WordPress has a number of built-in roles, each of which have different levels of access to the system. As an administrator you should assign your users the role most appropriate to their needs and no higher.
Subscriber
- Has access to the Dashboard only to edit their own profile, which allows them to change their display name and password.
- Cannot create or edit any content or upload any media.
- This role is most commonly used for end users or consumers of your content, where your content is not public and requires a login to access.
Contributor
- Has all the privileges of a Subscriber, plus the ability to create content.
- A contributor can write and manage their own posts but cannot publish them. Instead, an editor will be required to review and publish the completed content.
- A contributor cannot edit a post created by someone else.
- Use this role where you want an editor to review all content before it goes live.
Author
- Has all the privileges of a Contributor, plus the ability to publish their own content.
- An author can only edit and publish content created by themselves.
- Use this role where you want a user to be responsible for a particular page or section only.
Editor
- Has all the privileges of an Author, plus the ability edit or delete content created by other users.
- Editors can effectively do anything they like with content but lack the ability to manage users and other administrative tasks.
- Most of your users will probably require this role if you do not have any specific content creation workflow.
Administrator
- Has all the privileges of an Editor, plus access to administrative functions
- Add and remove users from the site
- Change the site theme
- Edit menus and widgets
- Customise the theme colours and layouts
- Not everyone needs to be an administrator – assign this role wisely!