What Are The WordPress User’s Roles And Permissions? (A Beginner’s Guide)

No doubt, WordPress is a very flexible and one of the best content management system (CMS). It has very flexible and scalable tools and functionalities which helps in making your website quickly with additional features. It’s important to understand the different WordPress user’s roles and capability before assigning them randomly.

What Are WordPress User’s Roles?

As a CMS, it comes with a role management system that is able to define what specific users can or can not do on their website. You need to be aware of these roles so you can more easily manage the reach of your website.

Although the user role basically defines the permissions for specific users of your website to perform a group of tasks. However, in the default installation of WordPress, there are a few predefined user roles that have some predefined set of permissions. All these user roles are known as Editor, Administrator, Super Admin, Author, Subscriber, and Contributor.

Basically, each of these roles has a specific number of set tasks it is allowed to perform that is known as capabilities. Although there are various types of capabilities such as publish_posts, edit_users, and moderate_comments. However, every role has a predefined set of capabilities.

However, you are able to add some new capabilities anytime you want. In addition, you can also remove the capabilities from each role. Because the user roles are very convenient when you use them for a multi-author WordPress website. So as far as the default user roles are concerned.

Therefore the Super Admin has the highest level of access while the subscriber has only the least level of access. The subscriber role only grants the user to read the posts, but they can not write anything within the post. However, the Contributor user role can allow you to write posts, but you can not publish them.

Besides that, the author’s user role can write and also publish their own posts. While the Editor’s user role can do the same thing for their own posts as well as others post too. Basically, the administrator user role has access to all the administration features within a single site. At a higher level, the Super Admin has access to the complete network if it exists.

Although completely new roles can also be added and removed with the help of plugins. Basically, These plugins enable the website administrator to manage a few tasks. Such as who can publish and edit posts, manage plugins, create pages, manage other users, moderate comments, manage themes, define links, and many more.

However, restricting the user capabilities of various roles supports the administrators of the WordPress website to have other users to participate on their website. Therefore the user roles can make it possible for all WordPress websites to have more than one author and thousands of registered users.

Besides that, this flexibility has transformed the WordPress website from a simple blog publishing platform into a well-organized community platform. That is capable of empowering large online publications, membership sites, and other types of websites. That may typically require numerous users.

If you are the only person running your website, then you probably should not think about the user roles of WordPress. However, if you ever need to give other people access to their WordPress site, then the roles of the WordPress user are necessary to control what actions are taken for different users of your site.

WordPress offers 5 default user roles:

  1. Administrator
  2. Editor
  3. Author
  4. Contributor
  5. Subscriber

Let’s have a look at them in a detail:

WordPress user roles and capabilities

1) Administrator

Administrator is one of the most powerful roles in WordPress. When someone installs WordPress, by default it creates a user role with new passwords and user names and defines the role as WordPress Admin.

Administrators can do all the work on the site and have the ability to do anything. Like a user with the role of an administrator (usually referred to as an administrator) has the ability to change the structure of the website, including its themes, plugins and other user settings. It is the only user who can create new users, modify and delete any existing, including any other administrator.

The administrator is an upper-level user role within the WordPress website. Because when any user has installed WordPress. Then it automatically creates a new user role with the username and password, which is defined during the installation. Therefore at the first step user is assigned the administrator user role.

Therefore they have become able to perform all the necessary actions which need to take on a WordPress website. In addition, the administrator user role has full capabilities and permission to do many things. Therefore a user with the administrator user role can also add and remove other normal users with the same role.

Therefore when you are assigning the administrator user role to any user. Then it is very important for you to remember that administrators have the ability to delete the existing content from the website. Also, the administrator is the one and only user role that has the ability to upgrade any of the WordPress blogs.

Therefore an administrator can edit core WordPress files and change themes by using the built-in theme editor. In addition, they can also have the ability to add, or delete, and modify any of the plugins on the website in the same way. Besides that, In most cases, there is only one and only administrator.

Although in such cases of a multisite installation of WordPress. There are some of the capabilities of the admin role that are allocated to the super admin role. Therefore the super admin can add new users, modify themes, add and remove administer or plugins, the website network. While the roles of the administrator would only be concerned with managing a single website.

2) Editor

The editor is at the top position to handle the content of your website. The user with the role of an editor can do anything with the content of your website, which includes your pages, posts, media, and comments. They have access to add, edit, publish and delete any post on your WordPress website. This includes all posts, even written by others such as authors, contributors, and administrators.

In addition, their list of privileges includes access to personal posts and pages. However, due to the role of this user, there are certain restrictions. The user with the role of an editor cannot access WordPress settings, themes, plugins and/or widgets.

