Title: LolaCore – AI Admin Agent
Author: Fran Barbero
Published: <strong>May 22, 2026</strong>
Last modified: July 16, 2026

---

Search plugins

![](https://ps.w.org/lolacore/assets/banner-772x250.png?rev=3595457)

![](https://ps.w.org/lolacore/assets/icon-256x256.png?rev=3544434)

# LolaCore – AI Admin Agent

 By [Fran Barbero](https://profiles.wordpress.org/vanguardhive/)

[Download](https://downloads.wordpress.org/plugin/lolacore.2.2.1.zip)

 * [Details](https://zul.wordpress.org/plugins/lolacore/#description)
 * [Reviews](https://zul.wordpress.org/plugins/lolacore/#reviews)
 *  [Installation](https://zul.wordpress.org/plugins/lolacore/#installation)
 * [Development](https://zul.wordpress.org/plugins/lolacore/#developers)

 [Support](https://wordpress.org/support/plugin/lolacore/)

## Description

> **You:** Run the weekly cleanup.
> **Lola:** Last week you decided to keep post revisions for 30 days and leave the
> ones on your landing pages alone. Going by that, 1,240 revisions and 1.2K expired
> transients are safe to clear, about 34 MB. I’ll show you the exact list before
> anything runs. Proceed?

You didn’t repeat your rules. You didn’t re-explain last week. Lola already knew,
because she remembers your site across sessions while every other AI tool forgets
the moment you close the tab. That is the difference between a chatbot and an agent
that runs your site.

Running WordPress once is easy; running it every day wears you down—separate screens,
repeated clicks, context gone when you close the session. That grind has a name:
[admin fatigue](https://lolacore.com/admin-fatigue/), the real cost of running a
site. It hits hardest in WooCommerce, where every order and stock update adds another
screen. I ran a store for ten years; what burned me out was never the selling—it
was the admin.

LolaCore is where that stops. Lola is an AI agent inside your wp-admin. You tell
her what you need; she does the admin work and shows you exactly what she will change
before anything happens. No new dashboard. No external tool. She works where you
already work.

She is **built natively on the WordPress 7.0 AI Client and the Abilities API**. 
She reads your database, reasons about it, and executes real actions only with your
explicit approval. Full picture: [documentation](https://lolacore.com/documentation/).

#### Persistent memory

Memory is the foundation everything else stands on.

Lola remembers facts across sessions: plugin conflicts, security findings, your 
preferences, decisions you have made—all stored locally in your WordPress database.
Important findings stay sharp; old trivia fades; pinned facts stay longer. When 
you start a new conversation, you don’t re-explain your stack. You pick up the thread.
How decay, boosting, and export/import work: [persistent memory guide](https://lolacore.com/documentation/#persistent-memory).

#### 77 abilities. 10 domains. One chat.

 * **Site diagnostics** (4 abilities). WordPress and PHP status, HTTPS, database
   size, security headers, SEO audit. Lola tells you what’s broken before your client
   does.
 * **Plugins** (8). Search WordPress.org, install, activate, deactivate, update,
   roll back to an earlier release, or update all. “Update all plugins” is one sentence,
   not 14 update screens.
 * **Plugin Builder** (9). Describe a custom plugin in chat. Lola reads your site,
   co-designs a short plan, generates files with safety checks and AI code review,
   then you test in Playground before it touches your live site.
 * **Block Builder** (9). Same flow for custom Gutenberg blocks: Lola scaffolds `
   block.json`, editor scripts, and the PHP render callback; you preview in Playground,
   then install on approval.
 * **Content & metadata** (7). Create pages, edit posts, change status, update slugs,
   read and write post meta. Works with Yoast, RankMath, and other post-meta plugins.
 * **Users** (4). Create accounts, change roles, remove users with automatic content
   reassignment.
 * **Database & cache** (3). Clean post revisions, expired transients, orphaned 
   postmeta, and spam comments. The cleanup WordPress never does for you.
 * **Taxonomies & media** (7). Categories, tags, comments, and media files.
 * **Themes & settings** (13). Install, update, and delete themes with safety warnings,
   read and write site options, manage navigation menus, review cron jobs.
 * **WooCommerce** (13). Detected automatically. Products, orders, customers, coupons,
   categories, sales reports. “How much revenue this week?”—from your store data,
   not a dashboard.

Every ability in detail: [ability reference](https://lolacore.com/documentation/#what-lola-can-do).
Store tools with examples: [WooCommerce abilities](https://lolacore.com/documentation/#woocommerce-core).

#### How Lola stays safe

**Your data never touches our servers.** No telemetry, no analytics. Your conversations
go from your hosting to your AI provider. That’s it.

**Nothing happens without your approval.** Every write action shows a preview card
with exactly what Lola is about to do. You confirm or cancel. Every action is logged
with before/after snapshots. Admin-only.

