Currently, WordPress Toolkit in Plesk does not support applying security measures (such as blocking access to xmlrpc.php) via CLI.

This limits automation and scalability, especially for hosting providers managing multiple WordPress installations.

Please consider adding CLI options to apply specific security measures—similar to what’s available in the UI and API—for improved scripting and bulk management capabilities.