Guide to WordPress user roles and permissions

Guide to WordPress user roles and permissions

WordPress has become quite common for developing websites today. It does have revolutionized the way we build and maintain sites regardless of the type of content you are putting on it. Moreover, it is flexible and offers an opportunity to create sites without having any technical knowledge.

What makes WordPress the most popular content management system?

WordPress comes with many features including user management system and if you are dealing with number of users on your website, it is important to have a clear understanding of WordPress user roles and permissions. This user management system defines what a user can or cannot do on your website.

Default WordPress user roles

WordPress usually comes with five default user roles – Administrator, Editor, Author, Contributor, and Subscriber.

Once you get familiar with each user role, you can easily assign and modify roles through the WordPress dashboard.


Administrator, as the name suggests, holds the key to the WordPress website. They not only manage but also have every right to perform different tasks on the site using WP dashboard including modifying user roles, altering WP files, changing themes, adding plugins and much more. Administrator role is usually reticent for site owners and offers them full control over their websites.


Editors usually have complete control over the content of the website. They can review, edit, modify and delete existing as well as new content. These users are given access to only content of the site. They don’t usually need access to themes, plugins, widgets and pages. Editors are also allowed to manage and moderate categories and comments on the site. Since the editor is a term related to content, they are the ones who can do anything only with the content.


Authors like editors have access to the content of the website, and can modify, edit, delete and publish their own content only. They don’t have access to other author’s content, pages of the site and other site settings including themes and plugins. They can also upload or delete media files and moderate comments on their own published posts.


The Contributor user role is not entirely different from author role except that contributors can modify, edit or delete their unpublished posts. They can only save the content on the site to allow the editor to review and publish it. They also usually don’t have access to media library and need to ask for permission if they want to upload any media files.


Subscribers can only read and comment on the content published on your site. They can also create an account using the WordPress dashboard. By default, all the users are marked as subscribers and are not granted any permission.

Super Admin

There are cases when people opt for multiple websites in a single WordPress installation. This is where the role of Super Admin comes to play. An administrator is the main admin for a website. In a multisite installation, same roles and permissions go into the hands of a super admin. In addition to those roles and permissions, he also can add a website, delete a website and so on. It is just like the administrator of the entire group of the websites in the single installation.

How to add a new user manually?

In your WordPress dashboard, you will find all the options so, follow these steps properly.

  • Click on the User Option on the left side of your WordPress dashboard.
  • Now, simply fill the details (Only email and name is required as mandatory).
  • Now, in that same window, you’ll see an option of show password. Just click it to see your autogenerated password or you can also add a new one.
  • You can also opt to send an email to your email account about your account detail.
  • Pick a user role.
  • Then simply click on ‘Add New User’ option.

It is as simple as this. You have now successfully added a new user.

Modifying user permissions

There are times when you need to modify users’ permissions on your website. Perhaps you want to grant permission to your contributor role to allow them to upload media files or need to revoke deleting capabilities from the author role, whatever the reason may be it is really essential to be able to easily grant or revoke permissions when required.

In order to do so, you need to install a plugin – Capability Manager Enhanced Plugin.

Manage WordPress user roles with a plugin

Capability Manager Enhanced WordPress Plugin

Capability Manager Enhanced is one of the most popular and widely used WordPress plugins that is available absolutely free of cost. The plugin allows you to add new roles, copy the rights and modify the roles. The plugin comes with a checklist of all the privileges which can be modified easily and quickly. It also allows you to restore and backup capabilities and roles to regress the changes.

How to install the plugin?

  • Click “Plugins” in your WordPress dashboard and click “Add New”.
  • Fill the name of the plugin in the search box and hit enter.
  • You should be able to see the plugin below the search box. Click “Install Now”.
  • Once installed, activate it to start managing user roles on your site.

The plugin has an extremely user-friendly interface which allows you to easily add or delete roles and capabilities.
To modify the capabilities, select the role for which you want to modify the capabilities in the right column. You should now see the user roles existing capabilities in three different boxes named “Editing Capabilities”, “Deletion Capabilities” and “Reading”. You can check or uncheck any column to modify the roles according to your preferences.
Yes, it’s that easy to modify and create roles and capabilities with Capability Manager Enhanced Plugin.
Now create, change or modify any role with their capabilities to make your website secure and safe and away from unwanted activities.

How to manage users without a plugin?

In your WordPress Dashboard admin menu, you will see user option (As same as above). There you’ll find an option “All users”. Just click it. Now, you can see all the user names, the number of posts assigned, actual names, emails, and user roles.
If you’re an admin, you can edit their details and also you can delete anyone if you want. Apart from that, you can also perform bulk action if you want. You can select multiple accounts and change their user roles straight away.
Every user can access their account detail by going through “User”–> “Your Profile” link. There you can edit or delete your account details.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.