In this blog, I will go through the five roles in a stand-alone WordPress site (multi-site has the super administrator for a total of six). Each user role has different capabilities and functionalities. The biggest mistake I see web site owners making is setting all users as administrators. This administrator role can make core site changes that could be pretty hard to control or undo. If the user is given more permission then needed, he / she can have the ability to make unwanted changes to both site functionality and content. At the same time too low of a user role could created unneeded overhead to assist that user to complete the required tasks.
The Administrator Role
WordPress administrators should be limited to only those users responsible for site maintenance and / or development tasks. This role has access to core elements of the site that could cause havoc if left in the wrong hands. The administrator role can manage plugins, core theme files, change other user’s roles and create or modify widgets, as well as all the areas that the other four user roles have access to.
The Editor Role
The Editor role is a great option for users who need permission to manage all of the content, but not themes, plugins, and / or widgets. For small sites with one person responsible for content management and creation this is the most suitable role. The Editor role had complete control over content, the only limitation would be site setting that are reserved for administrators.
The Author Role
The author role is very similar to the editor role except the author is only able to manage the content they have created. The will not be able to edit or delete other content created by other users. Like the editor role this is a low risk solution as the author will not have access to critical areas of the site. This role makes the most sense when you have one person that only needs to be responsible for his / her own content.
The Contributor Role
The contributor role is very limited in that is it dependent on an editor or administrator to publish the content. This role allows the user to write, edit and delete their own posts, but any action must be approved by an administrator or editor. In addition, the contributor will not have access to the media library. This role would only have limited use is larger organization or cases where guest author is being asked to add content under the direct supervision of an editor.
The Subscriber Role
The subscriber role has no capability to modify or manage any content or area of a WordPress site. This role is only useful for registration purposes. The only area the user can edit in their own profile information.