How to Grant Access to a Single Plugin in WordPress (Without Making Users Admins)
Content
A common challenge for WordPress site administrators is providing a user access to a single, specific plugin without granting them full administrator privileges. This is a frequent request for client sites, team members, or contributors who only need to manage bookings, update a calendar, or modify a form. Based on community discussions, this guide explains why this can be difficult and outlines the most effective strategies to achieve it.
Why Can't I Just Check a Box for a Plugin?
The core of the issue lies in how plugins are built and how WordPress handles permissions. WordPress uses a system of capabilities—fine-grained permissions like edit_posts or manage_options—to control access. Plugins don't appear as individual items in the role editor because they rely on these underlying capabilities.
Most often, the problem arises because many popular plugins use the powerful manage_options capability to protect their settings pages. As noted in discussions about plugins like WP Simple Booking Calendar and Redis Cache, granting this capability effectively gives a user near-administrator access to many parts of WordPress, defeating the purpose of limited access.
Common Solutions and Strategies
Your path forward depends entirely on how the target plugin was coded. Here are the most common solutions, from simplest to most complex.
1. Check the Plugin's Own Settings
This is the first and easiest thing to check. Some plugins, like Slider Revolution (as mentioned in a sample thread), have a built-in settings page where you can select which user role can access it. Look through the plugin's settings for an "Access" or "Permissions" tab.
2. Look for a Custom Capability Filter
Well-coded plugins provide a filter hook to change the capability they require. For example, a thread about WP Booking System shows a code snippet using the wpbs_menu_page_capability filter. You would need to:
- Identify if such a filter exists by checking the plugin's documentation or asking its support.
- Add a small code snippet to your theme's
functions.phpfile or a custom functionality plugin to change the required capability to something more appropriate, likeedit_pagesfor an Editor.
3. Create a Custom Role with Precise Capabilities
If the plugin uses a unique capability (not manage_options), you can create a new user role with User Role Editor. First, you must discover what capability the plugin uses. You can:
- Ask the plugin's developer or support team.
- Search the plugin's PHP files for keywords like
current_user_can,add_menu_page, orcapability.
Once you know the required capability, create a new role, grant it that single capability, and assign it to your user.
4. When a Plugin Uses manage_options: The Hard Limit
If a plugin hard-codes manage_options (as seen with CoSchedule and others), you cannot cleanly separate its access from other WordPress settings using capabilities alone. In this case, your options are limited:
- Request a Feature from the Plugin Developer: Politely ask them to implement a custom capability filter for better access control.
- Advanced Custom Code: A developer could theoretically use the
map_meta_capfilter to create complex rules, but this is not a beginner-friendly solution.
Conclusion and Best Practices
Granting access to a single plugin is rarely a one-click process. The solution is dictated by the plugin's code.
- Always check the plugin's own settings first.
- Investigate whether the plugin offers a filter to change its required capability.
- If you must grant a powerful capability like
manage_options, be aware that you are giving broad access to the WordPress backend. The only way to then hide other menu items would be through additional admin menu editing plugins or custom code. - When in doubt, contact the support for the specific plugin you are trying to grant access to. They will know best how their product handles permissions.
Understanding this relationship between plugins and capabilities is key to managing your WordPress site's security and user access effectively.
