WordPress Roles & Capabilities
Interactive matrix of every default WordPress capability mapped to its roles. Search by name, filter by role, and click any capability to get ready-to-paste PHP code. All data is embedded in this page — nothing is sent to a server.
| Capability | Group | Subscriber | Contributor | Author | Editor | Administrator |
|---|
About this tool
WordPress uses a roles and capabilities system to control what each user can do.
A role is a named collection of capabilities — Subscriber, Contributor, Author, Editor, and Administrator are the five built-in roles.
A capability is a single permission string such as edit_posts or manage_options.
The matrix above shows every default capability and whether each built-in role has it (green tick) or does not (dash). Click any row to generate a PHP snippet showing how to check that capability in your plugin or theme.
Adding custom capabilities
You can grant or remove any capability on the fly using the user_has_cap filter, or persist changes via WP_Role::add_cap():
// Grant a custom capability to Editors (run once on plugin activation)
$role = get_role( 'editor' );
$role->add_cap( 'manage_store' );
// Then check it anywhere
if ( current_user_can( 'manage_store' ) )
Custom capabilities added via add_cap() are stored in the database and persist across requests.
Use $role->remove_cap( 'capability' ) to revoke them.
current_user_can() — WordPress Developer Reference · Roles and Capabilities — WordPress.org
