User Roles and Permissions in WordPress

WordPress is a free and open-source content management system (CMS) based on PHP and MySQL. WordPress has seen enormous growth, becoming the most popular site management tool online with over 60 million downloads.

With so many people using WordPress, it’s important to be familiar with the permissions that come built-in and what you can do to add more. In this article, we will cover how user roles work in WordPress, some of the different types of users there are and their associated permissions, what each role does for your website, and how to set up new user roles.

The five main user roles in WordPress

  1. Administrator
  2. Editor
  3. Autor
  4. Contributor
  5. Subscriber


What is the Administrator user role in WordPress, and what are its permissions?

A WordPress administrator is an account with full access to all of the administration screens and features. It’s used by people who manage a WordPress website.

The admin account has complete control over everything that happens on that website: from installing plugins to changing themes to adding posts and pages. Every time you log into your WordPress dashboard as an admin (at http://www.example-website/wp-admin), you’ll have unrestricted access to do anything you want. So it’s essential that this login information remains secret.

As an administrator and site owner, the most important job is keeping the core WordPress files and plugins updated. Keep an eye on the “update available” notifications, read through release notes, and follow any recommended steps to ensure your site is always running secure code.

You can also create users with their own login details and provide each of them access to specific sections of your website.


The editor is responsible for publishing the posts, pages, and comments of other users. The editor can create new content independently without any restrictions or interference from other roles. The editor’s privileges are: manage posts, manage pages, edit others’ posts, delete others’ posts/pages, approve others’ comments/replies (in moderated forums), publish posts by email (for blog authors).

The editor has no permission to change anything in the WordPress administration panel.

Related – How to Choose the Best WordPress Hosting in 2022


WordPress Autors have write, edit, and publish capabilities for their own posts. They are not able to moderate comments on their work as well as the pages they have created. You can assign four permissions to an Author: read, write, edit posts, and publish posts.

Depending on your use case, you may want one or more of these privileges assigned to different roles on your site, such as Author. As we will see later in this article, many other “permissions” can also be applied, which determine what the Author is allowed.

Authors cannot create categories, but they can choose from existing ones.


The Contributor role is perfect for someone who wants an account on a specific blog or website so they can add posts and edit their own posts but cannot publish them. This means that while the contributor has full control over the post, they cannot publish it. To do that, an editor or admin must approve the post.

A pretty big disadvantage of the Contributor role is that they cannot upload files, which means no images. This is a big disadvantage as someone who wants to contribute to a blog or website needs to be able to upload files for various things.

Also, Contributors do not have access to settings, plugins, themes and other things that an admin would have.

They also cannot approve comments on the site to approve or delete comments from others.


As a subscriber, you have almost no permissions. Subscribers can’t post new articles or reply to other people’s comments, but they can subscribe to new posts as long as somebody else has already posted them. Subscribers can manage their profile by setting up an avatar and a publicly visible bio.

Bonus Role – Super Admin

WordPress Multisite is a powerful WordPress feature that allows you to manage many sites running on the same installation. The Super Admin role in WordPress Multisite has specific functions and capabilities, which are discussed below:

  • The Super Admin can manage all the sites on a network as well as assign different levels of access for each site’s administrator account.
  • Super Admins also have complete control and can install new plugins or themes across their entire network. This gives them much more power than regular administrators.

Customizing Existing User Roles in WordPress

Customizing the existing user roles in WordPress is a great way to make your website fit you and your employees.

You already know the five default user roles that come with every installation of WordPress are Administrator (admin), Editor, Author, Contributor and Subscriber.

These can be customized by changing their capabilities and assigning them new tasks through the Users menu under Settings from within your WP admin dashboard.

Doing this will enable you to give your employees the power they will need to do their work more efficiently, giving you the time and possibility to focus on the higher-level management of your website.

Creating Custom User Roles

First thing first, let’s see how we can add custom user roles available for use in WordPress.

What we have to do is to create a new user role and give it default capabilities, then assign an author to this role and set the capabilities for them.

You will need to go through the following steps:

– Create a custom user role;

– Add some new Capabilities (if you want to);

– Assign one or more authors to this new role;

First, go to Users -> Add New in your WordPress site and add a new user. Be sure that you set their role as Custom Role, give it a Name and a Description, and then click on the Add User button.


In conclusion, WordPress User Roles and Permissions are designed to create a sense of hierarchy. The five main different user roles are Admin, Editor, Author, Contributor, and Subscriber. The different Permissions are reading, writing, publishing and administration.

It’s also important to say that from a business point of view, it is possible to create Super Admins in WordPress, which can manage sites on the multisite network.

Similar Posts