Related Support Threads Support
-
How to give access to author to see Newsletter plugin detailshttps://wordpress.org/support/topic/how-to-give-access-to-author-to-see-newsletter-plugin-details/
-
Allow access to a single plugin for one userhttps://wordpress.org/support/topic/allow-access-to-a-single-plugin-for-one-user/
-
Enable Editor to Manage WP Membershiphttps://wordpress.org/support/topic/enable-editor-to-manage-wp-membership-2/
-
Editor access to a plugin menuhttps://wordpress.org/support/topic/editor-access-to-a-plugin-menu/
-
Providing Access to only one plugin Slider Revolutionhttps://wordpress.org/support/topic/providing-access-to-only-one-plugin-slider-revolution/
-
Role Permissionhttps://wordpress.org/support/topic/role-permission-2/
-
Allowing access to options-general.phphttps://wordpress.org/support/topic/allowing-access-to-options-general-php/
-
Plugin Access | WP | All exporthttps://wordpress.org/support/topic/plugin-access-wp-all-export/
-
How to make a user access a plugin?https://wordpress.org/support/topic/how-to-make-a-user-access-a-plugin/
-
Editor role to add or delete plugins in wordpresshttps://wordpress.org/support/topic/editor-role-to-add-or-delete-plugins-in-wordpress/
-
Is it possible to allow a user to upload a plugin ONLY?https://wordpress.org/support/topic/is-it-possible-to-allow-a-user-to-upload-a-plugin-only/
-
access with /wp-adminhttps://wordpress.org/support/topic/access-with-wp-admin/
-
Simple Membershiphttps://wordpress.org/support/topic/simple-membership-4/
-
client access to one plugin onlyhttps://wordpress.org/support/topic/client-access-to-one-plugin-only/
-
Limit user access to only the Contact Form DB plugin?https://wordpress.org/support/topic/limit-user-access-to-only-the-contact-form-db-plugin/
-
does this plugin support shortcodes?https://wordpress.org/support/topic/does-this-plugin-support-shortcodes/
-
Edit Editor role to access a plugin?https://wordpress.org/support/topic/edit-editor-role-to-access-a-plugin/
-
Unlock foreign pluginhttps://wordpress.org/support/topic/unlock-foreign-plugin/
-
Dis-allow settingshttps://wordpress.org/support/topic/dis-allow-settings/
-
Plugin level permissionhttps://wordpress.org/support/topic/plugin-level-permission/
-
Access to a Single Pluginhttps://wordpress.org/support/topic/access-to-a-single-plugin/
-
Access to site statshttps://wordpress.org/support/topic/access-to-site-stats/
-
What’s the “minimum” role for the “Link target” permission?https://wordpress.org/support/topic/whats-the-minimum-role-for-the-link-target-permission/
-
Give authors/editors access to manage a pluginhttps://wordpress.org/support/topic/give-authors-editors-access-to-manage-a-plugin/
-
Grant access to pluginshttps://wordpress.org/support/topic/grant-access-to-plugins/
-
Allow user access to one specific pluginhttps://wordpress.org/support/topic/allow-user-access-to-one-specific-plugin/
-
Access to a single pluginhttps://wordpress.org/support/topic/access-to-a-single-plugin-2/
-
Wp Availability pluginhttps://wordpress.org/support/topic/wp-availability-plugin/
-
Granting access to advanced settings in another pluginhttps://wordpress.org/support/topic/granting-access-to-advanced-settings-in-another-plugin/
-
Deny access to page by role kicking in after content generatedhttps://wordpress.org/support/topic/deny-access-to-page-by-role-kicking-in-after-content-generated/
-
How can a user make changes in the plugin-settings?https://wordpress.org/support/topic/how-can-a-user-make-changes-in-the-plugin-settings/
-
Giving Editor access to some pluginshttps://wordpress.org/support/topic/giving-editor-access-to-some-plugins/
-
Access control for Userhttps://wordpress.org/support/topic/access-control-for-user/
-
option to enable the functions of a specific pluginhttps://wordpress.org/support/topic/option-to-enable-the-functions-of-a-specific-plugin/
-
Access to pluginshttps://wordpress.org/support/topic/access-to-plugins/
-
Role editorhttps://wordpress.org/support/topic/role-editor-5/
-
Allow user to backendhttps://wordpress.org/support/topic/allow-user-to-backend/
-
Can this plugin be used to assign usage of another plugin?https://wordpress.org/support/topic/can-this-plugin-be-used-to-assign-usage-of-another-plugin/
-
Is it possible to allow a user to view plugins, but not update, activate, etc?https://wordpress.org/support/topic/is-it-possible-to-allow-a-user-to-view-plugins-but-not-update-activate-etc/
-
role with no accesshttps://wordpress.org/support/topic/role-with-no-access/
-
Ask: permission check for schedule publishhttps://wordpress.org/support/topic/ask-permission-check-for-schedule-publish/
-
Not Restrictivehttps://wordpress.org/support/topic/not-restrictive/
-
Specific access permissionshttps://wordpress.org/support/topic/specific-access-permissions/
-
Editors access to Ad Inserter plugin?https://wordpress.org/support/topic/editors-access-to-ad-inserter-plugin/
-
Create user access to a single pluginhttps://wordpress.org/support/topic/create-user-access-to-a-single-plugin/
-
how to enable some role to user certain plugin?https://wordpress.org/support/topic/how-to-enable-some-role-to-user-certain-plugin/
-
Specific plugin usage autorization.https://wordpress.org/support/topic/specific-plugin-usage-autorization/