WordPress Just Made Every Plugin an AI Endpoint

WordPress 6.9 introduces powerful AI features through the Abilities API. Here's what you need to know to use them safely and protect your site.

Hassan Jamal·Feb 19, 2026·9 min read

WordPress just made every plugin an AI endpoint. Why is nobody talking about the security side of this?

As of WordPress 6.9, every plugin can now become an AI endpoint.

The new Abilities API + MCP Adapter lets AI agents like Claude, ChatGPT, and Cursor interact with your WordPress site. Create posts. Pull WooCommerce reports. Manage users. All through conversation.

On paper? Incredible.

But here's my concern.

What Did WordPress Originally Promise Business Owners, and Where Does That Promise Break Down?

WordPress was built on one promise: anyone can build a website. No code. No complexity. Install a theme, add some plugins, you're live.

Now to use AI safely on WordPress you need to understand:

• ✓
  How to properly configure AI server connections
• ✓
  How to manage authentication tokens and passwords
• ✓
  Which plugins can talk to which AI tools
• ✓
  How to prevent unauthorized access to your site
• ✓
  How to set permission levels for each feature

Even WordPress's own developer blog says "start small, begin with read-only abilities, be prepared to hit roadblocks."

That doesn't sound like "easy" anymore.

What Was the AI Engine Vulnerability That Exposed 100K+ WordPress Sites to Complete Takeover?

And this isn't theoretical.

The AI Engine plugin (100,000+ active installations) already had a critical vulnerability where login credentials were accidentally exposed on a public page.

Source: eSecurity Planet, WordPress Vulnerability Affects 100K+ Sites

Over 100,000 WordPress sites were exposed. Hackers could upload malicious plugins, inject spam, redirect your visitors, steal customer data, or lock you out completely.

The root cause? One checkbox wasn't properly configured. A single setting that should have been set to "hidden" was left as "public", exposing sensitive credentials to anyone who looked.

Why Is Every WordPress Plugin Now a Potential AI Security Entry Point?

Every plugin that registers an ability becomes a potential entry point.

The average WordPress site runs 20-30 plugins. That's 20-30 potential AI endpoints. Each one needs:

• ✓
  Secure login systems that don't leak passwords
• ✓
  Permission settings that limit what each plugin can do
• ✓
  Proper configuration so sensitive pages aren't publicly visible
• ✓
  Automatic expiration of old login credentials
• ✓
  Activity logs that show what AI actions happened on your site

If one plugin gets its security settings wrong, hackers can take over your entire site.

What Are Security Researchers Discovering About WordPress AI Plugin Vulnerabilities?

Security researchers tested WordPress AI plugins and found alarming results:

Source: Michele Bedin, WordPress AI Security Guide for SMBs

These aren't rare problems. This is what happens when you add AI features to a platform that wasn't designed for them.

How Wide Is the Security Gap Between WordPress AI Features and Custom-Built Sites?

I'm not saying WordPress is dead. It powers 40% of the web and that's not changing tomorrow.

But there's now a real gap between:

If you're a blogger or small business? WordPress + AI might be fine.

But if your site processes payments, stores customer data, and drives real revenue? You need to ask: should a platform built for simplicity also be managing complex AI security?

Who Should Worry About WordPress AI Security?

You should care about WordPress AI security risks if your site:

• ✓
  Processes payments: WooCommerce, Easy Digital Downloads, Stripe integrations
• ✓
  Stores customer data: Email lists, user accounts, PII, GDPR-protected information
• ✓
  Handles sensitive business data: CRM integrations, analytics, sales reports
• ✓
  Relies on uptime for revenue: E-commerce, SaaS, membership sites
• ✓
  Manages user-generated content: Forums, reviews, community platforms

For these sites, WordPress's plugin architecture already introduces performance and security risks. Adding AI endpoints to every plugin multiplies the attack surface.

What Does It Actually Take to Use WordPress AI Features Safely?

The promise was "easy." This doesn't look easy anymore.

WordPress's developer documentation recommends:

""Start small, begin with read-only abilities, be prepared to hit roadblocks."
(WordPress Developer Blog, Feb 2026)

That's a far cry from "install a plugin and you're done."

To use WordPress AI features safely, you need expertise in:

You shouldn't need a computer science degree just to safely use AI on your website.

What Is the Verdict: Should Business Owners Trust WordPress to Handle AI Security?

I'm not here to bash WordPress.

WordPress democratized web publishing. It gave millions of people the power to build websites without code. That's genuinely incredible.

But "AI-ready" comes with responsibilities that contradict WordPress's core promise of simplicity.

Business owners should know what "AI-ready" actually requires under the hood before they flip the switch.

The AI Engine vulnerability proved that even trusted plugins used by 100,000+ websites can get security settings wrong and hand hackers the keys to your entire site.

If your business depends on security, uptime, and customer trust, ask yourself: is a platform built on third-party plugins really the best foundation for AI features?