However, within WordPress, the word “Editor” may refer to the pre-defined user role. It is very important within the WordPress user management system. Therefore users with the editor’s user role have the capability to edit, publish, write, and also delete the posts.

Basically, this involves all the posts that are written by other users. They can also approve, moderate, and also delete the comments. The privileges of the editor user role extend beyond just removing or adding the content. The editor user role can also manage tags, categories, upload files, and even custom taxonomies.

Basically, a user with the Editor user role privileges can also have the capacity to read the private pages and posts. Hence, in terms of capabilities, only the Administrator user role has some more privileges than the Editor user role. In addition, there are also some limitations to this role.

That is Editor user role can not access WordPress themes, settings, and also plugins areas. On the other hand, the editor can manage content. And even they can delete it, but the editor user role can not perform any website management tasks. Since the editors can have the power to delete the posts.

Even they can delete those posts that are already published. Therefore it is highly recommended, that you only assign this role to a user whom you can trust more. In addition, you should keep in mind that you can remove or add the capabilities to user roles in WordPress. Thus, if you are not sure about delivering a user this much control on your website you can change the user role to meet your needs.

3) Author

The author can publish, edit or delete their own posts, but they can not access anything created by other users. They can not even create, edit, or delete those pages. An author can upload files to the Media Library and delete whatever they have previously uploaded. Apart from this, the authors can moderate the comments on their own posts.

There are few drawbacks in assigning an author as even after publishing posts, they can remove any of their posts. Although this is not a major issue, it can cause a problem in some cases.

The authors can remove the posts after publishing them, even if they are paid for this work, or they can remove their posts after resigning from the company. The consequences of such a situation can be dangerous to your website. It’s always better to have a WordPress backup for your website.

In WordPress, the term author refers to a predefined user role. A user with an Author role can upload files, write, edit, publish, and delete their own articles. They can also edit their profile and change their passwords. Since a user with author role has the capability of deleting their own published posts and edit their own published articles.

Although the websites with multiple authors usually assign the contributor role to writers or use a plugin to create a user role with customized capabilities. This eliminates the risk of miscommunication, or hired writers deleting their work if they were fired.

Many websites also provide authors with author pages to give biographical information about themselves. This is usually done through the built-in author archive pages which displays a list of all posts written by them. Some sites even display a list of authors with photos on their sidebar or their about page.

Custom information can also be displayed about them by configuring the pages to display such information. This can include things like name, date of birth, location, social profiles, and more.

4) Contributor

A contributor can only perform three tasks i.e reading all the posts, deleting and editing their own posts. Since this role doesn’t allow users to publish posts or upload media files, it is limited. Thus it only god for one-time or new content creators. They do not have access to admin functions such as shuffling website designs, uploading plugins or creating new categories.

It can choose from existing categories and add related tags to their posts. This user role can be an ideal option for the owners of a WordPress site, which other people want to come to their site and just write, nothing more. To be more precise, this role can be assigned to guest writers who easily present their content. Also, the Contributor is one of the useful user roles in WordPress with predefined capabilities.

Also, the user with the contributor role in a WordPress website can delete or edit their own posts, but they can not edit or delete published posts. This makes the contributor user role a better choice for the owners of the WordPress website, who want to enable other people to come and write on their websites. There are some of the plugins available. That provides even more control to website administrators, over the capabilities of each user role.

5) Subscriber

A subscriber has minimal access and limited capabilities among all the WordPress user roles. As long as the default capabilities are not changed, the subscriber’s role is delimited to create and maintain its profile on the WordPress website. In addition, they can also change their passwords which they want. But, they do not even have the permission to write articles and publish them.

This role is only suitable if you want your users to log in to your website to view the post or leave a comment. Being a customer, if you provide one on your website, then they can enroll in news subscriptions like email and promotion. They gain access to their own profiles and can edit some of their own information.

As you know the subscriber in WordPress may refer to a user role. Normally, the user role of the subscriber has very limited capabilities. Basically, the subscriber user role is the most limited user role in comparison to all the WordPress user roles. In addition, you can also change the default capabilities of this role.

However, they can create and maintain their profile on a WordPress website, but they can not publish or write the articles. Because they can log in to the dashboard of WordPress and make changes to their profile, this means that they have a very restricted ability to modify the WordPress database. Just like with the other user roles, the default abilities of this role can be modified.

With default settings, the subscriber role allows users to log in to a WordPress website and leave comments without having to enter their details every time. This role is helpful for people who frequently read a blog and are commenting actively. It can make leaving comments on an article much easier and faster.