#### She has an opinion

Lola has judgment. When a change would hurt your site, she tells you before you 
commit and offers a safer way to get what you want. If you still want to proceed,
she does it your way and records the decision, so the next time it comes up the 
context is already there.

#### Any model, your choice

Lola works with whatever AI provider you configure in WordPress 7.0 (Settings  AI).
Agentic models perform best: GPT-5.5, DeepSeek V4, Claude 4.6 Sonnet or Opus 4.7.
Gemini, Grok, Ollama, and OpenRouter work through the native connector.

You pay your provider directly—no token markup from LolaCore. Each message sends
only the abilities your request needs, not the full catalog. Setup: [connecting your AI provider](https://lolacore.com/documentation/#api-provider-setup).

#### Native to WordPress 7.0

LolaCore runs entirely on the native WordPress AI Client and Abilities API. No external
HTTP libraries, no custom credential vaults. When WordPress updates its AI infrastructure,
LolaCore updates with it.

#### Spanish and Brazilian Portuguese

Lola speaks your language. Set WordPress to `es_ES` or `pt_BR` and the full admin
experience runs in native Spanish or Brazilian Portuguese: settings panel, chat 
widget, ability labels, onboarding, preview cards, errors, and status messages. 
More than 1,050 user-facing strings per locale — not a thin language pack.

The intent router is localized for both languages. Ask in Spanish or Portuguese 
which pages are in draft, what needs attention today, or to list your skills — Lola
routes to the right tools without English keywords. Other locales fall back to English.

#### Lola’s lane

A tool that does everything does nothing well. Lola is built narrow on purpose.

 * She doesn’t edit theme files, core, or server config. Plugin Builder and Block
   Builder are the exceptions: she generates custom plugins and blocks that you 
   own and iterate in chat.
 * She doesn’t see your frontend. Lola lives inside wp-admin.
 * In wp-admin, she works on one site at a time. Over MCP, your editor can hold 
   the whole fleet.

Why these boundaries exist: [what Lola cannot do](https://lolacore.com/documentation/#what-lola-cannot-do).

#### Skills and playbooks: teach Lola how you work

Skills are short behavioral guides in plain Markdown that shape how Lola approaches
a task. LolaCore ships with 14 built in, and you can write your own or ask Lola 
to create one for you in chat. [Skills guide](https://lolacore.com/documentation/#skills).

A playbook is a curated manual for one area of work: your brand guidelines, your
FSE build conventions, an internal process. Upload a document (TXT, Markdown, DOCX,
or HTML), Lola distills it into a draft, you review and activate it. From then on
she consults it whenever that domain comes up. [Playbooks guide](https://lolacore.com/documentation/#playbooks).

#### Free addons teach Lola your stack

When you work with a specific tool every day, a free addon teaches Lola that domain—
all sharing the same site memory:

 * [LolaCore for Elementor](https://lolacore.com/lolacore-for-elementor/): manage
   your Elementor pages and templates from chat
 * [LolaCore for ACF](https://lolacore.com/lolacore-for-acf/): read and write Advanced
   Custom Fields in plain language
 * [LolaCore for SEO](https://lolacore.com/lolacore-for-seo/): audit and edit your
   SEO without opening another panel
 * [LolaCore for Forms](https://lolacore.com/lolacore-for-forms/): work with your
   forms and their entries from the chat
 * [LolaCore for Statistics](https://lolacore.com/lolacore-for-statistics/): ask
   about your traffic and get the number, not a dashboard
 * [LolaCore for FSE](https://lolacore.com/lolacore-for-fse/): a block and template
   builder for block themes

Browse them all: [lolacore.com/add-ons](https://lolacore.com/add-ons/).

#### For agencies and consultants

Run WordPress for clients and the admin work multiplies with every site. Free addons
go deep on the stack you build with: 91 for Elementor, 26 for ACF, 22 for SEO, 18
for Statistics, 15 for Forms, 17 for FSE—189 abilities on top of Lola’s core.

Each client site is a separate install with its own memory; contexts never bleed
across clients. Preview cards and logs mean you always know what changed on a live
site.

LolaCore bundles a zero-config MCP server—each client site becomes a tool in Cursor,
Claude Code, or any MCP client. Connect the fleet and one agent runs it: “update
plugins on site A”, “how did site B sell this week”, “SEO audit on every site”. 
Your agent, your rules, Lola’s full toolset—abilities, memory, builders, skills,
playbooks.

#### Don’t know what to say? Start here.

No commands, no syntax. Three prompts you can paste right now:

> “Give me a quick briefing on the site. Anything that needs attention today.”
> “Update all plugins except Elementor and [plugin name]. Show me the list first.”
> “How much have we sold this week? Compare it to last week.”

