Security: Removed reliance on Origin header as a security control

1.4.2

  • Security: Enforce authentication on every MCP request, not just session initialization
  • Security: Bind MCP sessions to authenticated credentials to prevent session hijacking
  • Security: Add authentication to GET stream and DELETE session endpoints

1.4.1

  • Fix: Resolved fatal error during activation on WordPress 7.0 RC (“Class Token_Store not found”)
  • Fix: Fully qualified namespace references for WP 7.0 compatibility
  • Tested: WordPress 7.0 RC2 compatibility verified

1.4.0

  • New: OAuth 2.0 authorization server — Claude Desktop’s “Add Connector” flow now works natively
  • New: Dynamic Client Registration (RFC 7591) for seamless MCP client onboarding
  • New: PKCE-secured authorization code flow per MCP spec (2025-03-26)
  • New: Token refresh with automatic rotation for long-lived sessions
  • New: WordPress login integration — consent screen after authentication
  • New: Metadata discovery endpoint at /.well-known/oauth-authorization-server
  • New: Daily cleanup of expired OAuth tokens via scheduled event
  • Improved: MCP endpoint now accepts both Bearer tokens and API key authentication
  • Improved: CORS headers include Authorization for OAuth-based clients
  • Security: Access tokens stored as SHA-256 hashes (never stored in plain text)
  • Security: Authorization codes are single-use with 10-minute expiry
  • Security: PKCE (S256) required for all authorization requests
  • Security: Redirect URI validation enforces localhost or HTTPS only

1.3.0

  • New: WooCommerce integration — 9 MCP tools for products, orders, customers, and store stats (auto-detected)
  • New: GuardPress integration — 7 MCP tools for security score, scans, firewall logs, and audit trail (auto-detected)
  • New: SiteVault integration — 6 MCP tools for backup management, scheduling, and progress tracking (auto-detected)
  • Security: MCP endpoint now requires API key authentication via X-Royal-MCP-API-Key header
  • Security: Added rate limiting (60 requests/minute per IP) to prevent abuse and accidental DoS
  • Security: API key comparison uses timing-safe hash_equals() to prevent timing attacks
  • Security: Sanitized wp_update_post_meta values before storage
  • Security: Comments created via MCP now respect WordPress moderation settings
  • Security: Removed admin_email and php_version from wp_get_site_info response
  • Security: Removed user_login and user_email from wp_get_users/wp_get_user responses
  • Improved: CORS headers include X-Royal-MCP-API-Key for cross-origin MCP clients

1.2.3

  • Security: Added SSRF protection — validates all outbound URLs against private/reserved IP ranges
  • Fixed: Text domain changed from ‘wp-royal-mcp’ to ‘royal-mcp’ to match plugin slug
  • Fixed: Menu slugs updated for WP.org compliance
  • Improved: REST API permission callbacks include explanatory comments for reviewers
  • Compatibility: Tested up to WordPress 7.0

1.2.2

  • Added: Documentation link on Plugins page (Settings | Documentation)
  • Added: Documentation banner on settings page

1.2.1

  • Fixed: Claude Connector setup guide link displaying raw HTML

1.2.0

  • Security: Origin header validation to prevent DNS rebinding attacks
  • Security: Session ID format validation (ASCII visible characters only)
  • Improved: MCP 2025-03-26 Streamable HTTP spec compliance
  • Added: Filter hook royal_mcp_allowed_origins for custom origin allowlist

1.1.0

  • Added multi-platform AI support (Claude, OpenAI, Gemini, Groq, Azure, Bedrock)
  • Added Claude Desktop MCP connector
  • Added activity logging
  • Added connection testing

1.0.0

  • Initial release

Plugin Website
Visit website

Version:
1.4.9
Last Updated
April 29, 2026
Active Installs
900
Requires
WordPress 5.8
Tested Up To
WordPress 7.0
Requires PHP
7.4

Share Post

Join our newsletter.

Get insights into what’s happening at ChangelogWP right in your inbox. We don’t believe in spam.