The subscriber user role can also be used to deliver some additional content to users such as newsletter or access to the posts and pages. That would otherwise be locked. Subscriber’s user role may also refer to a user who has subscribed to a website using a mailing list, an RSS feed, or any other feature to receive updates from a website.

6) Super Admin

It is the modified form of the regular administrator. For instance, admins on WordPress Multisite networks cannot install, upload or delete themes and plugin, nor can they modify user information. These things can only be done by a super admin.

The super admin is responsible for the entire network and can make high-level changes such as adding and deleting the site. They can manage network users, themes, plugins and more. As such, their dashboard looks like a regular administrator.

Additional Information of this blog:

How to add a new User in WordPress?

  • Log in into your WordPress dashboard, click on add new from the select user option.
  • Fill in the required details in the form given.
  • Then click on show password and create a new password. You can change it whenever you require and a new user can also change it as well.
  • From the drop-down menu choose any one of the required user roles.
  • Then click on add new user. And here you go.

Plugins to modify WordPress user roles

WordPress offers a wide range of outstanding WordPress plugins. However, we recommend the User Role Editor Plugin to manage and control user roles. This plugin allows you to add, modify and delete user roles and capabilities very efficiently and effectively.

WordPress user role editor plugin

Here’s how you can customize user role using the plugin:

  • Firstly activate the User Role Editor plugin and navigate to user role editor under user.
  • After that, select the user’s role from the top of the page.
  • With this plugin, you can either create a new role or edit an existing one. Apart from this, it allows you to fill a selected role with the capabilities you need. In addition, you can assign newly created roles or capabilities directly to the user.
WordPress user roles
  • To add a new role and define its capabilities or if you wish to delete any, you can easily perform this from the main user role editor page. Moreover, you can even make a copy of the capabilities of the existing role for the newly created one. Thus, one can say that this page saves you from enabling the capabilities again.
WordPress user roles

Capabilities can also be defined as a user level. In the user list page, you can see a capabilities option which will redirect you to the capabilities page in the WordPress user list page.

How To Customize User Roles?

Well, the pre-defined user roles of WordPress are designed to have basic capabilities that can fit according to the requirement of most websites. For instance, suppose that you running a news website. Therefore you can assign the user role of Editor to the senior staff and user role of author to the junior staff.

In addition, you can also assign a user role as a contributor to your guest authors. And the subscriber user role for your website visitors. But how can you deal with it in such a condition if you wanted to modify the permissions of an existing user role of WordPress?

Because there is one thing that we do not like about the user role of the author. That is the authors of a website can not only publish their own posts. But also they can delete the posts after that it is published. Therefore this ability can undermine the entire editorial workflow of your website.

Besides that, it can be more harmful to your website. When a paid author is leaving your website on a few bad terms and conditions. Therefore he or she can decide to delete all the existing posts or the specific ones that they wrote or you paid them. Hence now let us suppose that you require to modify the user role of the author.

Therefore as a result, once the posts are published. Then the authors will not be able to delete any of the posts either their or others. However to do so the very first thing that you need to do is just install and activate the Capability Manager Enhanced plugin. After that upon activation go to:

Users » Capabilities to modify user roles

And then, choose the specific user role from the top box in the right column that you want to edit. After that, you need to click on the load button. Hence clicking on it will load the capabilities of the user in the boxes on the left side. SO now all you need to do is uncheck all those capabilities that you require to remove from that user role.

Such as, in this case, if you need to remove the user capability to delete the published posts from authors. Then you need to uncheck the Delete Published capability from the box. When you are done with all that, then to save this setting just scroll down to the bottom of the page. And then just click on the button named save changes to store your settings.

How To Create Your Own WordPress Custom User Roles?

However, you are also able to create your own custom user roles within WordPress. In addition, you can introduce your own set of new capabilities by using the same plugin of Capability Manager Enhanced. Therefore after installing the plugin you need to activate the plugin, go to Users » Capabilities.

After that, you just need to enter the desired user role name under the Create New Role. Such as, a news website may require some staff members to actively moderate the visitor’s comments. In such a case, you may need to create a specific user role that can only moderate comments.

Well to do so all you have to do is just create a new user role. After that, just select the moderation comment option from under Other WordPress Capabilities. So now this information can help you to understand the WordPress user roles and permissions.


Having knowledge of different user roles and using them as per their need basically improves the security as well as the efficiency of your WordPress site. It also organizes the registered users and their role.

Follow some simple techniques to take advantage of this feature. For example, consider placing your pool of top-level users short, specify only what permissions are required, and use plugins to customize their roles. Still, if you have any problem dial our phone number +1-888-738-0846 (toll-free) to contact our WordPress Support developers.

Leave a Reply