There are 45 more in the [prompt library](https://lolacore.com/documentation/#prompt-library):
daily check-ins, maintenance routines, session combos.

### External Services

LolaCore connects to the following external services. Each connection is documented
with what triggers it, what data is sent, and links to the relevant terms and privacy
policies.

#### AI Providers (Chat Feature)

When you use the chat widget, your messages are sent to whichever AI provider you
have configured in WordPress’s built-in AI settings (Settings  AI). LolaCore does
not operate its own servers and does not route data through any intermediary.

**Data sent to your provider:**
 – Your chat messages – A summary of your site scan(
WordPress version, active plugin list, PHP version) – Relevant memory facts (site
observations stored in your local database)

**Data never sent:**
 – Passwords, API keys, wp-config values, or database credentials–
Personal user data (emails, addresses, payment info)

**When this happens:** Only when you actively send a message in the chat widget.
No background calls.

**Supported providers:**
 – OpenAI – [https://openai.com](https://openai.com) | 
[Terms of Use](https://openai.com/policies/terms-of-use) | [Privacy Policy](https://openai.com/privacy)–
Anthropic – [https://anthropic.com](https://anthropic.com) | [Terms of Service](https://www.anthropic.com/legal/consumer-terms)
| [Privacy Policy](https://www.anthropic.com/privacy) – DeepSeek – [https://deepseek.com](https://deepseek.com)
| [Terms of Use](https://chat.deepseek.com/downloads/DeepSeek%20Terms%20of%20Use.html)
| [Privacy Policy](https://chat.deepseek.com/downloads/DeepSeek%20Privacy%20Policy.html)

#### Wordfence Vulnerability API

LolaCore can check your installed plugins against the public Wordfence vulnerability
database to identify known security issues.

**Endpoint:** `https://www.wordfence.com/api/intelligence/v2/vulnerabilities/scanner`

**Data sent:** An HTTP GET request with no request body. LolaCore sends only a User-
Agent header identifying itself (`LolaCore WordPress Plugin`). No plugin lists, 
site URLs, or user data are transmitted to Wordfence.

**Data received:** A public JSON feed of known WordPress plugin vulnerabilities.
LolaCore compares this list locally against your installed plugin slugs and versions
to surface relevant findings.

**When this happens:** Only when you explicitly request a vulnerability check through
the chat (e.g., “check my plugins for vulnerabilities”). This call is never made
automatically during plugin activation, scheduled scans, or background operations.

**Service links:**
 – Wordfence – [https://www.wordfence.com](https://www.wordfence.com)
| [Terms of Service](https://www.wordfence.com/terms-of-use-and-privacy-policy/)
| [Privacy Policy](https://www.wordfence.com/privacy-policy/)

#### WordPress.org Plugin API

When you ask Lola to search for or install plugins, LolaCore queries the official
WordPress.org Plugin API.

**Data sent:** Plugin search keywords or slug identifiers.
 **Data received:** Plugin
metadata, descriptions, and download URLs from the WordPress.org repository.

**When this happens:** Only when you use plugin search or install features through
the chat.

 * Service: [https://wordpress.org](https://wordpress.org) | [API Documentation](https://codex.wordpress.org/WordPress.org_API)

#### Google Fonts

The admin settings page loads two font families (Plus Jakarta Sans and JetBrains
Mono) from Google Fonts for the plugin’s admin interface.

**Data sent:** Standard HTTP font file requests. Google receives the requesting 
IP address and browser User-Agent.
 **When this happens:** Each time an administrator
opens the LolaCore settings page.

 * Service: [https://fonts.google.com](https://fonts.google.com) | [Terms of Service](https://developers.google.com/terms)
   | [Privacy Policy](https://policies.google.com/privacy)

## Screenshots

[⌊Lola's first scan: a specific, actionable report about your site, not a generic
greeting.⌉⌊Lola's first scan: a specific, actionable report about your site, not
a generic greeting.⌉[

Lola’s first scan: a specific, actionable report about your site, not a generic 
greeting.

[⌊Security audit results with severity flags and fix suggestions.⌉⌊Security audit
results with severity flags and fix suggestions.⌉[

Security audit results with severity flags and fix suggestions.

[⌊Plugin installation through chat. Lola finds, downloads, and asks before installing.⌉⌊
Plugin installation through chat. Lola finds, downloads, and asks before installing
.⌉[

Plugin installation through chat. Lola finds, downloads, and asks before installing.

[⌊Action confirmation flow: every write operation shows a preview and requires approval
before executing.⌉⌊Action confirmation flow: every write operation shows a preview
and requires approval before executing.⌉[

Action confirmation flow: every write operation shows a preview and requires approval
before executing.

