WordPress User Roles Explained: Who Should Have Access to What
One of the most common mistakes organizations make with WordPress is giving everyone administrator access. It seems simpler – everyone can do everything they need without restrictions. But this approach creates real problems.
When everyone has full admin access, anyone can accidentally delete critical pages, install problematic plugins, change theme settings that break your design, or create security vulnerabilities. One well-meaning staff member trying to “just add a simple feature” can take down your entire site.
WordPress includes a built-in user role system designed to prevent exactly these problems. Understanding these roles and using them correctly protects your site while still giving team members the access they actually need.
Administrator: Full Control (Use Sparingly)
Administrators have complete control over your WordPress site. They can install and delete plugins and themes, manage all users, modify critical settings, and access every piece of content. They can also permanently delete anything, including things that would break your site.
This level of access should be limited to one or two people who are responsible for the site’s technical operation. Usually this means your web developer or IT person, and perhaps one organizational leader who understands the implications of having this access.
Administrators are the only role that can add or remove other users, which is another reason to limit this role. If a staff member with administrator access gets their account compromised, an attacker has full control of your entire site and can lock you out completely.
Many organizations make everyone who touches the website an administrator because it’s easier than thinking through what access each person actually needs. This is trading convenience for security and stability. Don’t do it.
Editor: Content Control Without Site Control
Editors can create, edit, publish, and delete any content on your site, including posts and pages created by other users. They can manage categories and tags, moderate comments, and upload media files.
What editors cannot do: install plugins or themes, change site settings, manage users, or modify anything that affects how the site functions technically.
This role is perfect for content managers, communications directors, or anyone responsible for keeping your site’s content current and accurate. They have full control over what appears on the site without being able to accidentally break how the site works.
For most small organizations, editor access is what the majority of staff members actually need. The person updating your blog, adding event listings, or managing your news section should be an editor, not an administrator.
Author: Can Publish Their Own Content
Authors can write, edit, and publish their own posts. They can upload images and files to use in their content. They can manage their own published and unpublished posts.
What authors cannot do: edit or delete anyone else’s content, manage pages (only posts), access site settings, or moderate comments on posts they didn’t write.
This role works well for organizations with multiple people contributing blog posts or articles, especially when you want those contributors to be able to publish directly without approval. Guest bloggers, regular contributors, or staff members who occasionally write articles fit this role.
The key limitation is that authors only control their own content. They can’t accidentally modify or delete someone else’s work, which protects your site from well-intentioned but potentially problematic edits.
Contributor: Can Write But Can’t Publish
Contributors can write and manage their own posts, but they cannot publish them. Their posts sit as drafts or pending review until someone with editor or administrator access approves and publishes them.
Contributors also cannot upload media files. If they need images in their posts, someone else has to add them, or they need to link to images hosted elsewhere.
This role is useful for guest writers, volunteers, or anyone who should be able to submit content but shouldn’t have the ability to publish directly to your live site. The approval workflow gives you quality control and ensures nothing goes live without review.
Many organizations don’t use the contributor role because it requires more workflow management. But for organizations that want editorial oversight or work with external contributors, it’s valuable.
Subscriber: Minimal Access
Subscribers can log in and manage their own profile. That’s it. They can’t create content, access the dashboard beyond their profile settings, or do anything that affects the site.
This role is mainly useful for membership sites or communities where people need accounts to access certain content or features. For most organizational websites, you probably won’t use this role at all.
Choosing the Right Role for Each Person
When adding someone to your WordPress site, ask these questions:
Do they need to manage technical settings or install plugins? If yes, they might need administrator access, but make sure this is truly necessary.
Do they need to edit content created by other people? If yes, editor access makes sense.
Will they create and publish their own content independently? Author access works for this.
Should their content go through approval before publishing? Contributor access provides that workflow.
Do they just need login access without content creation? Subscriber is appropriate, though you may not need to give them access at all.
Most people need less access than they think they do. Start with the minimum access level that lets someone do their job, and increase it only if necessary. It’s easier to grant more access later than to deal with the consequences of giving too much access upfront.
What About Custom Roles?
WordPress also supports custom user roles with specific capabilities tailored to your needs. This requires plugins or custom code, but it can be useful for larger organizations with complex workflows.
For most small nonprofits and startups, the built-in roles cover what you need. Focus on using those roles correctly before adding complexity with custom roles.
Protecting Your Site With Smart Access Control
Proper user role management is a simple but effective security practice. Limit administrator access to people who genuinely need it. Use editor and author roles for content contributors. Review user accounts periodically and remove access for people who no longer need it.
This isn’t about distrusting your team. It’s about protecting your site from accidents, limiting damage if an account gets compromised, and ensuring that the right people have the right access to do their jobs effectively.
Your website is critical infrastructure for your organization. Treat access to it accordingly.
