What is the edit_plugins permission in WordPress?
The edit_plugins permission allows users access to the “Plugin Editor” screen in WordPress.
The edit_plugins permission can not be used by itself. Before you can edit plugins you also need the activate_plugins permission.
This screen is very dangerous because you can directly edit the files for any plugin on your WordPress site. Any user with the edit_plugins permission can quickly bring down a WordPress site.
Who has the edit_plugins permission?
The edit_plugins permission is available on single WordPress sites and on multisite networks.
Users not in these roles are not allowed to edit plugins.
Control who has the edit_plugins permission
You can control who has the edit_plugins permission by installing the PublishPress Capabilities plugin.
- After installing PublishPress Capabilities, go to “Capabilities” in your admin menu.
- Using the dropdown in the top-left corner, choose the role you want to edit.
- Check or uncheck the “activate plugins” and “edit plugins” boxes in the “Other WordPress Core Capabilities” area.