What is the edit_plugins permission in WordPress?
The edit_plugins permission allows users access to the “Plugin Editor” screen in WordPress.
The edit_plugins permission can not be used by itself. Before you can edit plugins you also need the activate_plugins permission.
This screen is very dangerous because you can directly edit the files for any plugin on your WordPress site. Any user with the edit_plugins permission can quickly bring down a WordPress site.
Who has the edit_plugins permission?
The edit_plugins permission is available on single WordPress sites and on multisite networks.
By default, the edit_plugins permission is only given to Super Users, and Administrators.
Users not in these roles are not allowed to edit plugins.
Control who has the edit_plugins permission
You can control who has the edit_plugins permission by installing the Capability Manager Enhanced plugin.
- After installing Capability Manager Enhanced, go to Users > Capabilities.
- Check or uncheck the “activate plugins” and “edit plugins” boxes in the “Other WordPress Core Capabilities” area.