WordPress.org

Sinhala

Get WordPress
WordPress.org

Plugin Directory

Highland Software Custom Role Manager

Highland Software Custom Role Manager

By jgrodgers
Download

Description

Highland Software Custom Roles Manager extends WordPress role management by allowing administrators to create custom roles, assign multiple roles to users, and manage capabilities through an intuitive interface.

This plugin follows WordPress best practices for role and capability management, including strict server-side validation and protection against unsafe capability assignment.

Version 1.0.2 introduces a logging system for tracking role and capability changes, along with improvements to role loading and synchronization.

Features

  • Create and manage unlimited custom roles
  • Assign multiple roles to a single user
  • Group roles for better organization
  • Drag-and-drop role ordering
  • Capability management with toggle interface
  • Role and capability change logging (audit trail)
  • Protection against unsafe capability assignment
  • Replace the default role dropdown with a checkbox-based interface

Screenshots

  • Role builder interface
  • Capability management UI
  • User role assignment interface
  • Grouped roles display

Installation

  1. Upload the plugin folder to /wp-content/plugins/
  2. Activate the plugin through the ‘Plugins’ menu in WordPress
  3. Navigate to “HS Roles” in the admin menu
  4. Configure roles and capabilities

FAQ

Can users have multiple roles?

Yes, users can be assigned multiple roles using a checkbox interface.

Are default roles modified?

No. Default WordPress roles are protected and cannot be modified.

Is the administrator role protected?

Yes, sensitive capabilities such as manage_options are restricted.

Will this plugin affect existing users?

No. Existing users retain their roles unless explicitly changed.

What does the logging system track?

The plugin logs role and capability changes, including who made the change and when it occurred.

Reviews

There are no reviews for this plugin.

Contributors & Developers

“Highland Software Custom Role Manager” is open source software. The following people have contributed to this plugin.

Contributors

Translate “Highland Software Custom Role Manager” into your language.

Interested in development?

Browse the code, check out the SVN repository, or subscribe to the development log by RSS.

Changelog

1.0.2

  • Feature: Added logging system for role and capability changes (audit trail).
  • Improvement: Logs include user, action, and context for better traceability.
  • Fix: Resolved issue where existing custom roles were not displayed on load.
  • Improvement: Enhanced role synchronization to correctly merge stored configuration with WordPress roles.

1.0.1

  • Security: Fixed a privilege escalation vulnerability in role assignment logic.
  • Security: Enforced strict server-side capability checks for role modifications.
  • Security: Prevented assignment of restricted capabilities such as manage_options.
  • Security: Hardened AJAX endpoints with capability and nonce validation.
  • Hardening: Improved role validation and synchronization logic.
  • Hardening: Added rate limiting to AJAX endpoints.
  • Props: Thanks to 0xherc1337 and Steven Stern (sterndata) for responsibly reporting the issue.

1.0.0

  • Initial release
  • Multi-role assignment
  • Role grouping and ordering
  • Capability management system

Meta

Ratings

No reviews have been submitted yet.

Your review

See all reviews

Contributors

Support

Got something to say? Need help?

View support forum