[⌊The ability panel: 77 abilities across 10 domains, each toggleable from the settings
page.⌉⌊The ability panel: 77 abilities across 10 domains, each toggleable from the
settings page.⌉[

The ability panel: 77 abilities across 10 domains, each toggleable from the settings
page.

## Installation

 1. Upload the `lolacore` folder to `/wp-content/plugins/` or install via the WordPress
    plugin screen.
 2. Activate the plugin through the “Plugins” screen in WordPress.
 3. Configure your AI provider through WordPress’s built-in AI settings (Settings  
    AI).
 4. Open the floating chat widget in your admin dashboard.
 5. Start managing your site through conversation.

#### Requirements

 * WordPress 7.0 or higher
 * PHP 8.0 or higher
 * MySQL 5.7+ or MariaDB 10.3+ (JSON column support required)
 * An AI provider configured through WordPress’s AI Client settings
 * WooCommerce 8.0+ (optional, for store management abilities)

Detailed setup instructions and first-conversation tips: [getting started guide](https://lolacore.com/documentation/#installation).

## FAQ

### What is admin fatigue?

Admin fatigue is the cumulative cost of running a WordPress site through a panel
that puts dozens of clicks between the simple thing you want to do and actually 
getting it done. It is worst in WooCommerce stores, but every WordPress admin feels
it. LolaCore exists to remove it: you describe the task, Lola does the admin work
from chat. Full explanation: [what is admin fatigue](https://lolacore.com/admin-fatigue/).

### Do I need to know how to code?

No. You tell Lola what you need in plain language, the same way you would explain
it to an employee. No commands, no syntax, nothing to memorize. If you can describe
the task, Lola can run it.

### Can Lola break my site?

Every write action requires explicit confirmation. Lola shows you exactly what she
is about to do, and you approve or cancel. Safety guards prevent deactivating LolaCore
itself, deleting the last administrator, and permanent content deletion without 
warning. All executed actions are logged with before/after snapshots.

### What’s the difference between memory, skills, and playbooks?

Memory is what Lola knows about your site: facts, decisions, and preferences she
has picked up over time. Skills shape how she works a task; one might load a safety
protocol before a bulk deletion. Playbooks are curated manuals for a whole domain,
like the rules of your FSE build or your brand guidelines, and she reads the matching
one before she works in that area. All three sit on top of her abilities, which 
are the actions she actually takes in WordPress.

### Does LolaCore charge per use?

No. LolaCore is free. The only cost is your own AI provider: you connect your account
in WordPress settings and pay that provider directly for what you use. LolaCore 
takes no cut, adds no markup, and never charges per message.

### Does LolaCore work with WooCommerce?

Yes. If WooCommerce is active, Lola automatically detects it and enables 13 dedicated
abilities for product management, order tracking, customer data, coupons, categories,
and sales reporting.

### Is LolaCore only for WooCommerce stores?

No. The store owner feels admin fatigue most acutely, so a lot of the examples are
about WooCommerce, but 64 of Lola’s 77 abilities are general WordPress work: diagnostics,
plugins, content, users, database, themes, and settings. If you run any WordPress
site, Lola earns her keep with or without WooCommerce.

### What data is sent to AI providers?

When you chat with Lola: your messages, a summary of your site scan (WordPress version,
plugin list, PHP version), and relevant memory facts. Passwords, API keys, and personal
user data are never included in the AI context.

### Where is my data stored?

All data (memory facts, chat history, configuration) is stored in your WordPress
database. Six dedicated tables are created on activation (`lolacore_memory`, `lolacore_log`,`
lolacore_config`, `lolacore_sessions`, `lolacore_messages`, `lolacore_skills`). 
Nothing is sent to external servers except your chat messages to your configured
AI provider when you actively use the chat.

### What happens when I deactivate the plugin?

Deactivation clears scheduled cron events but preserves all your data. Uninstalling
the plugin permanently deletes all database tables and stored options. Your choice.

### Does LolaCore work with other plugins?

Lola reads and writes standard WordPress data: options, post meta, users. She works
alongside Yoast SEO, RankMath, ACF, Contact Form 7, and any plugin that stores data
in the WordPress database.

### Can I use LolaCore for client sites?

Yes. Install LolaCore on each client site independently. Each installation keeps
its own memory and its own logs, so one client’s context never bleeds into another’s.
The free addons cover the tools you build with (Elementor, ACF, SEO, forms, analytics,
block themes), and consultants use Lola to cut down monthly maintenance and produce
client reports from a conversation.

