WordPress MCP en Cursor

← Configuraciones

Conecta Cursor con tu sitio WordPress mediante el Model Context Protocol (MCP). Cursor se comunica con WordPress a través del plugin oficial MCP Adapter y una Contraseña de aplicación.

What you need
  • A WordPress site with HTTPS (or a local .test domain).
  • The MCP Adapter plugin installed and active.
  • A WordPress user with administrator permissions.
  • An Application Password (not your login password).
  • Cursor with ~/.cursor/mcp.json configured.
1. Install the MCP Adapter plugin in WordPress
  1. Download the latest release from WordPress/mcp-adapter.
  2. In wp-admin go to PluginsAdd NewUpload Plugin.
  3. Upload the ZIP and activate the plugin.
  4. Go to AjustesPermalinks → click Save (flushes REST routes).

Verify the endpoint responds with JSON (not the site homepage):

https://your-site.test/wp-json/mcp/mcp-adapter-default-server
2. Create an Application Password
  1. Log in to WordPress as an administrator.
  2. Go to UsuariosPerfil (or edit the target user).
  3. Scroll to Application Passwords.
  4. Name it (e.g. "Cursor MCP") and click Add New Application Password.
  5. Copy the generated password immediately. It looks like xxxx xxxx xxxx xxxx xxxx xxxx. You cannot view it again.

Important: WP_API_PASSWORD in Cursor must be this Application Password, not your WordPress login password.

3. Configure Cursor (~/.cursor/mcp.json)

Add a wordpress entry inside mcpServers:

{
  "mcpServers": {
    "wordpress": {
      "command": "npx",
      "args": ["-y", "@automattic/mcp-wordpress-remote@latest"],
      "env": {
        "WP_API_URL": "https://your-site.test/wp-json/mcp/mcp-adapter-default-server",
        "WP_API_USERNAME": "your-wordpress-username",
        "WP_API_PASSWORD": "xxxx xxxx xxxx xxxx xxxx xxxx",
        "OAUTH_ENABLED": "false"
      }
    }
  }
}
Environment variables explained
Variable Descripción
WP_API_URL Your site URL plus /wp-json/mcp/mcp-adapter-default-server. Replace your-site.test with your real domain.
WP_API_USERNAME WordPress login username (e.g. root).
WP_API_PASSWORD The Application Password from step 2.
OAUTH_ENABLED Set to false when using username + Application Password.
4. Restart Cursor

Reload MCP servers or restart Cursor. The WordPress server should appear as connected in MCP settings.

Reset WordPress login password via database (developers)

If you lost the admin login password, generate a hash with PHP (from your WordPress root):

php -r "require '/path/to/wordpress/wp-load.php'; echo wp_hash_password('YourNewPassword');"

Then run in MySQL:

UPDATE wp_users
SET user_pass = 'PASTE_HASH_HERE'
WHERE user_login = 'your-username';

Do not store plain-text passwords in user_pass. This resets wp-admin login only; it does not replace the Application Password used by MCP.

Troubleshooting
  • Endpoint returns HTML instead of JSON: install/activate MCP Adapter and flush permalinks.
  • 401 Unauthorized: use an Application Password, not the login password.
  • 404 on /wp-json/mcp/...: plugin missing or permalinks not saved.
  • Cursor shows disconnected: check WP_API_URL, restart Cursor, and confirm the site is reachable.
← Cursor MCP (Idoneo) Configuración de WooCommerce