Ultimate Guide to WordPress User Roles and Permissions (2019 Update)

WordPress User Roles and Permissions feature img

Are you still confused to consider WordPress to develop Websites? So, let me just make you aware of the 2019 statistics of WordPress. It has empowered 34% of the websites on the internet as a powerful CMS.  There is no doubt that it has come a long way since its evaluation in 2003.

What Makes WordPress the Most popular Content Management System?

WordPress is an Open source platform comes with many handy features to give you the best experience for Custom WordPress Development . With all these features, WordPress has built-in privacy and security system. This includes a user management system and if you are dealing with several users on your website, it is important to have a clear understanding of WordPress user roles and permissions. This user management system defines what a user can or cannot do on your website.

Why User Roles and Permissions are Important?

  • It secures the website by confirming that the user doesn’t have any approach to access to the things they are not permitted to. Like, you do not want any third person to install the new plug-ins on your website.
  • You can easily manage your workflows. For instance; WordPress came up with pre-made user roles that you can give to the authors of your website to permit them to access the functionality they require to write the WordPress posts.


By applying WordPress user roles and permission smartly, you assure that no one has more power to access than they require. This results in more security and a seamless workflow of your website.

This guide will help you to understand what user roles are and what they count. It will comprehend you with the internal security and privacy of WordPress. So, let’s just begin!

Default WordPress User Roles

WordPress user roles describe what actions are allowed to perform by every user at your website.  These actions are termed as “capabilities”. For instance; One’s Capability is the ability to publish a post on WordPress website whereas Another’s capability lies in the ability to install a new plug-in.

So, it can be said that user roles are an integration of several actions/ capabilities with that role to be performed by the user. 

WordPress usually comes with five default user roles, such as, Administrator, Editor, Author, Contributor, and Subscriber.

Wordpress user roles and permissions

Once you get familiar with each user role, you can easily assign and modify roles through the WordPress dashboard.


Administrator, as the name suggests, holds the key to the WordPress website. They not only manage but also have every right to perform different tasks on the site using WP dashboard including modifying user roles, altering WP files, changing themes, adding plugins and much more. Administrator role is usually reticent for site owners and offers them full control over their websites.


Editors usually have complete control over the content of the website. They can review, edit, modify and delete existing as well as new content. These users are given access to only content of the site. They don’t usually need access to themes, plugins, widgets and pages. Editors are also allowed to manage and moderate categories and comments on the site. Since the editor is a term related to content, they are the ones who can do anything only with the content.


Authors like editors have access to the content of the website, and can modify, edit, delete and publish their own content only. They don’t have access to other author’s content, pages of the site and other site settings including themes and plugins. They can also upload or delete media files and moderate comments on their own published posts.


The Contributor user role is not entirely different from author role except that contributors can modify, edit or delete their unpublished posts. They can only save the content on the site to allow the editor to review and publish it. They also usually don’t have access to media library and need to ask for permission if they want to upload any media files.


Subscribers can only read and comment on the content published on your site. They can also create an account using the WordPress dashboard. By default, all the users are marked as subscribers and are not granted any permission.

Super Admin

There are cases when people opt for multiple WordPress websites in a single WordPress installation. This is where the role of Super Admin comes to play. An administrator is the main admin for a website. In a multisite installation, same roles and permissions go into the hands of a super admin. In addition to those roles and permissions, he also can add a website, delete a website and so on. It is just like the administrator of the entire group of the websites in the single installation.

How to Add a New User Manually?

In this segment of the article, the method of adding a new user in manual way has been described. Look at the below steps to understand the principle behind it.

  • Click on the User Option on the left side of your WordPress dashboard.
  • Now, simply fill the details (Only email and name is required as mandatory).
  • Now, in that same window, you’ll see an option of show password. Just click it to see your auto generated password or you can also add a new one.
  • You can also opt to send an email to your email account about your account detail.
  • Pick a user role.
  • Then simply click on ‘Add New User’ option.

It is as simple as this. You have now successfully added a new user.

Modifying User Permissions

There are times when you need to modify users’ permissions on your website. Perhaps you want to grant permission to your contributor role to allow them to upload media files or need to revoke deleting capabilities from the author role, whatever the reason may be it is really essential to be able to easily grant or revoke permissions when required.

In order to do so, you need to install a plugin – Capability Manager Enhanced Plugin.

Manage WordPress User Roles with a WordPress Plugin

Capability Manager Enhanced WordPress Plugin

Capability Manager Enhanced is one of the most popular and widely used WordPress plugins that is available absolutely free of cost. The plugin allows you to add new roles, copy the rights and modify the roles. The plugin comes with a checklist of all the privileges which can be modified easily and quickly. It also allows you to restore and backup capabilities and roles to regress the changes.

How to install the plugin?

  • Click “Plugins” in your WordPress dashboard and click “Add New”.
  • Fill the name of the plugin in the search box and hit enter.
  • You should be able to see the plugin below the search box. Click “Install Now”.
  • Once installed, activate it to start managing user roles on your site.

User role and permission

The plugin has an extremely user-friendly interface which allows you to easily add or delete roles and capabilities.
To modify the capabilities, select the role for which you want to modify the capabilities in the right column.

You should now see the user roles existing capabilities in three different boxes named “Editing Capabilities”, “Deletion Capabilities” and “Reading”. You can check or uncheck any column to modify the roles according to your preferences.

Yes, it’s that easy to modify and create roles and capabilities with Capability Manager Enhanced Plugin.
Now create, change or modify any role with their capabilities to make your website secure and safe and away from unwanted activities.

How to Manage Users Without a WordPress Plugin?

In your WordPress Dashboard admin menu, you will see user option (As same as above). There you’ll find an option “All users”. Just click it. Now, you can see all the user names, the number of posts assigned, actual names, emails, and user roles.
If you’re an admin, you can edit their details and also you can delete anyone if you want. Apart from that, you can also perform bulk action if you want. You can select multiple accounts and change their user roles straight away.

Every user can access their account detail by going through “User”–> “Your Profile” link. There you can edit or delete your account details.

Concluding Remarks

Being a feature-rich platform, WordPress has evolved like fire since its inception. It has offered an excess of opportunities to the Businessperson to grow their business and you can hire a dedicated WordPress Programmer for the ease. As an open-source platform, you can effortlessly add, modify or edit the themes, plug-ins, user roles, etc. This article aims to guide you about user roles and permissions in WordPress. You can add roles and can edit the capabilities of the existing one as well with custom coding.  We hope, an idea of delivering the best has been accomplished!

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.