### Can I use Lola from an IDE?

Yes. Every ability is exposed through the WordPress Abilities API, and LolaCore 
bundles a zero-config MCP server. Over MCP, your own agent (Claude Code, Cursor,
Claude Desktop) drives Lola’s toolset directly under the rules you set for it: all
abilities, the persistent memory, skills, playbooks, Plugin Builder and Block Builder.
Agencies use this to run a fleet: add each client site’s MCP server to one editor
and a single agent updates, audits, and reports across all of them. Plugins and 
blocks built over MCP still have to pass WordPress Playground before they can be
installed. Lola herself, with her judgment and confirm-before-write flow, lives 
in the wp-admin chat.

### Why does LolaCore require WordPress 7.0?

LolaCore is built entirely on the native AI Client introduced in WordPress 7.0. 
This eliminates external HTTP dependencies, uses WordPress’s own credential management,
and ensures long-term compatibility as the platform evolves. No shims, no polyfills,
no fallback layers.

### Where is the full documentation?

This readme covers the essentials. The full documentation goes deeper: memory mechanics,
the complete ability catalog with examples, a prompt library with 48 ready-to-use
conversation starters, a detailed settings walkthrough, and 45+ answers across 12
FAQ categories. **[LolaCore Documentation](https://lolacore.com/documentation/)**

## Reviews

There are no reviews for this plugin.

## Contributors & Developers

“LolaCore – AI Admin Agent” is open source software. The following people have contributed
to this plugin.

Contributors

 *   [ Fran Barbero ](https://profiles.wordpress.org/vanguardhive/)

[Translate “LolaCore – AI Admin Agent” into your language.](https://translate.wordpress.org/projects/wp-plugins/lolacore)

### Interested in development?

[Browse the code](https://plugins.trac.wordpress.org/browser/lolacore/), check out
the [SVN repository](https://plugins.svn.wordpress.org/lolacore/), or subscribe 
to the [development log](https://plugins.trac.wordpress.org/log/lolacore/) by [RSS](https://plugins.trac.wordpress.org/log/lolacore/?limit=100&mode=stop_on_copy&format=rss).

## Changelog

#### 2.2.1

 * Fix: **Agency Connection fatal error** — The transparency page template expected
   a scope object that was not passed from the controller, causing a fatal error
   on PHP 8.2+ after pairing with LolaHub.
 * Fix: **Agency Connection menu placement** — The page now lives under the Lola
   menu (LolaCore submenu) instead of a separate top-level admin menu.
 * Improvement: **Authorize Application layout** — Long LolaHub callback URLs wrap
   inside the WordPress consent card instead of overflowing the box.

#### 2.2.0

 * Feature: **Agency fleet connection (child site)** — LolaCore on a client site
   can now pair with an agency fleet manager via WordPress native Application Passwords.
   Pairing uses the standard `authorize-application` flow; no custom tokens or shared
   admin passwords are stored.
 * Feature: **Agency Connection admin page** — Site owners see who is connected,
   what domains the agency may operate on, recent fleet actions, and can narrow 
   scope or disconnect at any time. Operator memory can be forgotten without touching
   the owner’s local memory.
 * Feature: **Remote execution channel** — An authenticated fleet master can run
   a curated set of Lola abilities on the child site through `POST /wp-json/lolacore/
   v1/hub/execute`, with scope checks, idempotency, and state fingerprints on sensitive
   writes so stale approvals are not applied blindly.
 * Feature: **Fleet site health & provisioning** — New abilities expose a cached
   health snapshot, accept agency playbooks/skills/preferences without overwriting
   local owner content, and optionally set the site’s AI provider when Connectors
   is available.
 * Feature: **Batch memory reconcile** — Fleet-authored memory facts can be pushed
   to the child in one round-trip, merged by content hash (`fact_hash`) without 
   clobbering the site owner’s existing memory. The owner can export seed memory
   for adoption on connect.
 * Improvement: **Shared remote allow list** — MCP and fleet execution use the same
   curated ability list, so the two surfaces cannot drift apart.

#### 2.1.4

 * Fix: **Reasoning models no longer leak their thinking into the session summary**—
   with a reasoning-capable model (DeepSeek and similar), the “last session summary”
   showed the model’s internal deliberation pasted in front of the actual summary.
   The thought channel is now filtered out, as it already was in chat replies.
 * Fix: **Memory extraction with reasoning models** — the same leak silently broke
   fact extraction: the model’s thinking was concatenated ahead of the JSON payload,`
   json_decode()` failed, and every fact from that turn was discarded. Lola now 
   records facts correctly on reasoning models.
 * Improvement: **Desktop Mode compatibility** — Lola’s floating widget stays available
   and keeps its position when switching into the Desktop Mode shell, and no longer
   duplicates itself inside every open window.

#### 2.1.3

 * Fix: **MCP native abilities** — `lolacore/get-site-info`, `lolacore/get-memory-
   context`, `lolacore/get-action-history`, and `lolacore/get-scan-data` are now
   exposed through the LolaCore MCP server. Previously the guard only whitelisted
   chat-bridge tool names (e.g. `get-site-status`), so MCP agents received a misleading“
   requires a valid license” error when calling the documented boot abilities. Uses
   WordPress core `wp_get_abilities()` (`WP_Ability` instances), not the non-existent`
   wp_get_registered_abilities()` helper.

