Critical-risk tools in WordPress MCP Server

Critical severity WordPress MCP Server MCP Server 25 of 190 tools

25 of the 190 tools in WordPress MCP Server are classified as critical risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.

Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.

Tools at critical risk

wordpress_bulk_delete_media Destructive

wordpress_bulk_delete_media
wordpress_bulk_delete_posts Destructive

wordpress_bulk_delete_posts
wordpress_clear_cache Destructive

wordpress_clear_cache
wordpress_delete_backup Destructive

wordpress_delete_backup
wordpress_delete_category Destructive

wordpress_delete_category
wordpress_delete_comment Destructive

wordpress_delete_comment
wordpress_delete_file Destructive

wordpress_delete_file
wordpress_delete_media Destructive

wordpress_delete_media
wordpress_delete_menu Destructive

wordpress_delete_menu
wordpress_delete_menu_item Destructive

wordpress_delete_menu_item
wordpress_delete_page Destructive

wordpress_delete_page
wordpress_delete_plugin Destructive

wordpress_delete_plugin
wordpress_delete_post Destructive

wordpress_delete_post
wordpress_delete_redirect Destructive

wordpress_delete_redirect
wordpress_delete_reusable_block Destructive

wordpress_delete_reusable_block
wordpress_delete_role Destructive

wordpress_delete_role
wordpress_delete_term Destructive

wordpress_delete_term
wordpress_delete_theme Destructive

wordpress_delete_theme
wordpress_delete_user Destructive

wordpress_delete_user
wordpress_delete_widget Destructive

wordpress_delete_widget
wordpress_remove_capability Destructive

wordpress_remove_capability
wordpress_wc_delete_product Destructive

wordpress_wc_delete_product
wordpress_cleanup_database Destructive

wordpress_cleanup_database
wordpress_full_backup Destructive

wordpress_full_backup
wordpress_restore_backup Destructive

wordpress_restore_backup

Attacks that target this class

Critical-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.

Destructive Action Autonomy
Privilege escalation via admin-only tools
Data exfiltration via tool chaining
Runaway Tool Loops

Critical-risk tools in WordPress MCP Server

Tools at critical risk

Attacks that target this class

More on WordPress MCP Server

Enforce policy on every WordPress MCP Server tool call.