Releases34
Frequency4 months 1 week
Last Release
Downloads972K
WPFront User Role Editor plugin allows you to easily manage WordPress user roles within your site.
You can create, edit or delete user roles and manage role capabilities.
Features
- Create new roles.
- Edit or rename existing roles.
- Clone existing roles.
- Manage capabilities.
- Allows you to add role capabilities.
- Change default user role.
- Add or Remove capabilities.
- Restore role.
- Assign multiple roles.
- Migrate users.
- Navigation menu permissions basic.
- Widget permissions basic.
- Login redirect basic.
- Admin menu editor. [PRO]
- Media library permissions. [PRO]
- User level permissions. [PRO]
- Navigation menu permissions advanced. [PRO]
- Widget permissions advanced. [PRO]
- Login redirect advanced. [PRO]
- Post/Page extended permissions. [PRO]
- Custom post type permissions. [PRO]
- Content restriction shortcodes. [PRO]
- Import/Export. [PRO]
- Multisite support. [PRO]
Compare User Role Editor Pro
Spanish tutorial
CVE History
| CVE | Published | CVSS v3 | CVSS v2 |
|---|---|---|---|
| 8.8 HIGH | — | ||
The WPFront User Role Editor plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.2.1. This is due to missing or incorrect nonce validation on the whitelist_options() function. This makes it possible for unauthenticated attackers to update the default role option that can be leveraged for privilege escalation via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. This is only exploitable on multisite instances. | |||