#### 2.1.2

 * Feature: **Deep internationalization** — complete native support for **Spanish(
   Spain)** (`es_ES`) and **Brazilian Portuguese** (`pt_BR`). More than 1,050 user-
   facing strings per locale: settings UI, chat widget, ability labels, onboarding,
   preview cards, errors, and status messages. Shipped as compiled `.mo` language
   packs; other locales fall back to English.
 * Feature: **Brazilian Portuguese (pt_BR)** — full translation catalog at parity
   with Spanish, transcreated for Brazilian product voice (`você`, not European 
   Portuguese).
 * Improvement: **Localized intent router** for Spanish and Brazilian Portuguese—
   natural-language keywords, meta-tool queries (“what can you do?”), holistic monitoring(“
   what needs my attention?”), and deferral/confirmation patterns so chat routes
   tools correctly in both languages.

#### 2.1.1

 * Fix: **TOOL DISCIPLINE** now applies even when write confirmation is disabled
   in Safety settings — it was previously omitted on sites with direct-write mode.
 * Fix: **Deferred-intent auto-continue** — when Lola says she will look something
   up (e.g. “Let me fetch that…”) but emits no tool calls, the server automatically
   continues the turn once and forces the read tools to run instead of waiting for
   the user to say “ok”.
 * Fix: **Plugin Builder iteration install** — updating a built plugin from the 
   chat delivery card (v2 over an installed v1) now reliably prompts to overwrite
   the on-disk copy, completes the install, and activates afterward. Fixes a locale
   bug where translated admin languages never triggered the overwrite retry, and
   replaces the browser confirm dialog with an inline modal plus clearer activation
   errors on the card.

#### 2.1.0

 * Feature: **Progressive tool expansion in chat** — new `requestAdditionalCategories`
   meta-tool adds 1–2 domain categories to the session without loading every ability(
   MCP-style discover  expand  execute).
 * Feature: **`getDiscoveredAbilities` search** — filter by `query`, `category`,`
   limit`, or `names_only` so Lola finds the right tool without dumping the full
   registry into context.
 * Improvement: Session toolset persists across tool continuations — expanded categories
   are not lost mid-workflow.
 * Improvement: Gemini tool cap prioritizes expanded categories and keeps expansion
   meta-tools available under the 32-tool limit.
 * Improvement: System prompt **ROUTED TOOLSET DOCTRINE** — cross-domain tasks (
   e.g. resolve a page by title, then translate) are expected; Lola escalates before
   claiming a task is impossible.
 * Improvement: **TOOL DISCIPLINE** — read lookups (search, inspect, resolve a page)
   must run in the same turn; no intent-only pauses waiting for the user to say “
   ok”.

#### 2.0.3

 * Fix: Database migrator now recreates any missing LolaCore tables on load, so 
   sites that upgraded to Playbooks without getting `wp_lolacore_playbooks` self-
   heal on the next admin request — no deactivate/reactivate required.
 * Fix: Chat no longer shows a false firewall error when WordPress prints a database
   notice before the JSON response (for example a missing Playbooks table with WP_DEBUG
   on).
 * Fix: Chat error messages now match the real failure (database issue, timeout,
   garbled response, or hosting WAF) instead of always blaming the hosting firewall.

#### 2.0.2

 * Feature: **Plugin rollback** for WordPress.org plugins — roll back to an earlier
   release from chat (`rollback_plugin`). Lola can list older versions first (`get_plugin_versions`).
   Premium and custom plugins are blocked with a clear message.
 * Improvement: Rollback confirmation card shows a calm human preview (plugin name
   and version change) instead of technical fields and long version lists.

#### 2.0.1

 * Improvement: **LolaCore for FSE** now appears in the Addons catalog and Expansions
   panel before you install it, with a WordPress.org install link (21 abilities).

#### 2.0.0

 * Feature: **Block Builder** — describe a custom Gutenberg block in chat; Lola 
   scaffolds block files, saves to the **Built Blocks** library, tests in WordPress
   Playground, and installs to `wp-content/lolacore-blocks/` after your approval.
   Nine Block Builder abilities (`createBlock`, `updateBlockCode`, `listBuiltBlocks`,`
   getBuiltBlock`, `getInstalledBlock`, `testBlock`, `installBlock`, `uninstallBlock`,`
   deleteBuiltBlock`).
 * Feature: System playbook **`block-development`** for Block Builder scaffolding
   and iteration.
 * Improvement: Broader **Spanish (Spain)** coverage for builders, chat, and action
   handlers.
 * Improvement: **Playbook distiller** — clearer format contract, YAML frontmatter
   repair, and persistent error UX when distillation fails.

