Custom Role Allowing Things It Shouldn’t Be

This is happening because the ‘edit’ capability allows adding new posts/pages. A quick google shows there are ways to remove the creation capability; I haven’t tested any of them.

Related Posts:

  1. allow editors to edit menus?
  2. How to change a user’s role?
  3. Is there way to rename user role name without plugin?
  4. How to create a clone role in wordpress
  5. How to add a Capability to a User Role?
  6. How can I get a list of users by their role?
  7. How to get role of user
  8. How to allow editor to edit privacy page / settings only?
  9. How do I make a draft post accessible to everyone?
  10. Reset default roles and capabilities
  11. How do I programmatically set default role for new users?
  12. add_role() run only once?
  13. What do unfiltered_html and unfiltered_upload actually filter?
  14. wp_update_user not updating
  15. Temporary capability for current_user_can()
  16. Create custom user role (client) that can create another custom user role (employee) of that client
  17. Is it possible to add new user Roles?
  18. Allow roles below admin to add subscribers only
  19. Temporarily give ‘manage_options’ capability
  20. REST API, get user role?
  21. Is WordPress’ is_user_logged_in() secure?
  22. How to force listing contributors in authors dropdown menu
  23. Hide specific admin users’ posts
  24. Allow authors to edit only certain users
  25. How do I allow a specific Role in WordPress 3+ to only see certain plugins?
  26. How to update role capabilities
  27. Allow editors access to added plugins
  28. Temporarily disable user role login and replace with message
  29. How to filter the role selector?
  30. How to loop through each user id?
  31. Code needed to only show users own posts in a multi-user account
  32. How can I change a user role upon visiting a page?
  33. How to let the Contributor role preview unpublished posts?
  34. Change role after the user has read all the posts in a category
  35. Do custom user roles have any default capabilities?
  36. Filter available WooCommerce payment gateways by role [closed]
  37. Ordering users of a specific role by last name
  38. How to programmatically add a user to a role?
  39. Restrict Author to pick from media library, but not upload media
  40. Can i copy administrator role to another user?
  41. how to add custom user capabilities using add_user_meta or something else?
  42. Assign Subscriber capabilities to a custom user role
  43. How to change role of all users with a specific role to another role?
  44. Allow user to Publish, but not Edit or Delete
  45. Roles at registration (classipress)
  46. How to allow registered users to change their user role through frontend?
  47. Remove Ability for Administrators to Delete Administrators
  48. Order users by custom user meta
  49. how to change user roles for users who doesn’t have any. (about 8000 users)
  50. List total number of users that are authors
  51. Email notification for editors only
  52. Shold I manually add ‘cap’ to admin role ?
  53. Custom Post Type’s Capabilities map_meta_cap issues
  54. I need to assign a role to visitors/guests
  55. Contributors missing from author dropdown
  56. How to make an author archive only for certain user role and show related CPT
  57. Getting a user role from the user login name
  58. Allow users to publish child pages of the pages they have access to edit
  59. Auto Delete Users (auto_delete_users)
  60. New Roles and Capabilities in WordPress
  61. Why is wp-login redirecting to the home page when I use this function?
  62. Is there a way to set the user Role based on email domain
  63. Allow contributor to view own scheduled post
  64. Editor and contributor roles not correct after adding function
  65. Adding multiple user roles dynamically
  66. WordPress Super Admin
  67. pre_get_posts Remove posts based on meta value with ‘post__not_in’
  68. How to add author role as a custom field to custom post type in wordpress?
  69. How to prevent users with “edit_others_posts” capability from editing admin posts
  70. How are roles stored in the database?
  71. Author Role – Allow editing of Gallery images
  72. How do I allow anyone to edit a post — but not access dashboard
  73. What is the difference between “create_users” and “add_users” capabilities?
  74. How to delete user roles?
  75. Access on specific pages in wordpress for a specific user
  76. How to get all users with Author role capabilities?
  77. How to display user role
  78. Change the user role after x days
  79. Get (echo) all role names assigned to user
  80. How to ‘unpublish’ or ‘hide’ posts when user role changes?
  81. Can’t manage to make translate_user_role() work
  82. Add Role inherits?
  83. similar to Editor can create any new user except administrator
  84. Conditional Tags for Membership Levels when using Wishlist Member Plugin?
  85. How to check if a role has a specific capability
  86. I am adding a new class to my body tag if the logged in user is subscriber, need help
  87. Expire a user’s secondary role after X days from it being allocated
  88. Locking Down WordPress Application Password Permissions / Capabilities
  89. How to Orderby User Role?
  90. Users Role and Access
  91. Prevent custom user role to add new pages
  92. Allow user to edit specific user with meta key using map_meta_cap
  93. How to remove sticky post capability for a specific user role?
  94. Can a user with admin role get ‘Sorry, you are not allowed to move this item to the Trash’ error when trashing a post?
  95. Hide Specific User Page
  96. Making shortcode of filtered number of comments by user role
  97. Let new user role to ‘edit_others_posts’ of other user role, not of its own type
  98. How to stop contributors editing post type but allowing them to edit a custom post type?
  99. How can I have different groups of editors only allowed to edit certain parent+subpages?
  100. How to let someone preview a draft?
Hata!: SQLSTATE[HY000] [1045] Access denied for user 'divattrend_liink'@'localhost' (using password: YES)