What is the unfiltered_html permission in WordPress?

“unfiltered_html” is a security feature in WordPress that prevents users from using tags such as <iframe><embed> plus also more advanced code such as Javascript.

unfiltered_html could be very dangerous in the wrong hands, so please don’t give this permission to any users you don’t trust. WordPress has disabled this permission for most users because they rarely need it. For example, if you need to use embeds that WordPress doesn’t support look around for plugins such as EmbedPress.

Continue reading

What is the upload_files permission in WordPress?

The “upload_files” capability is one of the most important in WordPress.

If users don’t have the “upload_files” capability, they completely lose access to the Media Library. They can’t upload files or even browse media on your site.

If users do not have the “upload_files” capability, this image below shows what they will see when they use an image block in Gutenberg. They will see the message, “Given your current role, you can only link an image, you cannot upload.”

Continue reading

How to Restore the Default WordPress User Permissions

In some situations, you may need to completely refresh your WordPress site.

If you find yourself needing to reset your WordPress user permissions, this is possible with a plugin called Capability Manager Enhanced. This plugin has an option to delete all the current permissions and user roles, and restore the WordPress defaults.

Continue reading

Get professional publishing tools for WordPress! Get PublishPress

[i]
[i]