#### 1.9.0

 * Feature: **Playbooks** — curated domain manuals Lola consults when working in
   a specific area. Built-in `playbook-format` contract, system playbook `plugin-
   development` for Plugin Builder, database and filesystem sources, model-adaptive
   delivery (inline hints for lightweight models, full attachment on ability use),
   and seven playbook abilities for chat and MCP.
 * Feature: Playbooks admin under **Lola  Playbooks** — list, create, edit, activate,
   upload (TXT/MD/DOCX/HTML), AI distillation with review before save, and reload.
   Skills moved to its own submenu (**Lola  Skills**).
 * Improvement: Upload guardrail with a clear notice when extracted document text
   exceeds 40,000 characters.

#### 1.8.9

 * Fix: Plugin Builder Playground works again on production hosting. Opening Playground
   no longer depends on a loopback scrape on your live server (which often fails
   and was blocking every library plugin with a false “fatal error”). Runtime load
   checks still run when saving code for review and before installing on your site.
 * Improvement: Playground links are short and shareable. The blueprint is served
   from your site via a signed REST URL (`blueprint-url`), so MCP and chat agents
   can give you a clickable link that opens Playground in the browser without copying
   a megabyte-long URL from wp-admin.

#### 1.8.8

 * Improvement: The Plugin Builder now works over MCP. A connected code editor can
   create and iterate plugins straight into your Plugin Builder library by sending
   the exact code — the site no longer asks its own AI to rebuild code the external
   tool already wrote. The wp-admin chat is unchanged: there you describe what you
   want and Lola writes it. Plugins added over MCP go through the same static safety
   checks and must still be tested in Playground before they can be installed.
 * Fix: LolaCore for Forms now appears on the Addons screen before you install it,
   with a one-click install from WordPress.org — the same pattern as the other free
   bridge addons (ACF, SEO, Statistics).

#### 1.8.7

 * Fix: On the Addons screen, installed free bridge addons now show **Learn more**
   and link to their lolacore.com landing pages instead of **Download free ** (which
   only applies before install). Install-from-WordPress.org links are unchanged 
   for addons you have not installed yet.
 * Fix: Addons catalog and cross-domain footer links no longer 404 — marketing URLs
   now use UTM-safe landing pages, and **How cross-domain intelligence works ** 
   points to the live add-ons catalog at lolacore.com/add-ons/.
 * Fix: The **View all abilities** list on Settings now lists tools for free bridge
   addons (ACF, SEO, Statistics, Elementor, and others), not just premium addons
   and core domains.

#### 1.8.6

 * Fix: Resolved a race condition on sites where another active plugin bundles its
   own copy of the WordPress MCP adapter (recent versions of WooCommerce do this).
   The Abilities API init event fires only once per request; when WooCommerce or
   an addon triggered it before the adapter could register its meta-tools, the debug
   log filled with repeated “ability does not exist” notices on every wp-admin page
   load and Lola’s IDE/MCP connection could stop working. LolaCore now registers
   the MCP protocol meta-abilities at the earliest hook priority and skips tools
   that are not yet available.

#### 1.8.5

 * Feature: The Addons screen now shows the free LolaCore bridge addons (for ACF,
   SEO, and Statistics) even before you install them, each with a one-click install
   from WordPress.org. Until now only installed addons appeared, so there was no
   way to discover the free ones from inside Lola.
 * Docs: New conversation-led opening for the plugin description that shows how 
   Lola uses persistent memory, plus a clearer short description and search tags.
   No functional changes to the agent.

#### 1.8.4

 * Docs: Rewrote the readme to explain more clearly what LolaCore does and the problem
   it solves (admin fatigue). No functional changes to the plugin.

#### 1.8.3

 * Fix: Improved compatibility with hosting security plugins and firewalls. Chat
   messages are now sent as plain text, which prevents some security suites from
   blocking WordPress REST API requests on affected hosts — an issue that could 
   interfere with Application Password management and MCP connections.
 * Improvement: When a hosting firewall blocks a chat message, Lola now explains
   what happened and what to do, instead of showing a generic connection error.

#### 1.8.2

 * Fix: Free bridge addons (e.g. LolaCore for ACF, LolaCore for Elementor) now show
   a green **FREE ADDON** badge in the What Lola Can Do ability panel, matching 
   the premium addon label treatment.

#### 1.8.1

 * Fix: Chat now accepts HTML and JavaScript code snippets (e.g. WPCode tracking
   scripts with `<script>` tags). Messages are no longer stripped by over-aggressive
   sanitization, and code payloads are base64-encoded in transit so hosting WAF 
   rules do not block admin-ajax requests.

#### 1.8.0

 * Feature: Guided onboarding, Spanish (`es_ES`) admin UI, Addons screen, and settings
   reorganization.
 * Security: Confirmation-card escaping, per-admin chat session binding, and expanded
   protected options.

#### 1.7.2

 * Improvement: Plugin Builder pre-delivery safety checks, runtime load test, and
   separate load-test status on delivery cards.

#### 1.7.1

 * Fix: Remove development-only CLI repro scripts from the WordPress.org distribution
   package (they remain in the source repo for local debugging). Packaging-only 
   release, no functional changes.

#### 1.7.0

 * Feature: **Plugin Builder** — nine abilities, Built Plugins library, Playground
   testing with install gate, async chat artifact cards, quality pipeline, and four
   built-in skills.
 * Fix: Daily WP-Cron maintenance hooks now run memory decay and log cleanup.

#### 1.6.3

 * Fix/improvement: Batched database optimization (revisions, spam, orphaned postmeta,
   transients) with error checks, recovered-space reporting, and a time guard.

#### 1.6.2

 * Fix: Gemini compatibility for empty tool arguments and oversized toolsets.
 * Improvement: Quota-aware classifier behavior for Gemini free tier.

#### 1.6.1

 * Fix: MCP filters scoped to the LolaCore server, external tool response formatting,
   and a PHP 8.1 deprecation in the MCP adapter.

#### 1.6.0

 * Feature: Bundled zero-config MCP server, IDE parity, cross-environment memory,
   and dynamic tool syncing.

#### 1.5.0

 * Feature: Theme management (five abilities, full lifecycle parity with plugins).
 * UX Fix: Clearer post-action summaries and idempotent confirmation cards.

#### 1.4.1

 * Fix: Orphan `tool_call_id` errors during multi-tool runs.
 * Improvement: Four-layer tool-call pairing defenses and sanitizer telemetry.

#### 1.4.0

 * Feature: **Skills.MD** — markdown skills with triggers, admin panel, conversational
   authoring, and schema 0.3.0.
 * Improvement: `listSkills` ground-truth rule and session-summary locale respect.

#### 1.3.0

 * Performance: Deferred memory extraction and faster DeepSeek classifier calls.
 * Fix: Meta-tool pattern encoding and holistic intent limited to the current message.

#### 1.2.0

 * Feature: Memory Bootstrap from addons and holistic monitoring across domains.
 * Fix/improvement: Tool-call pairing fixes, DeepSeek reasoning handling, and ~30–
   40% token savings.

#### 1.1.3

 * Architecture: Memory persistence overhaul — pinned facts, importance-aware decay,
   proactive directives, and session summaries.
 * Compliance: i18n prep, error sanitization, dependency updates, and dev-file removal.

#### 1.1.2

 * Architecture: ActionExecutor split into 12 domain handlers; `getDiscoveredAbilities`
   and `manageRoles`.
 * Fix/improvement: Intent-router ordering, plugin search, chat autolinks, centralized`
   ErrorMessages`, and chat error UX.

#### 1.1.1

 * Fix: Taxonomies and featured image on create/edit content. Feature: `uploadMedia`.

#### 1.1.0

 * UI redesign, memory maintenance from settings, autonomous tool escalation, SafetyConfig,
   and addon infrastructure.

#### 1.0.2

 * Fix: Preserve HTML in chat. Enhancement: Markdown rendering with marked.js and
   DOMPurify.

#### 1.0.1

 * Filters for external addon actions and SOP map injection.

#### 1.0.0

 * Initial public release — 51 abilities, persistent memory, site scanner, WooCommerce
   tools, MCP support, and preview/confirm/execute safety flow.

## Meta

 *  Version **2.2.1**
 *  Last updated **1 day ago**
 *  Active installations **30+**
 *  WordPress version ** 7.0 or higher **
 *  Tested up to **7.0.2**
 *  PHP version ** 8.0 or higher **
 *  Language
 * [English (US)](https://wordpress.org/plugins/lolacore/)
 * Tags
 * [ai assistant](https://zul.wordpress.org/plugins/tags/ai-assistant/)[site management](https://zul.wordpress.org/plugins/tags/site-management/)
   [woocommerce](https://zul.wordpress.org/plugins/tags/woocommerce/)
 *  [Advanced View](https://zul.wordpress.org/plugins/lolacore/advanced/)

## Ratings

No reviews have been submitted yet.

[Your review](https://wordpress.org/support/plugin/lolacore/reviews/#new-post)

[See all reviews](https://wordpress.org/support/plugin/lolacore/reviews/)

## Contributors

 *   [ Fran Barbero ](https://profiles.wordpress.org/vanguardhive/)

## Support

Got something to say? Need help?

 [View support forum](https://wordpress.org/support/plugin/lolacore/)